Compare commits
46 Commits
auto/updat
...
740993bfff
| Author | SHA1 | Date | |
|---|---|---|---|
740993bfff
|
|||
| 418bc22998 | |||
| 85b15e8590 | |||
| 32d6244acf | |||
| 8e2c65663b | |||
| 9ead73777f | |||
| 3e0cb21863 | |||
| a9f2dc375c | |||
| 63fdef0e26 | |||
| fcbde5abc4 | |||
| 2ba863bb98 | |||
| 441f39b0cd | |||
| 4a4e8ab77f | |||
| 68a25dc9fd | |||
| 96a44b823e | |||
| e23dbd4df2 | |||
| 1e6f90271a | |||
| b789f2030e | |||
| 77ef98c3e0 | |||
| 6156597591 | |||
| 48c232c275 | |||
| 9e897757c6 | |||
| b5beaa88b1 | |||
| 5508678a6c | |||
| f3ed21b8a8 | |||
| 2f4a342811 | |||
| 39c52e03a3 | |||
| 43aeb04ade | |||
| 9122e9f339 | |||
| e212872535 | |||
| 08a0d296a3 | |||
| 32c1f3a450 | |||
| b865730722 | |||
| 8682100cc6 | |||
| 5bad734c75 | |||
| 0343b2d9ee | |||
| 1c100f1c6b | |||
| bee206bec1 | |||
| e4b3d06e1d | |||
| 7408d8effb | |||
| 274ab32e2a | |||
| ce87523597 | |||
| 25710206d5 | |||
| c705885dda | |||
| 783d307998 | |||
| 06397c2b57 |
@@ -8,75 +8,199 @@ on:
|
||||
- "clusters/**"
|
||||
- ! "clusters/*/archive"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
CLUSTERS: cl01tl
|
||||
BASE_BRANCH: manifests
|
||||
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
|
||||
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
|
||||
|
||||
jobs:
|
||||
render-manifests-helm:
|
||||
runs-on: ubuntu-js
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
fetch-depth: 0
|
||||
path: infrastructure
|
||||
|
||||
- name: Checkout Manifests
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
ref: manifests
|
||||
path: infrastructure-manifests
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: latest
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
|
||||
- name: Remove Prior Manifests
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}/clusters
|
||||
rm -rf ./*
|
||||
|
||||
- name: Render Helm Manifests
|
||||
env:
|
||||
CLUSTERS: cl01tl
|
||||
run: |
|
||||
for cluster in $CLUSTERS; do
|
||||
mkdir clusters/$CLUSTER/manifests
|
||||
|
||||
for chart_path in clusters/$CLUSTER/helm/; do
|
||||
chart_name=$(basename "$chart")
|
||||
|
||||
echo "--- Rendering chart: $chart_name ---"
|
||||
for cluster in ${CLUSTERS}; do
|
||||
for chart_path in ${MAIN_DIR}/clusters/$cluster/helm/*; do
|
||||
chart_name=$(basename "$chart_path")
|
||||
echo ">> Rendering chart: $chart_name"
|
||||
|
||||
if [ -f "$chart_path/Chart.yaml" ]; then
|
||||
OUTPUT_FILE="clusters/$CLUSTER/manifests/$chart_name.yaml"
|
||||
mkdir -p ${MANIFEST_DIR}/clusters/$cluster/manifests/$chart_name
|
||||
OUTPUT_FILE="${MANIFEST_DIR}/clusters/$cluster/manifests/$chart_name/$chart_name.yaml"
|
||||
|
||||
helm template "$chart_name" "$chart" --namespace "$chart_name" > "$OUTPUT_FILE"
|
||||
cd $chart_path
|
||||
|
||||
echo "Manifests for $chart_name rendered to $OUTPUT_FILE"
|
||||
echo ""
|
||||
echo ">> Building helm dependency ..."
|
||||
helm dependency build
|
||||
|
||||
echo ""
|
||||
echo ">> Linting helm ..."
|
||||
helm lint --namespace "$chart_name" --with-subcharts
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering templates ..."
|
||||
helm template "$chart_name" ./ --namespace "$chart_name" --include-crds > "$OUTPUT_FILE"
|
||||
|
||||
echo ""
|
||||
echo ">> Manifests for $chart_name rendered to $OUTPUT_FILE"
|
||||
echo ""
|
||||
else
|
||||
echo "Directory $chart_path does not contain a Chart.yaml. Skipping ..."
|
||||
echo ""
|
||||
echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
|
||||
echo ""
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
- name: Check for Changes
|
||||
id: check-changes
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
if git status --porcelain | grep -q .; then
|
||||
echo ">> Changes detected"
|
||||
git status --porcelain
|
||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||
else
|
||||
echo ">> No changes detected, skipping PR creation"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
- name: Commit and Push Changes
|
||||
id: commit-push
|
||||
if: steps.check-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
BRANCH_NAME="auto/update-manifests-$(date +%s)"
|
||||
|
||||
# Configure Git
|
||||
echo ">> Configure git to use gitea-bot as user ..."
