remove legacy crd and add pipeline
This commit is contained in:
parent
ccb1f91ed4
commit
483bfed881
6 changed files with 95 additions and 188 deletions
144
.github/workflows/docker.yml
vendored
144
.github/workflows/docker.yml
vendored
|
@ -1,144 +0,0 @@
|
||||||
name: Docker
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
|
|
||||||
pull_request:
|
|
||||||
|
|
||||||
# Certain actions will only run when this is the main repo.
|
|
||||||
env:
|
|
||||||
MAIN_REPO: ncsa/traefik-certmanager
|
|
||||||
DOCKERHUB_ORG: ncsa
|
|
||||||
PLATFORM: "linux/amd64,linux/arm64"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
docker:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
permissions:
|
|
||||||
packages: write
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
|
|
||||||
# calculate some variables that are used later
|
|
||||||
- name: version information
|
|
||||||
run: |
|
|
||||||
# find out what the BRANCH is, in case of a PR we will use the PR-<number>
|
|
||||||
if [ "${{ github.event.release.target_commitish }}" != "" ]; then
|
|
||||||
BRANCH="${{ github.event.release.target_commitish }}"
|
|
||||||
elif [[ $GITHUB_REF =~ pull ]]; then
|
|
||||||
BRANCH="$(echo $GITHUB_REF | sed 's#refs/pull/\([0-9]*\)/merge#PR-\1#')"
|
|
||||||
else
|
|
||||||
BRANCH=${GITHUB_REF##*/}
|
|
||||||
fi
|
|
||||||
|
|
||||||
# calculate the version and all tags
|
|
||||||
if [ "$BRANCH" == "main" ]; then
|
|
||||||
VERSION="$(awk '/^## / { print $2; exit }' CHANGELOG.md | sed -e 's/\[//' -e 's/\]//')"
|
|
||||||
tags="latest"
|
|
||||||
oldversion=""
|
|
||||||
tmpversion="${VERSION}"
|
|
||||||
while [ "${oldversion}" != "${tmpversion}" ]; do
|
|
||||||
oldversion="${tmpversion}"
|
|
||||||
tags="${tags} ${tmpversion}"
|
|
||||||
tmpversion=${tmpversion%.*}
|
|
||||||
done
|
|
||||||
else
|
|
||||||
VERSION="$BRANCH"
|
|
||||||
tags="$BRANCH"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# should we push to dockerhub, and is there a README
|
|
||||||
DOCKERHUB_PUSH="false"
|
|
||||||
DOCKERHUB_README="false"
|
|
||||||
if [ "${{ github.repository }}" == "${{ env.MAIN_REPO }}" ]; then
|
|
||||||
if [ "${{ secrets.DOCKERHUB_USERNAME }}" != "" -a "${{ secrets.DOCKERHUB_PASSWORD }}" != "" ]; then
|
|
||||||
DOCKERHUB_PUSH="true"
|
|
||||||
if [ -e "README.md" ]; then
|
|
||||||
DOCKERHUB_README="true"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# create a list of all images to be pushed
|
|
||||||
REPO=${GITHUB_REPOSITORY,,}
|
|
||||||
IMAGE="${{ github.event.repository.name }}"
|
|
||||||
IMAGES=""
|
|
||||||
for tag in ${tags}; do
|
|
||||||
if [ "$DOCKERHUB_PUSH" == "true" ]; then
|
|
||||||
IMAGES="${IMAGES}${{ env.DOCKERHUB_ORG }}/${IMAGE}:${tag},"
|
|
||||||
fi
|
|
||||||
IMAGES="${IMAGES}ghcr.io/${REPO}/${IMAGE}:${tag},"
|
|
||||||
done
|
|
||||||
IMAGES="${IMAGES%,*}"
|
|
||||||
|
|
||||||
# save the results in env
|
|
||||||
echo "BRANCH=${BRANCH}"
|
|
||||||
echo "VERSION=${VERSION}"
|
|
||||||
echo "DOCKERHUB_README=${DOCKERHUB_README}"
|
|
||||||
echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}"
|
|
||||||
echo "IMAGES=${IMAGES}"
|
|
||||||
|
|
||||||
echo "BRANCH=${BRANCH}" >> $GITHUB_ENV
|
|
||||||
echo "VERSION=${VERSION}" >> $GITHUB_ENV
|
|
||||||
echo "DOCKERHUB_README=${DOCKERHUB_README}" >> $GITHUB_ENV
|
|
||||||
echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}" >> $GITHUB_ENV
|
|
||||||
echo "IMAGES=${IMAGES}" >> $GITHUB_ENV
|
|
||||||
|
|
||||||
# setup docker build
|
|
||||||
- name: Set up QEMU
|
|
||||||
uses: docker/setup-qemu-action@v2
|
|
||||||
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
id: buildx
|
|
||||||
uses: docker/setup-buildx-action@v2
|
|
||||||
|
|
||||||
- name: Inspect Builder
|
|
||||||
run: |
|
|
||||||
echo "Name: ${{ steps.buildx.outputs.name }}"
|
|
||||||
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
