diff --git a/.env b/.env new file mode 100644 index 0000000..efe225f --- /dev/null +++ b/.env @@ -0,0 +1 @@ +PROD_URL=gmoker.com diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml new file mode 100644 index 0000000..380f6be --- /dev/null +++ b/.gitea/workflows/deploy.yaml @@ -0,0 +1,31 @@ +on: push + +jobs: + deploy: + runs-on: debian + steps: + - uses: actions/checkout@v1 + - name: setup env + run: | + . ./.env || true + if [ "${{ gitea.ref_name }}" == prod ] && [ -n "$PROD_URL" ]; then + BASE_URL="$PROD_URL" + else + BASE_URL="${{ gitea.ref_name }}.$(tr / '\n' <<< "${{ gitea.repository }}" | tac | tr '\n' .)k8s.gmoker.com" + fi + REGISTRY="$(sed 's .*:// ' <<< ${{ gitea.server_url }})" + cat <> .env + BASE_URL="$BASE_URL" + REGISTRY="$REGISTRY" + IMAGEAPP="$REGISTRY/${{ gitea.repository }}:${{ gitea.ref_name }}" + EOF + cat .env + + - uses: actions/kaniko@v1 + with: + password: "${{ secrets.PKGRW }}" + + - uses: actions/k8sdeploy@v1 + with: + kubeconfig: "${{ secrets.K8S }}" + registry_password: "${{ secrets.PKGRW }}" diff --git a/manifests/bin/deploy.sh b/manifests/bin/deploy.sh new file mode 100755 index 0000000..088dfbb --- /dev/null +++ b/manifests/bin/deploy.sh @@ -0,0 +1,36 @@ +#!/bin/bash -e +set -o pipefail + +function kapply() { + for f in "$@"; do + kubectl apply -f \ + <(envsubst "$(env | xargs printf '$%s ')" < "manifests/$f") + done +} + +function kcreatesec() { + kubectl create secret generic --save-config --dry-run=client -oyaml "$@" | kubectl apply -f- +} + +function kcreatecm() { + kubectl create configmap --dry-run=client -oyaml "$@" | kubectl apply -f- +} + +function kgseckey() { + local sec="$1"; shift + local key="$1"; shift + + kubectl get secret "$sec" -o jsonpath="{.data.$key}" | base64 -d +} + +function kgcmkey() { + local cm="$1"; shift + local key="$1"; shift + + kubectl get configmap "$cm" -o jsonpath="{.data.$key}" +} + + +kapply common/app.yaml + +kubectl rollout restart deployment app diff --git a/manifests/bin/devel.sh b/manifests/bin/devel.sh new file mode 100755 index 0000000..464c4d0 --- /dev/null +++ b/manifests/bin/devel.sh @@ -0,0 +1,5 @@ +#!/bin/bash -e + +export NB_REPLICAS=1 + +. ./manifests/bin/deploy.sh diff --git a/manifests/bin/prod.sh b/manifests/bin/prod.sh new file mode 100755 index 0000000..c97fc9e --- /dev/null +++ b/manifests/bin/prod.sh @@ -0,0 +1,5 @@ +#!/bin/bash -e + +export NB_REPLICAS=3 + +. ./manifests/bin/deploy.sh diff --git a/manifests/common/app.yaml b/manifests/common/app.yaml new file mode 100644 index 0000000..128aaa1 --- /dev/null +++ b/manifests/common/app.yaml @@ -0,0 +1,64 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: app + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod +spec: + ingressClassName: nginx + tls: + - secretName: tls-app + hosts: + - "$BASE_URL" + rules: + - host: "$BASE_URL" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: app + port: + name: http +--- +apiVersion: v1 +kind: Service +metadata: + name: app + labels: + app: app +spec: + selector: + app: app + ports: + - name: http + port: 80 + targetPort: http +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: app + labels: + app: app +spec: + replicas: $NB_REPLICAS + selector: + matchLabels: + app: app + template: + metadata: + labels: + app: app + spec: + imagePullSecrets: + - name: regcred + containers: + - name: app + image: "$IMAGEAPP" + imagePullPolicy: Always + ports: + - name: http + containerPort: 5173 diff --git a/manifests/devel/.gitkeep b/manifests/devel/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/manifests/prod/.gitkeep b/manifests/prod/.gitkeep new file mode 100644 index 0000000..e69de29