e88749b134
- Traefik IngressRoute for api.aicodebattle.com with CORS, security headers, and rate limiting (100 req/min) - cert-manager Certificate (Let's Encrypt prod, ECDSA P-256) - Argo Events webhook EventSource + Sensor (triggers on master push) - Argo Workflows: parallel Kaniko builds for all 10 container images plus web SPA site build, with layer caching - CI ServiceAccount + RBAC for workflow execution - Registry credentials SealedSecret template Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
166 lines
7.4 KiB
YAML
166 lines
7.4 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Sensor
|
|
metadata:
|
|
name: acb-ci
|
|
namespace: ai-code-battle
|
|
labels:
|
|
app.kubernetes.io/name: acb-ci
|
|
app.kubernetes.io/part-of: ai-code-battle
|
|
app.kubernetes.io/component: ci
|
|
spec:
|
|
dependencies:
|
|
- name: push
|
|
eventSourceName: acb-webhook
|
|
eventName: acb-push
|
|
filters:
|
|
data:
|
|
- path: body.ref
|
|
type: string
|
|
value:
|
|
- "refs/heads/master"
|
|
triggers:
|
|
- template:
|
|
name: build-images
|
|
argoWorkflow:
|
|
operation: submit
|
|
source:
|
|
resource:
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: Workflow
|
|
metadata:
|
|
generateName: acb-build-
|
|
namespace: ai-code-battle
|
|
spec:
|
|
serviceAccountName: acb-ci
|
|
entrypoint: build-all
|
|
arguments:
|
|
parameters:
|
|
- name: commit-sha
|
|
value: ""
|
|
- name: registry
|
|
value: forgejo.ardenone.com/ai-code-battle
|
|
templates:
|
|
- name: build-all
|
|
dag:
|
|
tasks:
|
|
- name: build-api
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: .
|
|
- name: dockerfile
|
|
value: cmd/acb-api/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-api:{{workflow.parameters.commit-sha}}"
|
|
- name: build-worker
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: .
|
|
- name: dockerfile
|
|
value: cmd/acb-worker/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-worker:{{workflow.parameters.commit-sha}}"
|
|
- name: build-indexer
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: .
|
|
- name: dockerfile
|
|
value: cmd/acb-indexer/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-indexer:{{workflow.parameters.commit-sha}}"
|
|
- name: build-bot-random
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: bots/random
|
|
- name: dockerfile
|
|
value: bots/random/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-strategy-random:{{workflow.parameters.commit-sha}}"
|
|
- name: build-bot-gatherer
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: bots/gatherer
|
|
- name: dockerfile
|
|
value: bots/gatherer/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-strategy-gatherer:{{workflow.parameters.commit-sha}}"
|
|
- name: build-bot-rusher
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: bots/rusher
|
|
- name: dockerfile
|
|
value: bots/rusher/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-strategy-rusher:{{workflow.parameters.commit-sha}}"
|
|
- name: build-bot-guardian
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: bots/guardian
|
|
- name: dockerfile
|
|
value: bots/guardian/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-strategy-guardian:{{workflow.parameters.commit-sha}}"
|
|
- name: build-bot-swarm
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: bots/swarm
|
|
- name: dockerfile
|
|
value: bots/swarm/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-strategy-swarm:{{workflow.parameters.commit-sha}}"
|
|
- name: build-bot-hunter
|
|
templateRef:
|
|
name: acb-build-image
|
|
template: kaniko-build
|
|
arguments:
|
|
parameters:
|
|
- name: context
|
|
value: bots/hunter
|
|
- name: dockerfile
|
|
value: bots/hunter/Dockerfile
|
|
- name: image
|
|
value: "{{workflow.parameters.registry}}/acb-strategy-hunter:{{workflow.parameters.commit-sha}}"
|
|
- name: build-site
|
|
templateRef:
|
|
name: acb-build-site
|
|
template: npm-build
|
|
arguments:
|
|
parameters:
|
|
- name: commit-sha
|
|
value: "{{workflow.parameters.commit-sha}}"
|
|
parameters:
|
|
- src:
|
|
dependencyName: push
|
|
dataKey: body.after
|
|
dest: spec.arguments.parameters.0.value
|