Compare commits
34 commits
ab8150ccc6
...
e225d8f1fc
| Author | SHA1 | Date | |
|---|---|---|---|
| e225d8f1fc | |||
| 14f420a13d | |||
| 7e545e39c3 | |||
| 9715b21f69 | |||
| 83c5ceda96 | |||
| 770e2cd1b9 | |||
| bb399fd508 | |||
| f57a22bf16 | |||
| 25e490b9e0 | |||
| 274bd9c3d2 | |||
| 5a77439798 | |||
| 8d1b8269c7 | |||
| 13f24645b9 | |||
| 63858fb115 | |||
| f2dc43d684 | |||
| d18ec2fd2f | |||
| b582c1205b | |||
| e1c517afa3 | |||
| 629f1b89e7 | |||
| de8285b94d | |||
| 64b54ce654 | |||
| fba72df5a3 | |||
| e1bf8adecc | |||
| 3e12c659a6 | |||
| 1202879644 | |||
| 7aaafc6fc4 | |||
| c5e4561cbb | |||
| 48fb1e53a5 | |||
| 31cdd0704c | |||
| 6a7619406d | |||
| ccb98da243 | |||
| b2d8c623f2 | |||
| 15bee50699 | |||
| 0a806d8620 |
4 changed files with 65 additions and 10 deletions
|
|
@ -1,20 +1,18 @@
|
|||
on:
|
||||
push:
|
||||
branches:
|
||||
- dev
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
validate:
|
||||
runs-on: docker
|
||||
defaults:
|
||||
run:
|
||||
shell: sh
|
||||
env:
|
||||
DOCKER_HOST: tcp://172.17.0.1:2375
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install kubeconform
|
||||
run: |
|
||||
wget -O- https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz
|
||||
mv kubeconform /usr/local/bin
|
||||
|
||||
- name: Validate manifests
|
||||
run: |
|
||||
kubeconform \
|
||||
|
|
@ -24,3 +22,46 @@ jobs:
|
|||
-schema-location default \
|
||||
-schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \
|
||||
./manifests/
|
||||
|
||||
- name: Create test cluster
|
||||
run: k3d cluster create test --wait
|
||||
|
||||
- name: Install ArgoCD
|
||||
run: |
|
||||
kubectl create namespace argocd
|
||||
kubectl apply -n argocd --server-side -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
|
||||
kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml
|
||||
kubectl wait --for=condition=available --timeout=180s \
|
||||
deployment/argocd-server \
|
||||
deployment/argocd-repo-server \
|
||||
deployment/argocd-applicationset-controller \
|
||||
-n argocd
|
||||
kubectl wait --for=condition=available --timeout=60s \
|
||||
deployment/sealed-secrets-controller -n kube-system
|
||||
|
||||
- name: Import SealedSecrets key
|
||||
env:
|
||||
SEALED_SECRETS_KEY: ${{ secrets.SEALED_SECRETS_KEY }}
|
||||
run: |
|
||||
echo "$SEALED_SECRETS_KEY" | kubectl apply -f -
|
||||
kubectl rollout restart deployment/sealed-secrets-controller -n kube-system
|
||||
kubectl rollout status deployment/sealed-secrets-controller -n kube-system --timeout=60s
|
||||
|
||||
- name: Apply ArgoCD apps
|
||||
run: kubectl apply -f apps/
|
||||
|
||||
- name: Wait for ArgoCD sync
|
||||
run: |
|
||||
sleep 10
|
||||
kubectl wait applications \
|
||||
--all \
|
||||
--namespace argocd \
|
||||
--for=jsonpath='{.status.health.status}'=Healthy \
|
||||
--timeout=300s
|
||||
|
||||
- name: Wait for all deployments
|
||||
run: kubectl wait --for=condition=available --timeout=300s deployment --all --all-namespaces
|
||||
|
||||
- name: Cleanup
|
||||
if: always()
|
||||
run: k3d cluster delete test
|
||||
|
|
|
|||
|
|
@ -15,4 +15,4 @@ spec:
|
|||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
selfheal: true
|
||||
selfHeal: true
|
||||
|
|
|
|||
14
manifests/cert-manager/hetzner-secret.yaml
Normal file
14
manifests/cert-manager/hetzner-secret.yaml
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
name: hetzner-secret
|
||||
namespace: cert-manager
|
||||
spec:
|
||||
encryptedData:
|
||||
api-token: AgBttsC0QEcJNHaLlNT6QFQzXGDeb8EJtRiQaFisGGsBmEw+Q+mwjg+9QSMqzfP7Ux8NZnUPrrFvzkYeE6AojzQEGhDAaOCBbIss/rPzr2ZYIRKLWtHJywT+pWkT4N9k6SnG6cxCI+GUw7UToSuTlVu14w9uQq1wvxrRcl6XyjmlBUr8ubOCKq9RyOJ9n408K5/7J/jdx+E2roqXo6KfDBDZFdwrQhLHmp4zAuRLTL4vdftkb7jqPyspb8fuQpcKeIrJ2yaVdw2OPkMXtQgWXjereTKyHti/3h4tAP+GlPaxV93ffPeP3j048K4SJVHW2ndm3lxA2z3LDS07+pCXKDfLwU8jiQggKUVDMEXr1zR9Ve027os0oLD9BHUHofoOSF5YLR1nTxB4PWQYXGIuoIiJDEhYZF3HQ8Q+4ZDHL9pNs6AQuoMIO4mWNPYgY5iPsGL8XKjVDafcg2qQTphz7rz3+LW3GBSzLK19vasWcgLNKZQ1iYd9d9N18+KvmJSKVCEm9OI8IA+cUSrt9HzuVfukqBr1rjFqNM9LpihR3RIve9XMI7Gj3Nd8PcpYKg6kpHxRLN6/ORNKWXaooNV+CDqfcJIkW0tLfr/VcOcvIGOKS9d5ysuy/6JEZNpU8IrKtb1oL9PW5ShtWkxQvBKL0ndnM9LMQBRIOXkIOaqomEx2MgRsZkwyEnWqzx1kpRNDLmB5ueyjWpDXOFpocf9ACzrnKb1mwuTWjVh3rBjKY9A2RY4n1UFgNd/1XVk/V4FtGfK6QdnubSaMlSaFEtOtTkEd
|
||||
template:
|
||||
metadata:
|
||||
name: hetzner-secret
|
||||
namespace: cert-manager
|
||||
type: Opaque
|
||||
|
|
@ -24,7 +24,7 @@ spec:
|
|||
--instance ${FORGEJO_INSTANCE_URL} \
|
||||
--token ${FORGEJO_RUNNER_REGISTRATION_TOKEN} \
|
||||
--name ${FORGEJO_RUNNER_NAME} \
|
||||
--labels docker:docker://alpine:latest && \
|
||||
--labels docker:docker://node:22-alpine && \
|
||||
sleep 5 && \
|
||||
forgejo-runner daemon
|
||||
env:
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue