From ab8150ccc648580bbbebfeb31e2f957456fcc75f Mon Sep 17 00:00:00 2001 From: jad0s Date: Wed, 20 May 2026 10:36:31 +0200 Subject: [PATCH] feat(actions): added k3d test to CI workflow on push fix(actions): switch k3d installation from sh to bash fix(actions): install curl into the runner before running k3d install script fix(actions): install k3d binary directly instead of running the install script fix(actions): install k3d binary to /tmp fix(actions): use curl to install k3d as wget had SSL errors in node:22 fix(actions): install bash into the runner before testing fix(actions): change default shell from bash to sh in runner fix(forgejo): remove extra indentation fix(forgejo): fixed indentation in yaml fix(actions): install curl in runner during the setup fix(actions): chmod +x the k3d binary before executing it fix(actions): set DOCKER_HOST env var to tcp instead of unix socket test(actions): check if the docker daemon is reachable on loopback addresses fix(actions): update DOCKER_HOST env var to an internal IP that docker daemon runs on fix(actions): install kubectl before creating test cluster fix(actions): add missing newline fix(actions): install ArgoCD and SealedSecrets into the test cluster in k3d fix(actions): missing dot fix(actions): add --server-side flag to the argocd kubectl apply since the manifest is too long fix(actions): capitalize h in selfheal fix(actions): rework validate workflow file to skip installation steps solved by the custom container image fix(actions): optimized workflow by installing argocd and sealedsecrets in parallel, manually sync argocd fix(actions): fix the 'Wait for argocd sync' step logic fix(actions): add argocd login step fix(actions): wait for argocd initial admin secret to be created fix(actions): create admin password during argocd install to login with fix(actions): stop argocd login, use the kubernetes api directly with --core flag of argocd command fix(actions): stop using argocd cli to wait for app sync, use kubectl instead fix(actions): change testing event from push to PR --- .forgejo/workflows/validate.yaml | 57 +++++++++++++++++++++++++++----- apps/sealed-secrets.yaml | 2 +- manifests/forgejo/runner.yaml | 4 +++ 3 files changed, 54 insertions(+), 9 deletions(-) diff --git a/.forgejo/workflows/validate.yaml b/.forgejo/workflows/validate.yaml index e7091f1..e5d983d 100644 --- a/.forgejo/workflows/validate.yaml +++ b/.forgejo/workflows/validate.yaml @@ -1,20 +1,18 @@ on: - push: - branches: - - dev + pull_request: jobs: validate: runs-on: docker + defaults: + run: + shell: sh + env: + DOCKER_HOST: tcp://172.17.0.1:2375 steps: - name: Checkout uses: actions/checkout@v4 - - name: Install kubeconform - run: | - wget -O- https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz - mv kubeconform /usr/local/bin - - name: Validate manifests run: | kubeconform \ @@ -24,3 +22,46 @@ jobs: -schema-location default \ -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \ ./manifests/ + + - name: Create test cluster + run: k3d cluster create test --wait + + - name: Install ArgoCD + run: | + kubectl create namespace argocd + kubectl apply -n argocd --server-side -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml + kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml + kubectl wait --for=condition=available --timeout=180s \ + deployment/argocd-server \ + deployment/argocd-repo-server \ + deployment/argocd-applicationset-controller \ + -n argocd + kubectl wait --for=condition=available --timeout=60s \ + deployment/sealed-secrets-controller -n kube-system + + - name: Import SealedSecrets key + env: + SEALED_SECRETS_KEY: ${{ secrets.SEALED_SECRETS_KEY }} + run: | + echo "$SEALED_SECRETS_KEY" | kubectl apply -f - + kubectl rollout restart deployment/sealed-secrets-controller -n kube-system + kubectl rollout status deployment/sealed-secrets-controller -n kube-system --timeout=60s + + - name: Apply ArgoCD apps + run: kubectl apply -f apps/ + + - name: Wait for ArgoCD sync + run: | + sleep 10 + kubectl wait applications \ + --all \ + --namespace argocd \ + --for=jsonpath='{.status.health.status}'=Healthy \ + --timeout=300s + + - name: Wait for all deployments + run: kubectl wait --for=condition=available --timeout=300s deployment --all --all-namespaces + + - name: Cleanup + if: always() + run: k3d cluster delete test diff --git a/apps/sealed-secrets.yaml b/apps/sealed-secrets.yaml index c86d4ad..703717b 100644 --- a/apps/sealed-secrets.yaml +++ b/apps/sealed-secrets.yaml @@ -15,4 +15,4 @@ spec: syncPolicy: automated: prune: true - selfheal: true + selfHeal: true diff --git a/manifests/forgejo/runner.yaml b/manifests/forgejo/runner.yaml index fd34a89..5a0229a 100644 --- a/manifests/forgejo/runner.yaml +++ b/manifests/forgejo/runner.yaml @@ -14,7 +14,11 @@ spec: spec: containers: - name: runner +<<<<<<< HEAD image: forgejo.libretalk.eu/jad0s/forgejo-runner:latest +======= + image: code.forgejo.org/forgejo/runner:3.5.1 +>>>>>>> e1bf8ad (fix(forgejo): remove extra indentation) command: - sh - -c