remove legacy crd and add pipeline

This commit is contained in:
Aaron Riedel 2024-12-22 18:17:37 +01:00
parent ccb1f91ed4
commit 483bfed881
Signed by: aaron
GPG key ID: 643004654D40D577
6 changed files with 95 additions and 188 deletions

View file

@ -1,144 +0,0 @@
name: Docker
on:
push:
branches:
- main
pull_request:
# Certain actions will only run when this is the main repo.
env:
MAIN_REPO: ncsa/traefik-certmanager
DOCKERHUB_ORG: ncsa
PLATFORM: "linux/amd64,linux/arm64"
jobs:
docker:
runs-on: ubuntu-latest
permissions:
packages: write
steps:
- uses: actions/checkout@v2
# calculate some variables that are used later
- name: version information
run: |
# find out what the BRANCH is, in case of a PR we will use the PR-<number>
if [ "${{ github.event.release.target_commitish }}" != "" ]; then
BRANCH="${{ github.event.release.target_commitish }}"
elif [[ $GITHUB_REF =~ pull ]]; then
BRANCH="$(echo $GITHUB_REF | sed 's#refs/pull/\([0-9]*\)/merge#PR-\1#')"
else
BRANCH=${GITHUB_REF##*/}
fi
# calculate the version and all tags
if [ "$BRANCH" == "main" ]; then
VERSION="$(awk '/^## / { print $2; exit }' CHANGELOG.md | sed -e 's/\[//' -e 's/\]//')"
tags="latest"
oldversion=""
tmpversion="${VERSION}"
while [ "${oldversion}" != "${tmpversion}" ]; do
oldversion="${tmpversion}"
tags="${tags} ${tmpversion}"
tmpversion=${tmpversion%.*}
done
else
VERSION="$BRANCH"
tags="$BRANCH"
fi
# should we push to dockerhub, and is there a README
DOCKERHUB_PUSH="false"
DOCKERHUB_README="false"
if [ "${{ github.repository }}" == "${{ env.MAIN_REPO }}" ]; then
if [ "${{ secrets.DOCKERHUB_USERNAME }}" != "" -a "${{ secrets.DOCKERHUB_PASSWORD }}" != "" ]; then
DOCKERHUB_PUSH="true"
if [ -e "README.md" ]; then
DOCKERHUB_README="true"
fi
fi
fi
# create a list of all images to be pushed
REPO=${GITHUB_REPOSITORY,,}
IMAGE="${{ github.event.repository.name }}"
IMAGES=""
for tag in ${tags}; do
if [ "$DOCKERHUB_PUSH" == "true" ]; then
IMAGES="${IMAGES}${{ env.DOCKERHUB_ORG }}/${IMAGE}:${tag},"
fi
IMAGES="${IMAGES}ghcr.io/${REPO}/${IMAGE}:${tag},"
done
IMAGES="${IMAGES%,*}"
# save the results in env
echo "BRANCH=${BRANCH}"
echo "VERSION=${VERSION}"
echo "DOCKERHUB_README=${DOCKERHUB_README}"
echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}"
echo "IMAGES=${IMAGES}"
echo "BRANCH=${BRANCH}" >> $GITHUB_ENV
echo "VERSION=${VERSION}" >> $GITHUB_ENV
echo "DOCKERHUB_README=${DOCKERHUB_README}" >> $GITHUB_ENV
echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}" >> $GITHUB_ENV
echo "IMAGES=${IMAGES}" >> $GITHUB_ENV
# setup docker build
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Inspect Builder
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
# login to registries
- name: Login to DockerHub
if: env.DOCKERHUB_PUSH == 'true'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# build the docker images
- name: Build and push docker
uses: docker/build-push-action@v2
with:
push: true
platforms: ${{ env.PLATFORM }}
cache-from: type=gha
cache-to: type=gha
tags: ${{ env.IMAGES }}
build-args: |
BRANCH: ${{ env.BRANCH }}
VERSION=${{ env.VERSION }}
BUILDNUMBER=${{ github.run_number }}
GITSHA1=${{ github.sha }}
# this will update the README of the dockerhub repo
- name: Docker Hub Description
if: env.DOCKERHUB_README == 'true'
uses: peter-evans/dockerhub-description@v2
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
DOCKERHUB_REPOSITORY: ${{ env.DOCKERHUB_ORG }}/${{ github.event.repository.name }}
README_FILEPATH: README.md

