diff --git a/.forgejo/workflows/validate.yaml b/.forgejo/workflows/validate.yaml index e7091f1..e5d983d 100644 --- a/.forgejo/workflows/validate.yaml +++ b/.forgejo/workflows/validate.yaml @@ -1,20 +1,18 @@ on: - push: - branches: - - dev + pull_request: jobs: validate: runs-on: docker + defaults: + run: + shell: sh + env: + DOCKER_HOST: tcp://172.17.0.1:2375 steps: - name: Checkout uses: actions/checkout@v4 - - name: Install kubeconform - run: | - wget -O- https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz - mv kubeconform /usr/local/bin - - name: Validate manifests run: | kubeconform \ @@ -24,3 +22,46 @@ jobs: -schema-location default \ -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \ ./manifests/ + + - name: Create test cluster + run: k3d cluster create test --wait + + - name: Install ArgoCD + run: | + kubectl create namespace argocd + kubectl apply -n argocd --server-side -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml + kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml + kubectl wait --for=condition=available --timeout=180s \ + deployment/argocd-server \ + deployment/argocd-repo-server \ + deployment/argocd-applicationset-controller \ + -n argocd + kubectl wait --for=condition=available --timeout=60s \ + deployment/sealed-secrets-controller -n kube-system + + - name: Import SealedSecrets key + env: + SEALED_SECRETS_KEY: ${{ secrets.SEALED_SECRETS_KEY }} + run: | + echo "$SEALED_SECRETS_KEY" | kubectl apply -f - + kubectl rollout restart deployment/sealed-secrets-controller -n kube-system + kubectl rollout status deployment/sealed-secrets-controller -n kube-system --timeout=60s + + - name: Apply ArgoCD apps + run: kubectl apply -f apps/ + + - name: Wait for ArgoCD sync + run: | + sleep 10 + kubectl wait applications \ + --all \ + --namespace argocd \ + --for=jsonpath='{.status.health.status}'=Healthy \ + --timeout=300s + + - name: Wait for all deployments + run: kubectl wait --for=condition=available --timeout=300s deployment --all --all-namespaces + + - name: Cleanup + if: always() + run: k3d cluster delete test diff --git a/apps/sealed-secrets.yaml b/apps/sealed-secrets.yaml index c86d4ad..703717b 100644 --- a/apps/sealed-secrets.yaml +++ b/apps/sealed-secrets.yaml @@ -15,4 +15,4 @@ spec: syncPolicy: automated: prune: true - selfheal: true + selfHeal: true diff --git a/manifests/forgejo/runner.yaml b/manifests/forgejo/runner.yaml index fd34a89..5a0229a 100644 --- a/manifests/forgejo/runner.yaml +++ b/manifests/forgejo/runner.yaml @@ -14,7 +14,11 @@ spec: spec: containers: - name: runner +<<<<<<< HEAD image: forgejo.libretalk.eu/jad0s/forgejo-runner:latest +======= + image: code.forgejo.org/forgejo/runner:3.5.1 +>>>>>>> e1bf8ad (fix(forgejo): remove extra indentation) command: - sh - -c