modified: README.md

modified: deploy/README.md renamed: deploy/rbac.yaml -> deploy/cicd-rbac.yaml
modified: deploy/deployment.yaml
2025-11-22 22:57:43 +00:00 · 2025-11-22 18:51:39 +00:00 · 2025-11-22 18:36:03 +00:00 · 2025-11-22 17:57:01 +00:00 · 2025-11-22 17:51:36 +00:00 · 2025-11-22 17:50:45 +00:00
6 changed files with 25 additions and 100 deletions
--- a/.gitea/actions/kubectl-setup/action.yml
+++ b/.gitea/actions/kubectl-setup/action.yml
@@ -1,75 +0,0 @@
-name: Setup kubectl
-description: "Reads kube config from inputs and sets kube config"
-
-inputs:
-  kube_server:
-    description: "Kubernetes server address and port. Example (https://serverip:6443)"
-    required: true
-  kube_ca_base64:
-    description: "Base64-encoded Kubernetes cluster CA certificate"
-    required: true
-  kube_token:
-    description: "Kubernetes ServiceAccount token"
-    required: true
-
-runs:
-  using: "composite"
-  steps:
-    - name: Create kubeconfig
-      shell: bash
-      run: |
-        set -euo pipefail
-
-        # check arguments
-        ERROR=0
-
-        if [ -z "${{ inputs.kube_server }}" ]; then
-          echo "❌ ERROR: kube_server input is empty or not set"
-          $ERROR=1
-        fi
-
-        if [ -z "${{ inputs.kube_ca_base64 }}" ]; then
-          echo "❌ ERROR: kube_ca_base64 input is empty or not set"
-           $ERROR=1
-        fi
-
-        if [ -z "${{ inputs.kube_server }}" ]; then
-          echo "❌ ERROR: kube_token input is empty or not set"
-          $ERROR=1
-        fi
-        
-        if [ "$ERROR" != 0 ]; then
-          echo "❌ ERROR code $ERROR"
-          exit "$ERROR"
-        fi
-        # end check arguments
-
-        # creates kube config
-        mkdir -p "${GITHUB_TEMP}/.kube"
-        cat <<EOF > "${GITHUB_TEMP}/.kube/config"
-        apiVersion: v1
-        kind: Config
-        clusters:
-        - cluster:
-            certificate-authority-data: ${{ inputs.kube_ca_base64 }}
-            server: ${{ inputs.kube_server }}
-          name: cluster
-        contexts:
-        - context:
-            cluster: cluster
-            namespace: default
-            user: user
-          name: context
-        current-context: context
-        users:
-        - name: user
-          user:
-            token: ${{ inputs.kube_token }}
-        EOF
-
-        # sets KUBECONFIG environment variable
-        echo "KUBECONFIG=${GITHUB_TEMP}/.kube/config" >> "${GITHUB_ENV}"
-
-        # tests communication to server (add v argument if debug is required)
-        curl -kv -cacert <(echo "${{ inputs.kube_ca_base64 }}" | base64 -d) -H "Authorization: Bearer ${{ inputs.kube_token }}" ${{ inputs.kube_server }}/version
-
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -1,37 +1,35 @@
-name: Casa Home Assistant CI/CD Pipeline (testing)
+name: Casa Home Assistant CI/CD Pipeline

 on:
  push:
    branches:
      - fix/*
      - main
+      - master
  pull_request:
+  schedule:
+    - cron: '0 16 * * 0' # every sunday 4 pm

 jobs:
-  build:
+  deploy:
    runs-on: casa-vlan-cicd
    env:
      GITHUB_TEMP: ${{ runner.temp }}
-
-
+      
    steps:
+
      - name: Checkout code
        uses: actions/checkout@v3

-      - name: setup actions from 
+      - name: Fetch limbo public actions
+        env: 
+          RUNNER_TEMP: "${{ runner.temp }}"
+          WORKSPACE: "${{ gitea.workspace }}"
        run: |
-          ls -lah ${{ runner.temp }}
-          
-          mkdir -p ${{ runner.temp }}/gitea_src
-          mkdir -p ${{ gitea.workspace }}/.gitea/actions
-          git clone -b main --depth=1 https://git.limbosolutions.com/kb/gitea ${{ runner.temp }}/gitea_src/.gitea
-          ln -s ${{ runner.temp }}/gitea_src/.gitea/actions/kubectl-setup  ${{ gitea.workspace }}/.gitea/actions/kubectl-setup
-          ls -lah ${{ gitea.workspace }}/.gitea/actions/kubectl-setup
-          ls -lah ${{ gitea.workspace }}/.gitea/actions/kubectl-setup/*
-          cat ${{ gitea.workspace }}/.gitea/actions/kubectl-setup/action.yml
+          curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1