|
|
||||||
echo "Status: ${{ steps.buildx.outputs.status }}"
|
|
||||||
echo "Flags: ${{ steps.buildx.outputs.flags }}"
|
|
||||||
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
|
|
||||||
|
|
||||||
# login to registries
|
|
||||||
- name: Login to DockerHub
|
|
||||||
if: env.DOCKERHUB_PUSH == 'true'
|
|
||||||
uses: docker/login-action@v2
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
|
||||||
|
|
||||||
- name: Login to GitHub Container Registry
|
|
||||||
uses: docker/login-action@v2
|
|
||||||
with:
|
|
||||||
registry: ghcr.io
|
|
||||||
username: ${{ github.actor }}
|
|
||||||
password: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
|
|
||||||
# build the docker images
|
|
||||||
- name: Build and push docker
|
|
||||||
uses: docker/build-push-action@v2
|
|
||||||
with:
|
|
||||||
push: true
|
|
||||||
platforms: ${{ env.PLATFORM }}
|
|
||||||
cache-from: type=gha
|
|
||||||
cache-to: type=gha
|
|
||||||
tags: ${{ env.IMAGES }}
|
|
||||||
build-args: |
|
|
||||||
BRANCH: ${{ env.BRANCH }}
|
|
||||||
VERSION=${{ env.VERSION }}
|
|
||||||
BUILDNUMBER=${{ github.run_number }}
|
|
||||||
GITSHA1=${{ github.sha }}
|
|
||||||
|
|
||||||
# this will update the README of the dockerhub repo
|
|
||||||
- name: Docker Hub Description
|
|
||||||
if: env.DOCKERHUB_README == 'true'
|
|
||||||
uses: peter-evans/dockerhub-description@v2
|
|
||||||
env:
|
|
||||||
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
||||||
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
|
|
||||||
DOCKERHUB_REPOSITORY: ${{ env.DOCKERHUB_ORG }}/${{ github.event.repository.name }}
|
|
||||||
README_FILEPATH: README.md
|
|
37
.github/workflows/release.yaml
vendored
37
.github/workflows/release.yaml
vendored
|
@ -1,37 +0,0 @@
|
||||||
name: Create Release
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
release:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: get release info
|
|
||||||
id: release_info
|
|
||||||
run: |
|
|
||||||
version="$(awk '/^## / { print tolower($2) }' CHANGELOG.md | head -1)"
|
|
||||||
changelog="$(sed -e "1,/^## ${version}/d" -e "/^## /,\$d" CHANGELOG.md)"
|
|
||||||
changelog="${changelog//'%'/'%25'}"
|
|
||||||
changelog="${changelog//$'\n'/'%0A'}"
|
|
||||||
changelog="${changelog//$'\r'/'%0D'}"
|
|
||||||
echo "::set-output name=version::$version"
|
|
||||||
echo "::set-output name=changelog::$changelog"
|
|
||||||
|
|
||||||
- name: create release
|
|
||||||
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && steps.release_info.outputs.version != 'unreleased'
|
|
||||||
uses: actions/create-release@v1
|
|
||||||
id: create_release
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
with:
|
|
||||||
tag_name: ${{ steps.release_info.outputs.version }}
|
|
||||||
release_name: Release ${{ steps.release_info.outputs.version }}
|
|
||||||
body: ${{ steps.release_info.outputs.changelog }}
|
|
35
.woodpecker/.build.yaml
Normal file
35
.woodpecker/.build.yaml
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
steps:
|
||||||
|
- name: docker
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
privileged: true
|
||||||
|
settings:
|
||||||
|
registry: git.ar21.de
|
||||||
|
username:
|
||||||
|
from_secret: REGISTRY_USER
|
||||||
|
password:
|
||||||
|
from_secret: REGISTRY_PASS
|
||||||
|
repo: git.ar21.de/${CI_REPO}
|
||||||
|
tags:
|
||||||
|
- latest
|
||||||
|
- ${CI_PIPELINE_NUMBER}
|
||||||
|
when:
|
||||||
|
- branch: main
|
||||||
|
event: [push, manual]
|
||||||
|
- name: docker-build
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
privileged: true
|
||||||
|
settings:
|
||||||
|
registry: git.ar21.de
|
||||||
|
username:
|
||||||
|
from_secret: REGISTRY_USER
|
||||||
|
password:
|
||||||
|
from_secret: REGISTRY_PASS
|
||||||
|
repo: git.ar21.de/${CI_REPO}
|
||||||
|
tags:
|
||||||
|
- testing-${CI_PIPELINE_NUMBER}
|
||||||
