Compare commits
9 commits
e225d8f1fc
...
ab8150ccc6
| Author | SHA1 | Date | |
|---|---|---|---|
| ab8150ccc6 | |||
| ea7b51453b | |||
| d4fbf45f75 | |||
| 728e201ec2 | |||
| de505f5471 | |||
| 49ad1b3bc0 | |||
| faaf63cf25 | |||
| eb8b98f259 | |||
| 0cdab3975e |
10 changed files with 76 additions and 15 deletions
|
|
@ -1,20 +1,18 @@
|
|||
on:
|
||||
push:
|
||||
branches:
|
||||
- dev
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
validate:
|
||||
runs-on: docker
|
||||
defaults:
|
||||
run:
|
||||
shell: sh
|
||||
env:
|
||||
DOCKER_HOST: tcp://172.17.0.1:2375
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install kubeconform
|
||||
run: |
|
||||
wget -O- https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz
|
||||
mv kubeconform /usr/local/bin
|
||||
|
||||
- name: Validate manifests
|
||||
run: |
|
||||
kubeconform \
|
||||
|
|
@ -24,3 +22,46 @@ jobs:
|
|||
-schema-location default \
|
||||
-schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \
|
||||
./manifests/
|
||||
|
||||
- name: Create test cluster
|
||||
run: k3d cluster create test --wait
|
||||
|
||||
- name: Install ArgoCD
|
||||
run: |
|
||||
kubectl create namespace argocd
|
||||
kubectl apply -n argocd --server-side -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
|
||||
kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml
|
||||
kubectl wait --for=condition=available --timeout=180s \
|
||||
deployment/argocd-server \
|
||||
deployment/argocd-repo-server \
|
||||
deployment/argocd-applicationset-controller \
|
||||
-n argocd
|
||||
kubectl wait --for=condition=available --timeout=60s \
|
||||
deployment/sealed-secrets-controller -n kube-system
|
||||
|
||||
- name: Import SealedSecrets key
|
||||
env:
|
||||
SEALED_SECRETS_KEY: ${{ secrets.SEALED_SECRETS_KEY }}
|
||||
run: |
|
||||
echo "$SEALED_SECRETS_KEY" | kubectl apply -f -
|
||||
kubectl rollout restart deployment/sealed-secrets-controller -n kube-system
|
||||
kubectl rollout status deployment/sealed-secrets-controller -n kube-system --timeout=60s
|
||||
|
||||
- name: Apply ArgoCD apps
|
||||
run: kubectl apply -f apps/
|
||||
|
||||
- name: Wait for ArgoCD sync
|
||||
run: |
|
||||
sleep 10
|
||||
kubectl wait applications \
|
||||
--all \
|
||||
--namespace argocd \
|
||||
--for=jsonpath='{.status.health.status}'=Healthy \
|
||||
--timeout=300s
|
||||
|
||||
- name: Wait for all deployments
|
||||
run: kubectl wait --for=condition=available --timeout=300s deployment --all --all-namespaces
|
||||
|
||||
- name: Cleanup
|
||||
if: always()
|
||||
run: k3d cluster delete test
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ metadata:
|
|||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: http://forgejo.forgejo.svc.cluster.local:3000/jad0s/gitops.git
|
||||
repoURL: https://forgejo.libretalk.eu/jad0s/gitops.git
|
||||
targetRevision: HEAD
|
||||
path: manifests/argocd
|
||||
destination:
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ metadata:
|
|||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: http://forgejo.forgejo.svc.cluster.local:3000/jad0s/gitops.git
|
||||
repoURL: https://forgejo.libretalk.eu/jad0s/gitops.git
|
||||
targetRevision: HEAD
|
||||
path: manifests/cert-manager
|
||||
destination:
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ metadata:
|
