version: 1 kind: hwlab-node-control-plane metadata: owner: unidesk relatedIssues: - 290 - 491 - 1119 imagePolicy: requireReproducibleBuildSource: true forbidPrivateOrNodeLocalImagesAsInputs: true allowNodeLocalRegistryAsBuildOutput: true requiredSourceKinds: - dockerfile - docker-compose nodes: D601: route: D601 kubeRoute: D601:k3s k3s: serviceName: k3s dropInPath: /etc/systemd/system/k3s.service.d/20-unidesk-node-config.conf nodeStatusName: d601 execStartPre: - - -/usr/bin/umount - /Docker/host serverArgs: - server - --disable - traefik - --disable - servicelb - --disable - metrics-server - --node-name - D601 - --node-label - unidesk.ai/node-id=D601 - --node-label - unidesk.ai/provider-id=D601 - --tls-san - 127.0.0.1 - --tls-san - host.docker.internal - --write-kubeconfig-mode - "644" - --kubelet-arg - image-gc-high-threshold=95 - --kubelet-arg - image-gc-low-threshold=90 - --kubelet-arg - max-pods=500 kubelet: maxPods: 500 registry: endpoint: 127.0.0.1:5000 egressProxy: mode: k8s-service-cluster-ip clientName: d601-global-proxy namespace: platform-infra serviceName: sub2api-egress-proxy port: 10808 sourceRef: platform-infra/master-vpn-subscription.env sourceKey: MASTER_VPN_SUBSCRIPTION_URL sourceType: subscription-url noProxy: - localhost - 127.0.0.1 - ::1 - 127.0.0.1:5000 - localhost:5000 - .svc - .svc.cluster.local - .cluster.local - kubernetes - kubernetes.default - kubernetes.default.svc - 10.0.0.0/8 - 10.42.0.0/16 - 10.43.0.0/16 - 172.16.0.0/12 - 192.168.0.0/16 - 82.156.23.220 - 74.48.78.17 - registry.npmmirror.com - cdn.npmmirror.com - hyueapi.com - .hyueapi.com targets: - id: d601-v03 node: D601 lane: v03 enabled: true ciNamespace: hwlab-ci runtimeNamespace: hwlab-v03 source: repository: pikasTech/HWLAB branch: v0.3 gitops: branch: v0.3-gitops path: deploy/gitops/node/d601/runtime-v03 gitMirror: namespace: devops-infra serviceReadName: git-mirror-http serviceWriteName: git-mirror-write cachePvcName: hwlab-git-mirror-cache cachePvcStorage: 20Gi cacheHostPath: /var/lib/rancher/k3s/storage/hwlab-d601-v03-git-mirror-cache servicePort: 8080 deploymentReplicas: 1 secretName: git-mirror-github-ssh syncConfigMapName: git-mirror-sync-script syncJobPrefix: git-mirror-hwlab-d601-v03-sync-manual flushJobPrefix: git-mirror-hwlab-d601-v03-flush-manual readUrl: http://git-mirror-http.devops-infra.svc.cluster.local/pikasTech/HWLAB.git writeUrl: http://git-mirror-write.devops-infra.svc.cluster.local/pikasTech/HWLAB.git egressProxy: mode: direct required: false githubTransport: mode: ssh tekton: pipelineName: hwlab-d601-v03-ci-image-publish serviceAccountName: hwlab-d601-v03-tekton-runner pipelineRunPrefix: hwlab-d601-v03-ci-poll toolsImage: output: 127.0.0.1:5000/hwlab/hwlab-ci-node-tools:node22-alpine-bun-v1 imagePullPolicy: Always sourceKind: dockerfile context: . dockerfileInline: filename: hwlab-ci-node-tools.public.Dockerfile lines: - FROM docker.io/library/golang:1.24-bookworm AS golang-toolchain - FROM 127.0.0.1:5000/hwlab/hwlab-ci-node-tools:node22-alpine-bun-v1 - ARG HTTP_PROXY - ARG HTTPS_PROXY - ARG ALL_PROXY - ARG NO_PROXY - ARG http_proxy - ARG https_proxy - ARG all_proxy - ARG no_proxy - COPY --from=golang-toolchain /usr/local/go /usr/local/go - ENV PATH=/usr/local/go/bin:$PATH - RUN ln -sf /usr/local/bin/bun /usr/local/bin/bunx - ENV HWLAB_CI_NODE_DEPS=/opt/hwlab-ci-node-deps/node_modules - RUN set -eu; export HTTP_PROXY="${HTTP_PROXY:-${http_proxy:-}}"; export