limbosolutions.com/git.limbosolutions.com
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

fix: deploy/app, added continuos-deploy gitea workflow template

Browse Source
This commit is contained in:
Márcio Fernandes
2025-11-29 11:28:14 +00:00
parent 26a8867587
commit cd0c3876ed
6 changed files with 56 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
.gitea/workflows/app-continous-deploy.yaml Normal file
View File

@@ -0,0 +1,34 @@
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
continuous-deploy:
runs-on: ubuntu-latest
container:
image: git.limbosolutions.com/kb/gitea/act:latest-network-stack
env:
GITHUB_TEMP: ${{ runner.temp }} # fix missing GITHUB_TEMP on gitea
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: limbo public actions
env:
WORKSPACE: "${{ gitea.workspace }}"
run: |
curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1
# my custom actions https://git.limbosolutions.com/kb/gitea/raw/branch/main
- name: Configure kubectl config
uses: ./.gitea/limbo_actions/kubectl-setup
with:
kube_server: ${{ secrets.HOSTING_KUBE_SERVER }}
kube_ca_base64: ${{ secrets.HOSTING_KUBE_CA_BASE64 }}
kube_token: ${{ secrets.HOSTING_KUBE_TOKEN }}

1
README.md
View File

@@ -30,7 +30,6 @@ Using [gitea](https://git.limbosolutions.com/kb/gitea) as git server.
### Continuous Deploy
Executes [App Deploy](#app) using [Gitea workflow](./.gitea/workflows/app-deploy.yaml).
kubectl get secret continuous-deploy -o jsonpath='{.data.token}' | base64 -d
### Infra

22
deploy/helm/values.yaml
View File

@@ -58,7 +58,10 @@ service:
port: 2222
annotations:
metallb.universe.tf/allow-shared-ip: test
http:
clusterIP: "" # empty string → Kubernetes assigns a routable ClusterIP
type: ClusterIP
port: 3000
gitea:
admin:
username: "???"
@@ -126,6 +129,21 @@ gitea:
PASSWORD_HASH_ALGO: "???"
ingress:
enabled: false
enabled: true
className: traefik
annotations:
kubernetes.io/ingress.class: traefik
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure, public-https
hosts:
- host: git.limbosolutions.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: limbosolutions-com-tls
hosts:
- "git.limbosolutions.com"

4
deploy/infra/cd-service-account-rbac.yaml
View File

@@ -17,8 +17,8 @@ rules:
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["networking.k8s.io"]
resources: ["networkpolicies"]
verbs: ["get", "list", "watch", "patch", "update"]
resources: ["networkpolicies", "ingresses"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]

53
deploy/infra/ingress.yaml
View File

@@ -1,53 +0,0 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: git-limbosolutions-com-ssh
namespace: git-limbosolutions-com
spec:
entryPoints:
- ssh-git
routes:
- match: HostSNI(`*`)
services:
- name: gitea-ssh
port: 2222
weight: 10
terminationDelay: 90000
proxyProtocol:
version: 1
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gitea
namespace: git-limbosolutions-com
labels:
helm.sh/chart: gitea-12.4.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1"
version: "1"
app.kubernetes.io/managed-by: Helm
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
kubernetes.io/ingress.class: "traefik"
traefik.ingress.kubernetes.io/router.entrypoints: "websecure, public-https"
spec:
ingressClassName: traefik
tls:
- hosts:
- "git.limbosolutions.com"
secretName: limbosolutions-com-tls
rules:
- host: "git.limbosolutions.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: gitea-http
port:
number: 3000

1
deploy/infra/kustomization.yaml
View File

@@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- ingress.yaml
- cd-service-account.yaml
- cd-service-account-token.yaml
- cd-service-account-rbac.yaml