|
||||
git config user.name "gitea-bot"
|
||||
git config user.email "gitea-bot@alexlebens.net"
|
||||
|
||||
# Create a new branch and stage all changes
|
||||
echo ">> Creating and commiting to $BRANCH_NAME ..."
|
||||
git checkout -b $BRANCH_NAME
|
||||
git add .
|
||||
git commit -m "chore: Update manifests after change"
|
||||
|
||||
# Push the new branch to the remote repository
|
||||
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
|
||||
echo ">> Pushing changes to $REPO_URL ..."
|
||||
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@$(echo $REPO_URL | sed -e 's|https://||')" $BRANCH_NAME
|
||||
|
||||
echo "HEAD_BRANCH=$BRANCH_NAME" >> $GITEA_OUTPUT
|
||||
echo "push=true" >> $GITEA_OUTPUT
|
||||
|
||||
- name: Create Pull Request
|
||||
uses: peter-evans/create-pull-request@v7
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
commit-message: "chore: Update manifests after chart change"
|
||||
branch: auto/update-manifests
|
||||
base: manifests
|
||||
title: "Manifest Update: App Changes"
|
||||
body: |
|
||||
This PR contains the newly rendered Kubernetes manifests.
|
||||
id: create-pull-request
|
||||
if: steps.commit-push.outputs.push == 'true'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
* Triggered by workflow run ${{ github.run_id }}
|
||||
* Review the `files changed` tab for the full YAML diff.
|
||||
add-paths: "clusters/*/rendered-manifests/"
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
|
||||
|
||||
- name: ntfy Success
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg head "${HEAD_BRANCH}" \
|
||||
--arg base "${BASE_BRANCH}" \
|
||||
--arg title "Automated Manifest Update: $(date +%F)" \
|
||||
--arg body "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow." \
|
||||
'{head: $head, base: $base, title: $title, body: $body'} )
|
||||
|
||||
echo ">> Creating PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
echo ">> With Payload of:"
|
||||
echo "$PAYLOAD"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X POST \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
--data "$PAYLOAD" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "201" ]; then
|
||||
echo ">> Pull Request created successfully!"
|
||||
|
||||
PR_URL=$(cat response_body.json | jq -r .html_url)
|
||||
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-operation=created" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "422" ]; then
|
||||
echo ">> Failed to create PR (HTTP 422: Unprocessable Entity), PR may already exist"
|
||||
else
|
||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Cleanup Branch
|
||||
if: failure() && steps.create-pull-request.outcome == 'failure'
|
||||
env:
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
echo ">> Removing branch: ${HEAD_BRANCH}"
|
||||
git push origin --delete ${HEAD_BRANCH}
|
||||
|
||||
- name: ntfy Created
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
if: steps.create-pull-request.outputs.pull-request-operation == 'created'
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render Success - Infrastructure"
|
||||
title: "Manifest Render PR Created - Infrastructure"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Manifest rendering for Infrastructure has succeeded"
|
||||
details: "Manifest rendering for Infrastructure has created a new Pull Request!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
|
||||
@@ -9,10 +9,12 @@ metadata:
|
||||
app.kubernetes.io/name: {{ $stack.name }}
|
||||
app.kubernetes.io/instance: {{ $stack.name }}
|
||||
app.kubernetes.io/part-of: {{ $.Release.Name }}
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
syncPolicy:
|
||||
applicationsSync: create-update
|
||||
preserveResourcesOnDeletion: false
|
||||
preserveResourcesOnDeletion: true
|
||||
generators:
|
||||
- git:
|
||||
repoURL: {{ $.Values.git.repo }}
|
||||
|
||||
@@ -36,7 +36,7 @@ shelly-plug:
|
||||
main:
|
||||
image:
|
||||
repository: php
|
||||
tag: 8.4.15-apache-bookworm
|
||||
tag: 8.5.0-apache-bookworm
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SHELLY_HOSTNAME
|
||||
|
||||
@@ -28,7 +28,7 @@ qbittorrent:
|
||||
qbittorrent:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/qbittorrent
|
||||
tag: 5.1.4@sha256:26a08cd60d81e632aba8947b2c64dfd5f870a5f4a837ec4abedf2e1d174df891
|
||||
tag: 5.1.4@sha256:a2eedc99b4876916943bd33e7c415efc448f6b514aa39b4f98c1e6472a717301
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -8,7 +8,7 @@ whodb:
|
||||
main:
|
||||
image:
|
||||
repository: clidey/whodb
|
||||
tag: 0.77.0
|
||||
tag: 0.78.0
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: WHODB_OLLAMA_HOST
|
||||
|
||||
Reference in New Issue
Block a user