Adding CI and values for Halloween static site

.drone.yml

@@ -2,7 +2,6 @@
 kind: pipeline
 type: docker
 name: default
-service_account_name: dronesome-app
 
 steps:
   - name: lint
@@ -11,56 +10,32 @@ steps:
       - pip3 install yamllint==1.29.0
       - yamllint .
 
-  # yamllint disable rule:line-length
-  # - name: deploy
-  #   image: alpine/k8s:1.31.2
-  #   environment:
-  #     CACRT:
-  #       from_secret: clusterprism_some-app_kubernetes_ca_cert
-  #     TOKEN:
-  #       from_secret: clusterprism_some-app_kubernetes_token
-  #  # yamllint disable rule:line-length
-  #   commands:
-  #     - kubectl config set-cluster clusterprism --server=https://192.168.1.201:6443
-  #     - kubectl config set-credentials drone-some-app --token=$TOKEN
-  #     - kubectl config set-context clusterprism --user=drone-some-app --cluster=clusterprism
-  #     - kubectl config use-context clusterprism
-  #    - echo $CACRT > cacert.pem
-  #      - kubectl config set-context clusterprism --certificate-authority=cacert.pem
-  #     - kubectl config set clusters.clusterprism.insecure-skip-tls-verify true
-  #     - helm repo add bjw-s https://bjw-s.github.io/helm-charts
-  #     - helm upgrade some-app --install bjw-s/app-template -n localassist -f clusterprism_some-app_values.yaml --version 3.6.1
-  #  # yamllint enable rule:line-length
-  #   when:
-  #     branch:
-  #       - main
-  # yamllint enable rule:line-length
-
-
-  # yamllint disable rule:line-length
-  # - name: rawkubectl
-  #   image: alpine/k8s:1.31.2
-  #   environment:
-  #     CACRT:
-  #       from_secret: clusterprism_some-app_ca_cert
-  #     TOKEN:
-  #       from_secret: clusterprism_some-app_kubernetes_token
-  #   commands:
-  #     - 'kubectl config set-cluster clusterprism
-  #          --server=https://192.168.1.201:6443'
-  #     - kubectl config set-credentials dronesome-app --token=$TOKEN
-  #     - 'kubectl config set-context clusterprism
-  #          --user=dronesome-app --cluster=clusterprism'
-  #     - kubectl config use-context clusterprism
-  #     - echo $CACRT > cacert.pem
-  #     - 'kubectl config set-context clusterprism
-  #          --certificate-authority=cacert.pem'
-  #     - kubectl config set clusters.clusterprism.insecure-skip-tls-verify true
-  #     - kubectl apply -f raw_kubectl/manifest.yml
-  #   when:
-  #     branch:
-  #       - main
-  # yamllint enable rule:line-length- name: rawkubectl
+  - name: deploy
+    image: alpine/k8s:1.31.2
+    environment:
+      CACRT:
+        from_secret: clusterprism_halloween_kubernetes_ca_cert
+      TOKEN:
+        from_secret: clusterprism_halloween_kubernetes_token
+    commands:
+      - kubectl config set-cluster clusterprism --server=https://192.168.1.201:6443
+      - kubectl config set-credentials drone-halloween --token=$TOKEN
+      - |
+        kubectl config set-context clusterprism --user=drone-halloween
+        --cluster=clusterprism
+      - kubectl config use-context clusterprism
+      - echo $CACRT > cacert.pem
+      - |
+        kubectl config set-context clusterprism
+        --certificate-authority=cacert.pem
+      - kubectl config set clusters.clusterprism.insecure-skip-tls-verify true
+      - helm repo add bjw-s https://bjw-s.github.io/helm-charts
+      - |
+        helm upgrade halloween-static-site --install onechart/static-site
+        -n halloween -f clusterprism_halloween_values.yaml
+    when:
+      branch:
+        - main
 
   - name: notify
     image: plugins/webhook

clusterprism_halloween_values.yaml

@@ -0,0 +1,47 @@
+---
+podSecurityContext:
+  runAsUser: 2000
+  runAsGroup: 2000
+  fsGroup: 2000
+  fsGroupChangePolicy: "OnRootMismatch"
+  runAsNonRoot: true
+
+securityContext:
+  privileged: false
+  allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: false
+  capabilities:
+    drop:
+      - ALL
+  seccompProfile:
+    type: "RuntimeDefault"
+
+ingress:
+  host: halloween.dajeffers.com
+  ingressClassName: nginx
+  tlsEnabled: true
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-cloudflare-prod
+
+resources:
+  requests:
+    cpu: null
+    memory: 200Mi
+  limits:
+    cpu: 200m
+    memory: 200Mi
+
+# values to build and deploy static sites
+gitCloneUrl: ssh://git@git.sadmin.pro:2222/DaJeffers/halloween.dajeffers.com.git
+buildScript: |
+  # !/usr/bin/env bash
+  # pre -reqs
+  apt-get update && apt-get install -y wget
+  # Setting up Hugo
+  wget https://github.com/gohugoio/hugo/releases/download/v0.145.0/hugo_0.145.0_linux-arm64.tar.gz &&
+  tar -xzf hugo_0.145.0_linux-arm64.tar.gz &&
+  chmod +x hugo
+  ./hugo
+
+vars:
+  TZ: 'America/New_York'

clusterprism_helm_values.yaml

@@ -1,62 +0,0 @@
----
-controllers:
-  some-app:
-    containers:
-      app:
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          readOnlyRootFilesystem: false
-          capabilities:
-            drop:
-              - ALL
-          seccompProfile:
-            type: "RuntimeDefault"
-        image:
-          repository: some/image
-          tag: latest
-        args:
-          - some
-          - argument
-        env:
-          TZ: America/New_York
-        probes: &probes
-          liveness:
-            enabled: true
-          readiness:
-            enabled: true
-          startup:
-            enabled: true
-            spec:
-              failureThreshold: 30
-              periodSeconds: 5
-        resources:
-          limits:
-            memory: 3Gi
-          requests:
-            cpu: 100m
-            memory: 500Mi
-    pod:
-      securityContext:
-        runAsUser: 568
-        runAsGroup: 568
-        fsGroup: 568
-        fsGroupChangePolicy: "OnRootMismatch"
-        runAsNonRoot: true
-
-service:
-  app:
-    controller: some-app
-    ports:
-      http:
-        port: 42069
-        protocol: TCP
-
-# -- Configure persistence settings for the chart under this key.
-persistence:
-  config:
-    type: persistentVolumeClaim
-    accessMode: ReadWriteOnce
-    size: 1Gi
-    globalMounts:
-      - path: /data