HTTPS_PROXY="${HTTPS_PROXY:-${https_proxy:-$HTTP_PROXY}}"; export ALL_PROXY="${ALL_PROXY:-${all_proxy:-}}"; export NO_PROXY="${NO_PROXY:-${no_proxy:-}}"; export http_proxy="$HTTP_PROXY"; export https_proxy="$HTTPS_PROXY"; export all_proxy="$ALL_PROXY"; export no_proxy="$NO_PROXY"; export npm_config_registry="https://registry.npmmirror.com/"; export BUN_CONFIG_REGISTRY="https://registry.npmmirror.com/"; export NO_PROXY="${NO_PROXY:+$NO_PROXY,}registry.npmmirror.com,cdn.npmmirror.com"; export no_proxy="$NO_PROXY"; export npm_config_noproxy="$NO_PROXY"; export npm_config_proxy=""; export npm_config_https_proxy=""; export HTTP_PROXY=""; export HTTPS_PROXY=""; export ALL_PROXY=""; export http_proxy=""; export https_proxy=""; export all_proxy=""; export npm_config_fetch_retries=2; export npm_config_fetch_retry_mintimeout=2000; export npm_config_fetch_retry_maxtimeout=16000; export npm_config_fetch_timeout=120000; mkdir -p /opt/hwlab-ci-node-deps; cd /opt/hwlab-ci-node-deps; printf '{"private":true,"dependencies":{}}\n' > package.json; ok=0; delay=2; for attempt in 1 2 3 4 5; do echo "{\"event\":\"tools-yaml-node-npm-install\",\"attempt\":\"$attempt/5\",\"registry\":\"$npm_config_registry\",\"proxy\":\"direct\"}" >&2; if timeout 180s npm install --package-lock=false --no-save --ignore-scripts --no-audit --no-fund --omit=dev yaml@2.8.3; then ok=1; break; fi; if [ "$attempt" = 5 ]; then break; fi; echo "{\"event\":\"tools-yaml-node-npm-install\",\"status\":\"retrying\",\"attempt\":\"$attempt/5\",\"sleepSeconds\":$delay}" >&2; sleep "$delay"; delay=$((delay * 2)); done; test "$ok" = 1; node --input-type=module -e 'import("/opt/hwlab-ci-node-deps/node_modules/yaml/browser/dist/index.js").then((yaml)=>console.log("yaml-ok", typeof yaml.parse))' - RUN node --version && npm --version && bun --version && git --version && python3 --version && docker --version && ssh -V && go version buildArgs: {} buildNetwork: host publicBaseImages: - docker.io/library/node:22-bookworm-slim - docker.io/library/golang:1.24-bookworm - docker.io/oven/bun:1.3.13 - docker.io/buildpack-deps:bookworm-scm - docker.io/library/python:3.12-slim-bookworm - docker.io/docker:29-cli buildOwner: D601 buildMode: node-local argo: namespace: argocd projectName: hwlab-d601 applicationName: hwlab-node-v03 applicationFile: application-v03.yaml install: enabled: true sourceKind: url version: v3.4.2 manifestUrl: https://raw.githubusercontent.com/argoproj/argo-cd/v3.4.2/manifests/install.yaml fieldManager: unidesk-hwlab-node-argocd imagePullPolicy: IfNotPresent preloadImages: - 127.0.0.1:5000/hwlab/argocd:v3.4.2 - 127.0.0.1:5000/hwlab/dex:v2.45.0 - 127.0.0.1:5000/hwlab/redis:8.2.3-alpine imageRewrites: - source: quay.io/argoproj/argocd:v3.4.2 pullImage: quay.m.daocloud.io/argoproj/argocd:v3.4.2 target: 127.0.0.1:5000/hwlab/argocd:v3.4.2 - source: ghcr.io/dexidp/dex:v2.45.0 pullImage: ghcr.m.daocloud.io/dexidp/dex:v2.45.0 target: 127.0.0.1:5000/hwlab/dex:v2.45.0 - source: public.ecr.aws/docker/library/redis:8.2.3-alpine pullImage: docker.m.daocloud.io/library/redis:8.2.3-alpine target: 127.0.0.1:5000/hwlab/redis:8.2.3-alpine requiredCrds: - applications.argoproj.io - appprojects.argoproj.io expectedDeployments: - argocd-applicationset-controller - argocd-dex-server - argocd-notifications-controller - argocd-redis - argocd-repo-server - argocd-server expectedStatefulSets: - argocd-application-controller readinessTimeoutSeconds: 600