View file

@ -1,37 +0,0 @@
name: Create Release
on:
push:
branches:
- main
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: get release info
id: release_info
run: |
version="$(awk '/^## / { print tolower($2) }' CHANGELOG.md | head -1)"
changelog="$(sed -e "1,/^## ${version}/d" -e "/^## /,\$d" CHANGELOG.md)"
changelog="${changelog//'%'/'%25'}"
changelog="${changelog//$'\n'/'%0A'}"
changelog="${changelog//$'\r'/'%0D'}"
echo "::set-output name=version::$version"
echo "::set-output name=changelog::$changelog"
- name: create release
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && steps.release_info.outputs.version != 'unreleased'
uses: actions/create-release@v1
id: create_release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.release_info.outputs.version }}
release_name: Release ${{ steps.release_info.outputs.version }}
body: ${{ steps.release_info.outputs.changelog }}

35
.woodpecker/.build.yaml Normal file
View file

@ -0,0 +1,35 @@
steps:
- name: docker
image: woodpeckerci/plugin-docker-buildx
privileged: true
settings:
registry: git.ar21.de
username:
from_secret: REGISTRY_USER
password:
from_secret: REGISTRY_PASS
repo: git.ar21.de/${CI_REPO}
tags:
- latest
- ${CI_PIPELINE_NUMBER}
when:
- branch: main
event: [push, manual]
- name: docker-build
image: woodpeckerci/plugin-docker-buildx
privileged: true
settings:
registry: git.ar21.de
username:
from_secret: REGISTRY_USER
password:
from_secret: REGISTRY_PASS
repo: git.ar21.de/${CI_REPO}
tags:
- testing-${CI_PIPELINE_NUMBER}
when:
- branch:
exclude: main
event: [push, manual]
depends_on:
- lint

57
.woodpecker/.deploy.yaml Normal file
View file

@ -0,0 +1,57 @@
skip_clone: true
steps:
- name: bump tag in deployment-repo (prod)
image: git.ar21.de/aaron/kustomize-ci
commands:
- git clone https://git.ar21.de/yolokube/core-deployments.git deployment-repo
- cd deployment-repo/traefik-certmanager/overlay
- kustomize edit set image git.ar21.de/yolokube/traefik-certmanager=git.ar21.de/yolokube/traefik-certmanager:${CI_PIPELINE_NUMBER}
when:
- branch: main
event: push
- name: push new tag to deployment-repo (prod)
image: appleboy/drone-git-push
settings:
branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod"
remote: ssh://git@git.ar21.de:2222/yolokube/core-deployments.git
path: deployment-repo
force: false
commit: true
commit_message: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER} (done automagically via Woodpecker pipeline)"
ssh_key:
from_secret: FORGEJO_SSH_KEY
when:
- branch: main
event: push
- name: create pull request (prod)
image: git.ar21.de/tom/push-message-randomizer:latest
pull: true
settings:
gitea_address: https://git.ar21.de
gitea_token:
from_secret: FORGEJO_API
owner: ${CI_REPO_OWNER}
repo: deploymentrepo
branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod"
base_branch: main
pr_title: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER}"
pr_body: |
### traefik-certmanager image update
{- random-pr-message -}
### Configuration
📅 **Schedule**: Branch creation - At any time, Automerge - At any time.
🚦 **Automerge**: Enabled.
skip_on_missing_branch: true
close_pr_if_empty: true
delete_branch_if_pr_empty: true
merge_when_checks_succeed: true
delete_branch_after_merge: true
when:
- branch: main
event: push
depends_on:
- build

View file

@ -147,14 +147,10 @@ def main():
signal.signal(signal.SIGINT, exit_gracefully) signal.signal(signal.SIGINT, exit_gracefully)
signal.signal(signal.SIGTERM, exit_gracefully) signal.signal(signal.SIGTERM, exit_gracefully)
# deprecated traefik CRD # new traefik CRD
th1 = threading.Thread(target=watch_crd, args=("traefik.containo.us", "v1alpha1", "ingressroutes"), daemon=True) th1 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
th1.start() th1.start()
# new traefik CRD
th2 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
th2.start()
# wait for threads to finish # wait for threads to finish
while th1.is_alive() and th2.is_alive(): while th1.is_alive() and th2.is_alive():
th1.join(0.1) th1.join(0.1)

View file

@ -50,7 +50,7 @@ spec:
serviceAccount: traefik-certmanager serviceAccount: traefik-certmanager
containers: containers:
- name: traefik-certmanager - name: traefik-certmanager
image: kooper/traefik-certmanager image: git.ar21.de/yolokube/traefik-certmanager
imagePullPolicy: Always imagePullPolicy: Always
env: env:
- name: ISSUER_NAME - name: ISSUER_NAME