From 6c7c8f97cfed846882df7a65040ca3ed8b206e43 Mon Sep 17 00:00:00 2001
From: Georgiana Dolocan <georgiana.dolocan@gmail.com>
Date: Tue, 1 Oct 2024 16:03:59 +0300
Subject: [PATCH] Setup cluster and support chart

---
 config/clusters/strudel/cluster.yaml          | 27 +++++++++++++++
 .../strudel/enc-grafana-token.secret.yaml     | 15 ++++++++
 .../strudel/enc-support.secret.values.yaml    | 17 ++++++++++
 config/clusters/strudel/support.values.yaml   | 34 +++++++++++++++++++
 4 files changed, 93 insertions(+)
 create mode 100644 config/clusters/strudel/cluster.yaml
 create mode 100644 config/clusters/strudel/enc-grafana-token.secret.yaml
 create mode 100644 config/clusters/strudel/enc-support.secret.values.yaml
 create mode 100644 config/clusters/strudel/support.values.yaml

diff --git a/config/clusters/strudel/cluster.yaml b/config/clusters/strudel/cluster.yaml
new file mode 100644
index 000000000..745750751
--- /dev/null
+++ b/config/clusters/strudel/cluster.yaml
@@ -0,0 +1,27 @@
+name: strudel
+provider: aws # https://2i2c.awsapps.com/start#/
+aws:
+  key: enc-deployer-credentials.secret.json
+  clusterType: eks
+  clusterName: strudel
+  region: us-west-2
+  billing:
+    paid_by_us: true
+support:
+  helm_chart_values_files:
+    - support.values.yaml
+    - enc-support.secret.values.yaml
+hubs:
+  []
+  # Uncomment the lines below once the support infrastructure was deployed and
+  # you are ready to add the first cluster
+
+  # - name: <hub_name>
+  #   # Tip: consider changing this to something more human friendly
+  #   display_name: "strudel - <hub_name>"
+  #   domain: <hub_name>.strudel.2i2c.cloud
+  #   helm_chart: basehub
+  #   helm_chart_values_files:
+  #     - common.values.yaml
+  #     - <hub_name>.values.yaml
+  #     - enc-<hub_name>.secret.values.yaml
diff --git a/config/clusters/strudel/enc-grafana-token.secret.yaml b/config/clusters/strudel/enc-grafana-token.secret.yaml
new file mode 100644
index 000000000..03f50d351
--- /dev/null
+++ b/config/clusters/strudel/enc-grafana-token.secret.yaml
@@ -0,0 +1,15 @@
+grafana_token: ENC[AES256_GCM,data:irWWJLHCQeeaW37qi0BHDiLfFdJ9vctBjEI0owv+2xSY1MerlE3MY+Mmi20lTg==,iv:5KPENEOcETgtEkVti1prJ0qsmm5+lSepUTZ/5O3TIvA=,tag:OgeLAIgFpek4zyG5rhtY7w==,type:str]
+sops:
+    kms: []
+    gcp_kms:
+        - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
+          created_at: "2024-10-01T12:59:53Z"
+          enc: CiUA4OM7eNrdiaLiPocfJTCLBwuM9YbI9qK1iBBp8+xYLziPl3ncEkkA5dG1Q93A5dIvMNu3945Iw/yUFQLgEofvzwhJYfegRLvKywnyzPmRHo2IfphssdM5Pe0JXpxywt0jv2nXEGyX+z2z+iYuGDD0
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2024-10-01T12:59:53Z"
+    mac: ENC[AES256_GCM,data:oNJ6wS4gCnMYyGOcWnDcP3X5HWT7bHPNjA/CTrljKEftzp0HtZJab66rJe94jgNnti007HfV34BD+tkikYPXo/8MAEcKROJ++Hj/JbUDOR0vYpcYQuOJTlYKGH52g41WlsENgRSxulO+wb7OQykokQNR98ihOCrrq0mmLXj3fG4=,iv:/xfa4gtfSakXKTz+8To4PeARl1U84p0EjWaXTbGtN8M=,tag:kq71ofPuXPpGnop38HDw4Q==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1
diff --git a/config/clusters/strudel/enc-support.secret.values.yaml b/config/clusters/strudel/enc-support.secret.values.yaml
new file mode 100644
index 000000000..0b0083d58
--- /dev/null
+++ b/config/clusters/strudel/enc-support.secret.values.yaml
@@ -0,0 +1,17 @@
+prometheusIngressAuthSecret:
+    username: ENC[AES256_GCM,data:RagJNkNWnDQQhDKNBa/C3OWom8PaXyBCNIG8e/blM1MzO2k8tL/CVKU+BMMHTyldOm/T1wuLlnwKhyVcqK2puQ==,iv:5hT2IJPZM1vrywr1E5YeoSnLya5FE6nic1GjURTP/jQ=,tag:nZXWjP9ewxgc67MROlldUQ==,type:str]
+    password: ENC[AES256_GCM,data:jmosU2aQZy+JVYfEaY+TANdQjM3zdfKW68+7adKbQUpXk9C+31VuDtTxMsnuuj+90E8GlCuzJSikEUmEt95v8w==,iv:TaRGGIQLgaGbdK6qY1eZ0A4Bp+WavwJTPdEhismeNhU=,tag:/BnvmxLD+yreNvbz0CieUw==,type:str]
+sops:
+    kms: []
+    gcp_kms:
+        - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
+          created_at: "2024-10-01T12:10:40Z"
+          enc: CiUA4OM7eGXBxjEDNyx0Oz9+3To+ZtgJesA4jNahoZs8jXtr0MixEkgA5dG1Q77AFs6f/oCbIoHxf24xIf3P5kbKRxO2YcS3w93MoMHSdSETfOTBBi2qNJSE5WSdqzhFvUYQhBCYLbZDDEa3NeSnPyI=
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2024-10-01T12:10:41Z"
+    mac: ENC[AES256_GCM,data:xthk4pWv0PawZjq4HXMo7JXgrDu7mpTBJKEO8ZoNq0OBLn4vvZMnCze7PCoFEjFm7Pw4C3BeyyUd1f4UXoXk8jp4T/snJxZmYnSAaSqAPv4wDsFB4/yAAxbwWgqrjpIVvUTOeTEBQfgaVhUs+fiIotk76wi3oqYWsQFUZxKiiBs=,iv:Uu8uwR9YpHE05VrZ6kjUHF/EzlLGKAfGELYJvP/tuKE=,tag:mlRfOuo0M2rmEsMdiqyPfA==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1
diff --git a/config/clusters/strudel/support.values.yaml b/config/clusters/strudel/support.values.yaml
new file mode 100644
index 000000000..708d952fa
--- /dev/null
+++ b/config/clusters/strudel/support.values.yaml
@@ -0,0 +1,34 @@
+prometheusIngressAuthSecret:
+  enabled: true
+
+prometheus:
+  server:
+    ingress:
+      enabled: true
+      hosts:
+        - prometheus.strudel.2i2c.cloud
+      tls:
+        - secretName: prometheus-tls
+          hosts:
+            - prometheus.strudel.2i2c.cloud
+
+grafana:
+  grafana.ini:
+    server:
+      root_url: https://grafana.strudel.2i2c.cloud/
+  auth.github:
+    enabled: true
+    allowed_organizations: 2i2c-org
+  ingress:
+    hosts:
+      - grafana.strudel.2i2c.cloud
+    tls:
+      - secretName: grafana-tls
+        hosts:
+          - grafana.strudel.2i2c.cloud
+
+cluster-autoscaler:
+  enabled: true
+  autoDiscovery:
+    clusterName: strudel
+  awsRegion: us-west-2