fix: deploy/app, added continuos-deploy gitea workflow template
This commit is contained in:
34
.gitea/workflows/app-continous-deploy.yaml
Normal file
34
.gitea/workflows/app-continous-deploy.yaml
Normal file
@@ -0,0 +1,34 @@
|
|||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
pull_request:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
jobs:
|
||||||
|
continuous-deploy:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: git.limbosolutions.com/kb/gitea/act:latest-network-stack
|
||||||
|
env:
|
||||||
|
GITHUB_TEMP: ${{ runner.temp }} # fix missing GITHUB_TEMP on gitea
|
||||||
|
steps:
|
||||||
|
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: limbo public actions
|
||||||
|
env:
|
||||||
|
WORKSPACE: "${{ gitea.workspace }}"
|
||||||
|
run: |
|
||||||
|
curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1
|
||||||
|
|
||||||
|
|
||||||
|
# my custom actions https://git.limbosolutions.com/kb/gitea/raw/branch/main
|
||||||
|
- name: Configure kubectl config
|
||||||
|
uses: ./.gitea/limbo_actions/kubectl-setup
|
||||||
|
with:
|
||||||
|
kube_server: ${{ secrets.HOSTING_KUBE_SERVER }}
|
||||||
|
kube_ca_base64: ${{ secrets.HOSTING_KUBE_CA_BASE64 }}
|
||||||
|
kube_token: ${{ secrets.HOSTING_KUBE_TOKEN }}
|
||||||
|
|
||||||
@@ -30,7 +30,6 @@ Using [gitea](https://git.limbosolutions.com/kb/gitea) as git server.
|
|||||||
### Continuous Deploy
|
### Continuous Deploy
|
||||||
|
|
||||||
Executes [App Deploy](#app) using [Gitea workflow](./.gitea/workflows/app-deploy.yaml).
|
Executes [App Deploy](#app) using [Gitea workflow](./.gitea/workflows/app-deploy.yaml).
|
||||||
kubectl get secret continuous-deploy -o jsonpath='{.data.token}' | base64 -d
|
|
||||||
|
|
||||||
### Infra
|
### Infra
|
||||||
|
|
||||||
|
|||||||
@@ -58,7 +58,10 @@ service:
|
|||||||
port: 2222
|
port: 2222
|
||||||
annotations:
|
annotations:
|
||||||
metallb.universe.tf/allow-shared-ip: test
|
metallb.universe.tf/allow-shared-ip: test
|
||||||
|
http:
|
||||||
|
clusterIP: "" # empty string → Kubernetes assigns a routable ClusterIP
|
||||||
|
type: ClusterIP
|
||||||
|
port: 3000
|
||||||
gitea:
|
gitea:
|
||||||
admin:
|
admin:
|
||||||
username: "???"
|
username: "???"
|
||||||
@@ -126,6 +129,21 @@ gitea:
|
|||||||
PASSWORD_HASH_ALGO: "???"
|
PASSWORD_HASH_ALGO: "???"
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
enabled: false
|
enabled: true
|
||||||
|
className: traefik
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: traefik
|
||||||
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||||
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure, public-https
|
||||||
|
hosts:
|
||||||
|
- host: git.limbosolutions.com
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
pathType: Prefix
|
||||||
|
tls:
|
||||||
|
- secretName: limbosolutions-com-tls
|
||||||
|
hosts:
|
||||||
|
- "git.limbosolutions.com"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -17,8 +17,8 @@ rules:
|
|||||||
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||||
|
|
||||||
- apiGroups: ["networking.k8s.io"]
|
- apiGroups: ["networking.k8s.io"]
|
||||||
resources: ["networkpolicies"]
|
resources: ["networkpolicies", "ingresses"]
|
||||||
verbs: ["get", "list", "watch", "patch", "update"]
|
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
|
||||||
|
|
||||||
- apiGroups: ["policy"]
|
- apiGroups: ["policy"]
|
||||||
resources: ["poddisruptionbudgets"]
|
resources: ["poddisruptionbudgets"]
|
||||||
|
|||||||
@@ -1,53 +0,0 @@
|
|||||||
apiVersion: traefik.containo.us/v1alpha1
|
|
||||||
kind: IngressRouteTCP
|
|
||||||
metadata:
|
|
||||||
name: git-limbosolutions-com-ssh
|
|
||||||
namespace: git-limbosolutions-com
|
|
||||||
spec:
|
|
||||||
entryPoints:
|
|
||||||
- ssh-git
|
|
||||||
routes:
|
|
||||||
- match: HostSNI(`*`)
|
|
||||||
services:
|
|
||||||
- name: gitea-ssh
|
|
||||||
port: 2222
|
|
||||||
weight: 10
|
|
||||||
terminationDelay: 90000
|
|
||||||
proxyProtocol:
|
|
||||||
version: 1
|
|
||||||
---
|
|
||||||
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: gitea
|
|
||||||
namespace: git-limbosolutions-com
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: gitea-12.4.0
|
|
||||||
app: gitea
|
|
||||||
app.kubernetes.io/name: gitea
|
|
||||||
app.kubernetes.io/instance: gitea
|
|
||||||
app.kubernetes.io/version: "1"
|
|
||||||
version: "1"
|
|
||||||
app.kubernetes.io/managed-by: Helm
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
||||||
kubernetes.io/ingress.class: "traefik"
|
|
||||||
traefik.ingress.kubernetes.io/router.entrypoints: "websecure, public-https"
|
|
||||||
spec:
|
|
||||||
ingressClassName: traefik
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- "git.limbosolutions.com"
|
|
||||||
secretName: limbosolutions-com-tls
|
|
||||||
rules:
|
|
||||||
- host: "git.limbosolutions.com"
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
pathType: Prefix
|
|
||||||
backend:
|
|
||||||
service:
|
|
||||||
name: gitea-http
|
|
||||||
port:
|
|
||||||
number: 3000
|
|
||||||
@@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- namespace.yaml
|
- namespace.yaml
|
||||||
- ingress.yaml
|
|
||||||
- cd-service-account.yaml
|
- cd-service-account.yaml
|
||||||
- cd-service-account-token.yaml
|
- cd-service-account-token.yaml
|
||||||
- cd-service-account-rbac.yaml
|
- cd-service-account-rbac.yaml
|
||||||
|
|||||||
Reference in New Issue
Block a user