50 lines
1.3 KiB
YAML
50 lines
1.3 KiB
YAML
# https://kubernetes.io/docs/concepts/services-networking/ingress
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: webhook-flux-receiver
|
|
namespace: flux-system
|
|
annotations:
|
|
# https://cert-manager.io/docs/usage/ingress/#supported-annotations
|
|
# https://github.com/cert-manager/cert-manager/issues/2239
|
|
cert-manager.io/cluster-issuer: letsencrypt-http
|
|
cert-manager.io/private-key-algorithm: ECDSA
|
|
cert-manager.io/private-key-size: 384
|
|
kubernetes.io/ingress.class: traefik
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- flux.k8s.forgejo.org
|
|
secretName: tls-forgejo-flux-ingress-http
|
|
rules:
|
|
- host: flux.k8s.forgejo.org
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
# pre-defined by flux
|
|
name: webhook-receiver
|
|
port:
|
|
name: http
|
|
---
|
|
apiVersion: notification.toolkit.fluxcd.io/v1
|
|
kind: Receiver
|
|
metadata:
|
|
name: forgejo-flux-receiver
|
|
namespace: flux-system
|
|
spec:
|
|
type: github
|
|
events:
|
|
- "ping"
|
|
- "push"
|
|
secretRef:
|
|
name: webhook-flux-token
|
|
resources:
|
|
- apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: GitRepository
|
|
# matching the GitRepository in gotk-sync.yaml
|
|
name: flux-system
|