      - name: Setup kubectl
-        uses: ./.gitea/actions/kubectl-setup
+        uses: ./.gitea/limbo_actions/kubectl-setup
        with:
          kube_server: ${{ secrets.CASA_VLAN_KUBE_SERVER }}
          kube_ca_base64: ${{ secrets.CASA_VLAN_KUBE_CA_BASE64 }}
@@ -45,9 +43,6 @@ jobs:
          INGRESS_ROUTES_MATCH: "${{ secrets.CASA_HOMEASSISTANT_INGRESS_ROUTES_MATCH }}"
          INGRESS_TLS_SECRET_NAME: "${{ secrets.CASA_HOMEASSISTANT_INGRESS_TLS_SECRET_NAME }}"
        run: |
-          #set -x for debugging
-          set -e
-          cd ${{ gitea.workspace }}
-          kubectl apply -f ./deploy/deployment.yaml
-          envsubst < ./deploy/service.template.yaml | kubectl apply -f -
+          kubectl apply -f ./deploy/deployment.yaml \
+          && envsubst < ./deploy/service.template.yaml | kubectl apply -f -
            
--- a/README.md
+++ b/README.md
@@ -2,10 +2,9 @@

 Welcome to my Home Assistant setup repository.  
 This repository documents and maintains the Home Assistant instance running in my home, hosted on casa server k3s cluster.  
-All essential containers, such as MQTT and speech recognition, are hosted on the same server for seamless integration.  
+Related containers, such as MQTT and speech recognition, are hosted on same cluster.  

-<!-- omit in toc -->
-## Table of Contents
+**Table of Contents:**

 - [Devices](#devices)
  - [Broadlink - RM4 Pro](#broadlink---rm4-pro)
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -44,8 +44,8 @@ All Environment variables requirements as set as secrets.

 [gitea workflow](../.gitea/workflows/deploy.yaml)

-## RBAC
+## cicd RBAC

 ```bash { cwd=../ }
-kubectl apply -f ./deploy/rbac.yaml
+kubectl apply -f ./deploy/cicd-rbac.yaml
 ```
--- a/deploy/cicd-rbac.yaml
+++ b/deploy/cicd-rbac.yaml
--- a/deploy/deployment.yaml
+++ b/deploy/deployment.yaml
@@ -33,9 +33,15 @@ spec:
    spec:
      dnsPolicy: ClusterFirstWithHostNet # ensures pod uses cluster DNS (CoreDNS) for service discovery even with host networking
      hostNetwork: true
+      nodeName: casa # force deploy to master node cluster
+      tolerations:
+        - key: "node-role.kubernetes.io/control-plane" # allow installation on control-plane
+          operator: "Exists"
+          effect: "NoSchedule"
      containers:
        - name: home-assistant
          image: "homeassistant/home-assistant"
+          imagePullPolicy: Always
          env:
            - name: TZ
              value: Europe/Lisbon  # set timezone
Author	SHA1	Message	Date
Márcio Fernandes	dbecd67471	modified: README.md All checks were successful Casa Home Assistant CI/CD Pipeline / deploy (push) Successful in 18s Details modified: deploy/README.md renamed: deploy/rbac.yaml -> deploy/cicd-rbac.yaml	2025-11-22 22:57:43 +00:00
Márcio Fernandes	2881eb1167	modified: deploy/deployment.yaml All checks were successful Casa Home Assistant CI/CD Pipeline / deploy (push) Successful in 16s Details	2025-11-22 18:51:39 +00:00
Márcio Fernandes	755d68a844	modified: deploy/deployment.yaml All checks were successful Casa Home Assistant CI/CD Pipeline / deploy (push) Successful in 18s Details	2025-11-22 18:36:03 +00:00
Márcio Fernandes	f40a899200	modified: .gitea/workflows/deploy.yaml All checks were successful Casa Home Assistant CI/CD Pipeline / deploy (push) Successful in 17s Details	2025-11-22 17:57:01 +00:00
Márcio Fernandes	d30aad3058	modified: .gitea/workflows/deploy.yaml All checks were successful Casa Home Assistant CI/CD Pipeline / deploy (push) Successful in 17s Details	2025-11-22 17:51:36 +00:00
Márcio Fernandes	6149826bc6	modified: .gitea/workflows/deploy.yaml modified: README.md	2025-11-22 17:50:45 +00:00
marcio.fernandes	0d2b30a83a	fix/cicd (#3 ) Co-authored-by: Márcio Fernandes <marcio.fernandes@outlook.pt> Reviewed-on: #3	2025-11-22 17:43:57 +00:00