kube pipeline manual step and kubectl yaml

2025-06-06 09:25:31 +10:00 · 2025-06-06 09:25:31 +10:00 · 50af2eccb3
commit 50af2eccb3
parent e9a7daf5b3
4 changed files with 110 additions and 37 deletions
--- a/.gitea/workflows/build_push.yml
+++ b/.gitea/workflows/build_push.yml
@ -1,45 +1,56 @@
 name: Build and Push Image
-on: 
-  push:
-    branches:
-      - master
+on:
+    push:
+        branches:
+            - master

 jobs:
-  build:
-    name: Build and push image
-    runs-on: ubuntu-latest
-    container: catthehacker/ubuntu:act-latest
-    if: gitea.ref == 'refs/heads/master'
+    build:
+        name: Build and push image
+        runs-on: ubuntu-latest
+        container: catthehacker/ubuntu:act-latest
+        if: gitea.ref == 'refs/heads/master'

-    steps:
-    - name: Checkout
-      uses: actions/checkout@v4
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v4

-    - name: Create Kubeconfig
-      run: |
-        mkdir $HOME/.kube
-        echo "${{ secrets.KUBEC_CONFIG_BUILDX }}" > $HOME/.kube/config        
+            - name: Create Kubeconfig
+              run: |
+                  mkdir $HOME/.kube
+                  echo "${{ secrets.KUBEC_CONFIG_BUILDX }}" > $HOME/.kube/config

-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-      with:
-        driver: kubernetes
-        driver-opts: |
-          namespace=gitea-runner
-          qemu.install=true          
+            - name: Set up Docker Buildx
+              uses: docker/setup-buildx-action@v3
+              with:
+                  driver: kubernetes
+                  driver-opts: |
+                      namespace=gitea-runner
+                      qemu.install=true

-    - name: Login to Docker Registry
-      uses: docker/login-action@v3
-      with:
-        registry: git.aridgwayweb.com
-        username: armistace
-        password: ${{ secrets.REG_PASSWORD }}
+            - name: Login to Docker Registry
+              uses: docker/login-action@v3
+              with:
+                  registry: git.aridgwayweb.com
+                  username: armistace
+                  password: ${{ secrets.REG_PASSWORD }}

-    - name: Build and push
-      uses: docker/build-push-action@v5
-      with:
-        context: .
-        push: true
-        platforms: linux/amd64,linux/arm64
-        tags: |
-          git.aridgwayweb.com/armistace/blog:latest    
+            - name: Build and push
+              uses: docker/build-push-action@v5
+              with:
+                  context: .
+                  push: true
+                  platforms: linux/amd64,linux/arm64
+                  tags: |
+                      git.aridgwayweb.com/armistace/blog:latest
+
+            - name: Deploy
+              approvers: armistace
+              minimum-approvals: 1
+              issue-title: "Approval Required for Deploy"
+              issue-body: "Do you want to deploy this blog to production?"
+              run: |
+                  kubectl delete namespace blog
+                  kubectl create namespace blog
+                  kubectl create secret docker-registry regcred --docker-server=${{ vars.DOCKER_SERVER }} --docker-username=${{ vars.DOCKER_USERNAME }} --docker-password=${{ secrets.DOCKER_PASSWORD }} --docker-email=${{ vars.DOCKER_EMAIL }} --namespace=blog
+                  kubectl apply -f kube/blog_pod.yaml && kubectl apply -f kube/blog_deployment.yaml && kubectl apply -f kube/blog_service.yaml
--- a/kube/blog_deployment.yaml
+++ b/kube/blog_deployment.yaml
@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: blog-deployment
+  labels:
+    app: blog
+  namespace: blog
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: blog
+  template:
+    metadata:
+      labels:
+        app: blog
+    spec:
+      containers:
+      - name: blog
+        image: git.aridgwayweb.com/armistace/blog:latest
+        ports:
+        - containerPort: 8000
+      imagePullSecrets:
+        - name: regcred
--- a/kube/blog_pod.yaml
+++ b/kube/blog_pod.yaml
@ -0,0 +1,25 @@
+#apiVersion: v1
+#data:
+#  .dockerconfigjson: eyJhdXRocyI6eyJnaXQuYXJpZGd3YXl3ZWIuY29tIjp7InVzZXJuYW1lIjoiYXJtaXN0YWNlIiwicGFzc3dvcmQiOiJDQHYqTjRvUDYvZXRjU3V4d1Y4c3g5c1x1MDAyNmMjRnRjIiwiZW1haWwiOiJhcjE3Nzg3QGdtYWlsLmNvbSIsImF1dGgiOiJZWEp0YVhOMFlXTmxPa05BZGlwT05HOVFOaTlsZEdOVGRYaDNWamh6ZURsekptTWpSblJqIn19fQ==
+#kind: Secret
+#metadata:
+#  creationTimestamp: "2024-08-13T01:07:13Z"
+#  name: regcred
+#  namespace: blog
+#  resourceVersion: "987829"
+#  uid: 7ab6187c-3569-4126-a2cf-b004f1ec4754
+#type: kubernetes.io/dockerconfigjson
+#---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: blog
+  namespace: blog
+spec:
+  containers:
+  - name: blog
+    image: git.aridgwayweb.com/armistace/blog:latest
+    ports: 
+    - containerPort: 8000
+  imagePullSecrets:
+    - name: regcred
--- a/kube/blog_service.yaml
+++ b/kube/blog_service.yaml
@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: blog-service
+  namespace: blog
+spec:
+  type: NodePort
+  selector:
+    app: blog 
+  ports:
+    - port: 80
+      targetPort: 8000
+      nodePort: 30009