Will Arroyo warroyo

43 followers · 6 following

@pivotal @vmware
Denver,CO

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

warroyo / server-template-probes.yml

Created June 27, 2023 20:38

workload template to support readiness probes

	apiVersion: carto.run/v1alpha1
	kind: ClusterConfigTemplate
	metadata:
	annotations:
	doc: \|
	This template consumes an input named config which contains a
	PodTemplateSpec and returns a ConfigMap which contains a
	"delivery.yml" which contains a manifests for a Kubernetes
	Deployment which will run the templated pod, and a "service.yml"
	Kubernetes Service to expose the pods on the network.

warroyo / Tiltfile

Created March 28, 2023 14:14

	SOURCE_IMAGE = 'dev.registry.pivotal.io/warroyo/iterate/sme-fe-code'
	LOCAL_PATH = os.getenv("LOCAL_PATH", default='.')
	NAMESPACE = os.getenv("NAMESPACE", default='default')

	k8s_custom_deploy(
	'sme-frontend-code',
	apply_cmd="tanzu apps workload apply -f config/workload.yaml" +
	" --local-path " + LOCAL_PATH +
	" --source-image " + SOURCE_IMAGE +
	" --namespace " + NAMESPACE +

warroyo / iterate.yml

Created March 23, 2023 13:02

	profile: iterate

	shared:
	ingress_domain: "iterate.eks.tapmc.aws.warroyo.com"

	ceip_policy_disclosed: TRUE # Installation fails if this is not set to true. Not a string.
	buildservice:
	kp_default_repository: "dev.registry.pivotal.io/warroyo/iterate"
	kp_default_repository_username: ""
	kp_default_repository_password: ""

warroyo / issuer.yaml

Created March 2, 2023 14:17

	---
	apiVersion: v1
	data:
	secret-access-key: ""
	kind: Secret
	metadata:
	name: prod-route53-credentials-secret
	namespace: cert-manager
	---
	apiVersion: cert-manager.io/v1

warroyo / tiltfile

Created January 9, 2023 20:24

	SOURCE_IMAGE = os.getenv("SOURCE_IMAGE", default='dev.registry.pivotal.io/warroyo/tap-go-sample-source')
	LOCAL_PATH = os.getenv("LOCAL_PATH", default='./build')
	NAMESPACE = os.getenv("NAMESPACE", default='default')

	# (Re)build locally when source code changes
	local_resource('go-build',
	cmd='GOOS=linux GOARCH=amd64 go build -o ./build/ -buildmode pie .',
	deps=['./main.go','./pkg/'],
	ignore=['./build'],
	dir='.'

warroyo / dv.yml

Last active July 8, 2022 19:37

ytt testing

	#@data/values
	---
	extrapools:
	- name: tkg-aws-wc-np-1
	replicas: 2
	az: us-west-2b
	nodeMachineType: t3.large
	autoscaler_min_size: 2
	autoscaler_max_size: 5
	tags:

warroyo / update-issuer.yml

Created November 15, 2021 22:05

update harbor cert issuer

	#@ load("@ytt:overlay", "overlay")
	#@ load("/values.star", "values")

	#@ harbor_tls_cert = overlay.subset({"kind": "Certificate", "metadata": {"name": "harbor-tls-cert"}})

	#@overlay/match by=harbor_tls_cert
	---
	spec:
	issuerRef:
	name: #@ values.customIssuer

warroyo / constraint.yml

Created October 27, 2021 15:55

OPA policy to allow actions based on the users groups

	#this is just an example, you will want to update the kinds and api groups accordingly as well as add excluded namepsaces
	apiVersion: constraints.gatekeeper.sh/v1beta1
	kind: allowedgroups
	metadata:
	name: must-be-memberof
	spec:
	match:
	kinds:
	- apiGroups: [""]
	kinds: ["Namespace"]

warroyo / stats-filter-7.yml

Last active October 7, 2021 17:54

stats-filter for TSM

	apiVersion: networking.istio.io/v1alpha3
	kind: EnvoyFilter
	metadata:
	name: stats-filter-1.7
	namespace: istio-system
	labels:
	istio.io/rev: default
	spec:
	configPatches:
	- applyTo: HTTP_FILTER

warroyo / perms.json

Last active September 28, 2021 15:14

tsm permissions

	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid" : "AllowTanzuServiceMeshPermissions",
	"Effect": "Allow",
	"Action": [
	"route53:ListHostedZones",
	"route53:ListHostedZonesByName",
	"route53:ListResourceRecordSets",