diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 290ca4c..0000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,144 +0,0 @@ -name: Docker - -on: - push: - branches: - - main - - pull_request: - -# Certain actions will only run when this is the main repo. -env: - MAIN_REPO: ncsa/traefik-certmanager - DOCKERHUB_ORG: ncsa - PLATFORM: "linux/amd64,linux/arm64" - -jobs: - docker: - runs-on: ubuntu-latest - permissions: - packages: write - - steps: - - uses: actions/checkout@v2 - - # calculate some variables that are used later - - name: version information - run: | - # find out what the BRANCH is, in case of a PR we will use the PR- - if [ "${{ github.event.release.target_commitish }}" != "" ]; then - BRANCH="${{ github.event.release.target_commitish }}" - elif [[ $GITHUB_REF =~ pull ]]; then - BRANCH="$(echo $GITHUB_REF | sed 's#refs/pull/\([0-9]*\)/merge#PR-\1#')" - else - BRANCH=${GITHUB_REF##*/} - fi - - # calculate the version and all tags - if [ "$BRANCH" == "main" ]; then - VERSION="$(awk '/^## / { print $2; exit }' CHANGELOG.md | sed -e 's/\[//' -e 's/\]//')" - tags="latest" - oldversion="" - tmpversion="${VERSION}" - while [ "${oldversion}" != "${tmpversion}" ]; do - oldversion="${tmpversion}" - tags="${tags} ${tmpversion}" - tmpversion=${tmpversion%.*} - done - else - VERSION="$BRANCH" - tags="$BRANCH" - fi - - # should we push to dockerhub, and is there a README - DOCKERHUB_PUSH="false" - DOCKERHUB_README="false" - if [ "${{ github.repository }}" == "${{ env.MAIN_REPO }}" ]; then - if [ "${{ secrets.DOCKERHUB_USERNAME }}" != "" -a "${{ secrets.DOCKERHUB_PASSWORD }}" != "" ]; then - DOCKERHUB_PUSH="true" - if [ -e "README.md" ]; then - DOCKERHUB_README="true" - fi - fi - fi - - # create a list of all images to be pushed - REPO=${GITHUB_REPOSITORY,,} - IMAGE="${{ github.event.repository.name }}" - IMAGES="" - for tag in ${tags}; do - if [ "$DOCKERHUB_PUSH" == "true" ]; then - IMAGES="${IMAGES}${{ env.DOCKERHUB_ORG }}/${IMAGE}:${tag}," - fi - IMAGES="${IMAGES}ghcr.io/${REPO}/${IMAGE}:${tag}," - done - IMAGES="${IMAGES%,*}" - - # save the results in env - echo "BRANCH=${BRANCH}" - echo "VERSION=${VERSION}" - echo "DOCKERHUB_README=${DOCKERHUB_README}" - echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}" - echo "IMAGES=${IMAGES}" - - echo "BRANCH=${BRANCH}" >> $GITHUB_ENV - echo "VERSION=${VERSION}" >> $GITHUB_ENV - echo "DOCKERHUB_README=${DOCKERHUB_README}" >> $GITHUB_ENV - echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}" >> $GITHUB_ENV - echo "IMAGES=${IMAGES}" >> $GITHUB_ENV - - # setup docker build - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - - - name: Inspect Builder - run: | - echo "Name: ${{ steps.buildx.outputs.name }}" - echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" - echo "Status: ${{ steps.buildx.outputs.status }}" - echo "Flags: ${{ steps.buildx.outputs.flags }}" - echo "Platforms: ${{ steps.buildx.outputs.platforms }}" - - # login to registries - - name: Login to DockerHub - if: env.DOCKERHUB_PUSH == 'true' - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - # build the docker images - - name: Build and push docker - uses: docker/build-push-action@v2 - with: - push: true - platforms: ${{ env.PLATFORM }} - cache-from: type=gha - cache-to: type=gha - tags: ${{ env.IMAGES }} - build-args: | - BRANCH: ${{ env.BRANCH }} - VERSION=${{ env.VERSION }} - BUILDNUMBER=${{ github.run_number }} - GITSHA1=${{ github.sha }} - - # this will update the README of the dockerhub repo - - name: Docker Hub Description - if: env.DOCKERHUB_README == 'true' - uses: peter-evans/dockerhub-description@v2 - env: - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - DOCKERHUB_REPOSITORY: ${{ env.DOCKERHUB_ORG }}/${{ github.event.repository.name }} - README_FILEPATH: README.md diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index c6497c5..0000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,37 +0,0 @@ -name: Create Release - -on: - push: - branches: - - main - -jobs: - release: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - - name: get release info - id: release_info - run: | - version="$(awk '/^## / { print tolower($2) }' CHANGELOG.md | head -1)" - changelog="$(sed -e "1,/^## ${version}/d" -e "/^## /,\$d" CHANGELOG.md)" - changelog="${changelog//'%'/'%25'}" - changelog="${changelog//$'\n'/'%0A'}" - changelog="${changelog//$'\r'/'%0D'}" - echo "::set-output name=version::$version" - echo "::set-output name=changelog::$changelog" - - - name: create release - if: github.event_name == 'push' && github.ref == 'refs/heads/main' && steps.release_info.outputs.version != 'unreleased' - uses: actions/create-release@v1 - id: create_release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.release_info.outputs.version }} - release_name: Release ${{ steps.release_info.outputs.version }} - body: ${{ steps.release_info.outputs.changelog }} diff --git a/.woodpecker/.build.yaml b/.woodpecker/.build.yaml new file mode 100644 index 0000000..72a316f --- /dev/null +++ b/.woodpecker/.build.yaml @@ -0,0 +1,35 @@ +steps: +- name: docker + image: woodpeckerci/plugin-docker-buildx + privileged: true + settings: + registry: git.ar21.de + username: + from_secret: REGISTRY_USER + password: + from_secret: REGISTRY_PASS + repo: git.ar21.de/${CI_REPO} + tags: + - latest + - ${CI_PIPELINE_NUMBER} + when: + - branch: main + event: [push, manual] +- name: docker-build + image: woodpeckerci/plugin-docker-buildx + privileged: true + settings: + registry: git.ar21.de + username: + from_secret: REGISTRY_USER + password: + from_secret: REGISTRY_PASS + repo: git.ar21.de/${CI_REPO} + tags: + - testing-${CI_PIPELINE_NUMBER} + when: + - branch: + exclude: main + event: [push, manual] +depends_on: + - lint diff --git a/.woodpecker/.deploy.yaml b/.woodpecker/.deploy.yaml new file mode 100644 index 0000000..827232f --- /dev/null +++ b/.woodpecker/.deploy.yaml @@ -0,0 +1,57 @@ +skip_clone: true +steps: +- name: bump tag in deployment-repo (prod) + image: git.ar21.de/aaron/kustomize-ci + commands: + - git clone https://git.ar21.de/yolokube/core-deployments.git deployment-repo + - cd deployment-repo/traefik-certmanager/overlay + - kustomize edit set image git.ar21.de/yolokube/traefik-certmanager=git.ar21.de/yolokube/traefik-certmanager:${CI_PIPELINE_NUMBER} + when: + - branch: main + event: push +- name: push new tag to deployment-repo (prod) + image: appleboy/drone-git-push + settings: + branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod" + remote: ssh://git@git.ar21.de:2222/yolokube/core-deployments.git + path: deployment-repo + force: false + commit: true + commit_message: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER} (done automagically via Woodpecker pipeline)" + ssh_key: + from_secret: FORGEJO_SSH_KEY + when: + - branch: main + event: push +- name: create pull request (prod) + image: git.ar21.de/tom/push-message-randomizer:latest + pull: true + settings: + gitea_address: https://git.ar21.de + gitea_token: + from_secret: FORGEJO_API + owner: ${CI_REPO_OWNER} + repo: deploymentrepo + branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod" + base_branch: main + pr_title: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER}" + pr_body: | + ### ℹ traefik-certmanager image update + + {- random-pr-message -} + + ### Configuration + + 📅 **Schedule**: Branch creation - At any time, Automerge - At any time. + + 🚦 **Automerge**: Enabled. + skip_on_missing_branch: true + close_pr_if_empty: true + delete_branch_if_pr_empty: true + merge_when_checks_succeed: true + delete_branch_after_merge: true + when: + - branch: main + event: push +depends_on: + - build diff --git a/main.py b/main.py index 7e6dc3d..4de9597 100644 --- a/main.py +++ b/main.py @@ -147,14 +147,10 @@ def main(): signal.signal(signal.SIGINT, exit_gracefully) signal.signal(signal.SIGTERM, exit_gracefully) - # deprecated traefik CRD - th1 = threading.Thread(target=watch_crd, args=("traefik.containo.us", "v1alpha1", "ingressroutes"), daemon=True) + # new traefik CRD + th1 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True) th1.start() - # new traefik CRD - th2 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True) - th2.start() - # wait for threads to finish while th1.is_alive() and th2.is_alive(): th1.join(0.1) diff --git a/traefik-certmanager.yaml b/traefik-certmanager.yaml index b6b6dce..e05c62d 100644 --- a/traefik-certmanager.yaml +++ b/traefik-certmanager.yaml @@ -50,7 +50,7 @@ spec: serviceAccount: traefik-certmanager containers: - name: traefik-certmanager - image: kooper/traefik-certmanager + image: git.ar21.de/yolokube/traefik-certmanager imagePullPolicy: Always env: - name: ISSUER_NAME