|
when:
|
||||||
|
- branch:
|
||||||
|
exclude: main
|
||||||
|
event: [push, manual]
|
||||||
|
depends_on:
|
||||||
|
- lint
|
57
.woodpecker/.deploy.yaml
Normal file
57
.woodpecker/.deploy.yaml
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
skip_clone: true
|
||||||
|
steps:
|
||||||
|
- name: bump tag in deployment-repo (prod)
|
||||||
|
image: git.ar21.de/aaron/kustomize-ci
|
||||||
|
commands:
|
||||||
|
- git clone https://git.ar21.de/yolokube/core-deployments.git deployment-repo
|
||||||
|
- cd deployment-repo/traefik-certmanager/overlay
|
||||||
|
- kustomize edit set image git.ar21.de/yolokube/traefik-certmanager=git.ar21.de/yolokube/traefik-certmanager:${CI_PIPELINE_NUMBER}
|
||||||
|
when:
|
||||||
|
- branch: main
|
||||||
|
event: push
|
||||||
|
- name: push new tag to deployment-repo (prod)
|
||||||
|
image: appleboy/drone-git-push
|
||||||
|
settings:
|
||||||
|
branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod"
|
||||||
|
remote: ssh://git@git.ar21.de:2222/yolokube/core-deployments.git
|
||||||
|
path: deployment-repo
|
||||||
|
force: false
|
||||||
|
commit: true
|
||||||
|
commit_message: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER} (done automagically via Woodpecker pipeline)"
|
||||||
|
ssh_key:
|
||||||
|
from_secret: FORGEJO_SSH_KEY
|
||||||
|
when:
|
||||||
|
- branch: main
|
||||||
|
event: push
|
||||||
|
- name: create pull request (prod)
|
||||||
|
image: git.ar21.de/tom/push-message-randomizer:latest
|
||||||
|
pull: true
|
||||||
|
settings:
|
||||||
|
gitea_address: https://git.ar21.de
|
||||||
|
gitea_token:
|
||||||
|
from_secret: FORGEJO_API
|
||||||
|
owner: ${CI_REPO_OWNER}
|
||||||
|
repo: deploymentrepo
|
||||||
|
branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod"
|
||||||
|
base_branch: main
|
||||||
|
pr_title: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER}"
|
||||||
|
pr_body: |
|
||||||
|
### ℹ traefik-certmanager image update
|
||||||
|
|
||||||
|
{- random-pr-message -}
|
||||||
|
|
||||||
|
### Configuration
|
||||||
|
|
||||||
|
📅 **Schedule**: Branch creation - At any time, Automerge - At any time.
|
||||||
|
|
||||||
|
🚦 **Automerge**: Enabled.
|
||||||
|
skip_on_missing_branch: true
|
||||||
|
close_pr_if_empty: true
|
||||||
|
delete_branch_if_pr_empty: true
|
||||||
|
merge_when_checks_succeed: true
|
||||||
|
delete_branch_after_merge: true
|
||||||
|
when:
|
||||||
|
- branch: main
|
||||||
|
event: push
|
||||||
|
depends_on:
|
||||||
|
- build
|
8
main.py
8
main.py
|
@ -147,14 +147,10 @@ def main():
|
||||||
signal.signal(signal.SIGINT, exit_gracefully)
|
signal.signal(signal.SIGINT, exit_gracefully)
|
||||||
signal.signal(signal.SIGTERM, exit_gracefully)
|
signal.signal(signal.SIGTERM, exit_gracefully)
|
||||||
|
|
||||||
# deprecated traefik CRD
|
# new traefik CRD
|
||||||
th1 = threading.Thread(target=watch_crd, args=("traefik.containo.us", "v1alpha1", "ingressroutes"), daemon=True)
|
th1 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
|
||||||
th1.start()
|
th1.start()
|
||||||
|
|
||||||
# new traefik CRD
|
|
||||||
th2 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
|
|
||||||
th2.start()
|
|
||||||
|
|
||||||
# wait for threads to finish
|
# wait for threads to finish
|
||||||
while th1.is_alive() and th2.is_alive():
|
while th1.is_alive() and th2.is_alive():
|
||||||
th1.join(0.1)
|
th1.join(0.1)
|
||||||
|
|
|
@ -50,7 +50,7 @@ spec:
|
||||||
serviceAccount: traefik-certmanager
|
serviceAccount: traefik-certmanager
|
||||||
containers:
|
containers:
|
||||||
- name: traefik-certmanager
|
- name: traefik-certmanager
|
||||||
image: kooper/traefik-certmanager
|
image: git.ar21.de/yolokube/traefik-certmanager
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
env:
|
env:
|
||||||
- name: ISSUER_NAME
|
- name: ISSUER_NAME
|
||||||
|
|
Loading…
Reference in a new issue