|||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: http://forgejo.forgejo.svc.cluster.local:3000/jad0s/gitops.git
|
||||
repoURL: https://forgejo.libretalk.eu/jad0s/gitops.git
|
||||
targetRevision: HEAD
|
||||
path: manifests/forgejo
|
||||
destination:
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ metadata:
|
|||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: http://forgejo.forgejo.svc.cluster.local:3000/jad0s/gitops.git
|
||||
repoURL: https://forgejo.libretalk.eu/jad0s/gitops.git
|
||||
targetRevision: HEAD
|
||||
path: manifests/metallb
|
||||
destination:
|
||||
|
|
|
|||
|
|
@ -15,4 +15,4 @@ spec:
|
|||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
selfheal: true
|
||||
selfHeal: true
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ metadata:
|
|||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: http://forgejo.forgejo.svc.cluster.local:3000/jad0s/gitops.git
|
||||
repoURL: https://forgejo.libretalk.eu/jad0s/gitops.git
|
||||
targetRevision: main
|
||||
path: manifests/traefik
|
||||
destination:
|
||||
|
|
|
|||
14
manifests/cert-manager/hetzner-secret.yaml
Normal file
14
manifests/cert-manager/hetzner-secret.yaml
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
name: hetzner-secret
|
||||
namespace: cert-manager
|
||||
spec:
|
||||
encryptedData:
|
||||
api-token: AgBttsC0QEcJNHaLlNT6QFQzXGDeb8EJtRiQaFisGGsBmEw+Q+mwjg+9QSMqzfP7Ux8NZnUPrrFvzkYeE6AojzQEGhDAaOCBbIss/rPzr2ZYIRKLWtHJywT+pWkT4N9k6SnG6cxCI+GUw7UToSuTlVu14w9uQq1wvxrRcl6XyjmlBUr8ubOCKq9RyOJ9n408K5/7J/jdx+E2roqXo6KfDBDZFdwrQhLHmp4zAuRLTL4vdftkb7jqPyspb8fuQpcKeIrJ2yaVdw2OPkMXtQgWXjereTKyHti/3h4tAP+GlPaxV93ffPeP3j048K4SJVHW2ndm3lxA2z3LDS07+pCXKDfLwU8jiQggKUVDMEXr1zR9Ve027os0oLD9BHUHofoOSF5YLR1nTxB4PWQYXGIuoIiJDEhYZF3HQ8Q+4ZDHL9pNs6AQuoMIO4mWNPYgY5iPsGL8XKjVDafcg2qQTphz7rz3+LW3GBSzLK19vasWcgLNKZQ1iYd9d9N18+KvmJSKVCEm9OI8IA+cUSrt9HzuVfukqBr1rjFqNM9LpihR3RIve9XMI7Gj3Nd8PcpYKg6kpHxRLN6/ORNKWXaooNV+CDqfcJIkW0tLfr/VcOcvIGOKS9d5ysuy/6JEZNpU8IrKtb1oL9PW5ShtWkxQvBKL0ndnM9LMQBRIOXkIOaqomEx2MgRsZkwyEnWqzx1kpRNDLmB5ueyjWpDXOFpocf9ACzrnKb1mwuTWjVh3rBjKY9A2RY4n1UFgNd/1XVk/V4FtGfK6QdnubSaMlSaFEtOtTkEd
|
||||
template:
|
||||
metadata:
|
||||
name: hetzner-secret
|
||||
namespace: cert-manager
|
||||
type: Opaque
|
||||
|
|
@ -29,6 +29,8 @@ spec:
|
|||
value: "false"
|
||||
- name: FORGEJO__service__REGISTER_MANUAL_CONFIRM
|
||||
value: "true"
|
||||
- name: FORGEJO__server__ROOT_URL
|
||||
value: "https://forgejo.libretalk.eu"
|
||||
volumes:
|
||||
- name: data
|
||||
persistentVolumeClaim:
|
||||
|
|
|
|||
|
|
@ -14,7 +14,11 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: runner
|
||||
<<<<<<< HEAD
|
||||
image: forgejo.libretalk.eu/jad0s/forgejo-runner:latest
|
||||
=======
|
||||
image: code.forgejo.org/forgejo/runner:3.5.1
|
||||
>>>>>>> e1bf8ad (fix(forgejo): remove extra indentation)
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
|
|
@ -24,7 +28,7 @@ spec:
|
|||
--instance ${FORGEJO_INSTANCE_URL} \
|
||||
--token ${FORGEJO_RUNNER_REGISTRATION_TOKEN} \
|
||||
--name ${FORGEJO_RUNNER_NAME} \
|
||||
--labels docker:docker://alpine:latest && \
|
||||
--labels docker:docker://forgejo.libretalk.eu/jad0s/ci-runner:latest && \
|
||||
sleep 5 && \
|
||||
forgejo-runner daemon
|
||||
env:
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue