remove legacy crd and add pipeline
This commit is contained in:
parent
ccb1f91ed4
commit
483bfed881
6 changed files with 95 additions and 188 deletions
144
.github/workflows/docker.yml
vendored
144
.github/workflows/docker.yml
vendored
|
@ -1,144 +0,0 @@
|
|||
name: Docker
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
pull_request:
|
||||
|
||||
# Certain actions will only run when this is the main repo.
|
||||
env:
|
||||
MAIN_REPO: ncsa/traefik-certmanager
|
||||
DOCKERHUB_ORG: ncsa
|
||||
PLATFORM: "linux/amd64,linux/arm64"
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
packages: write
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
# calculate some variables that are used later
|
||||
- name: version information
|
||||
run: |
|
||||
# find out what the BRANCH is, in case of a PR we will use the PR-<number>
|
||||
if [ "${{ github.event.release.target_commitish }}" != "" ]; then
|
||||
BRANCH="${{ github.event.release.target_commitish }}"
|
||||
elif [[ $GITHUB_REF =~ pull ]]; then
|
||||
BRANCH="$(echo $GITHUB_REF | sed 's#refs/pull/\([0-9]*\)/merge#PR-\1#')"
|
||||
else
|
||||
BRANCH=${GITHUB_REF##*/}
|
||||
fi
|
||||
|
||||
# calculate the version and all tags
|
||||
if [ "$BRANCH" == "main" ]; then
|
||||
VERSION="$(awk '/^## / { print $2; exit }' CHANGELOG.md | sed -e 's/\[//' -e 's/\]//')"
|
||||
tags="latest"
|
||||
oldversion=""
|
||||
tmpversion="${VERSION}"
|
||||
while [ "${oldversion}" != "${tmpversion}" ]; do
|
||||
oldversion="${tmpversion}"
|
||||
tags="${tags} ${tmpversion}"
|
||||
tmpversion=${tmpversion%.*}
|
||||
done
|
||||
else
|
||||
VERSION="$BRANCH"
|
||||
tags="$BRANCH"
|
||||
fi
|
||||
|
||||
# should we push to dockerhub, and is there a README
|
||||
DOCKERHUB_PUSH="false"
|
||||
DOCKERHUB_README="false"
|
||||
if [ "${{ github.repository }}" == "${{ env.MAIN_REPO }}" ]; then
|
||||
if [ "${{ secrets.DOCKERHUB_USERNAME }}" != "" -a "${{ secrets.DOCKERHUB_PASSWORD }}" != "" ]; then
|
||||
DOCKERHUB_PUSH="true"
|
||||
if [ -e "README.md" ]; then
|
||||
DOCKERHUB_README="true"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# create a list of all images to be pushed
|
||||
REPO=${GITHUB_REPOSITORY,,}
|
||||
IMAGE="${{ github.event.repository.name }}"
|
||||
IMAGES=""
|
||||
for tag in ${tags}; do
|
||||
if [ "$DOCKERHUB_PUSH" == "true" ]; then
|
||||
IMAGES="${IMAGES}${{ env.DOCKERHUB_ORG }}/${IMAGE}:${tag},"
|
||||
fi
|
||||
IMAGES="${IMAGES}ghcr.io/${REPO}/${IMAGE}:${tag},"
|
||||
done
|
||||
IMAGES="${IMAGES%,*}"
|
||||
|
||||
# save the results in env
|
||||
echo "BRANCH=${BRANCH}"
|
||||
echo "VERSION=${VERSION}"
|
||||
echo "DOCKERHUB_README=${DOCKERHUB_README}"
|
||||
echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}"
|
||||
echo "IMAGES=${IMAGES}"
|
||||
|
||||
echo "BRANCH=${BRANCH}" >> $GITHUB_ENV
|
||||
echo "VERSION=${VERSION}" >> $GITHUB_ENV
|
||||
echo "DOCKERHUB_README=${DOCKERHUB_README}" >> $GITHUB_ENV
|
||||
echo "DOCKERHUB_PUSH=${DOCKERHUB_PUSH}" >> $GITHUB_ENV
|
||||
echo "IMAGES=${IMAGES}" >> $GITHUB_ENV
|
||||
|
||||
# setup docker build
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Inspect Builder
|
||||
run: |
|
||||
echo "Name: ${{ steps.buildx.outputs.name }}"
|
||||
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
|
||||
echo "Status: ${{ steps.buildx.outputs.status }}"
|
||||
echo "Flags: ${{ steps.buildx.outputs.flags }}"
|
||||
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
|
||||
|
||||
# login to registries
|
||||
- name: Login to DockerHub
|
||||
if: env.DOCKERHUB_PUSH == 'true'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# build the docker images
|
||||
- name: Build and push docker
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
push: true
|
||||
platforms: ${{ env.PLATFORM }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha
|
||||
tags: ${{ env.IMAGES }}
|
||||
build-args: |
|
||||
BRANCH: ${{ env.BRANCH }}
|
||||
VERSION=${{ env.VERSION }}
|
||||
BUILDNUMBER=${{ github.run_number }}
|
||||
GITSHA1=${{ github.sha }}
|
||||
|
||||
# this will update the README of the dockerhub repo
|
||||
- name: Docker Hub Description
|
||||
if: env.DOCKERHUB_README == 'true'
|
||||
uses: peter-evans/dockerhub-description@v2
|
||||
env:
|
||||
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||||
DOCKERHUB_REPOSITORY: ${{ env.DOCKERHUB_ORG }}/${{ github.event.repository.name }}
|
||||
README_FILEPATH: README.md
|
37
.github/workflows/release.yaml
vendored
37
.github/workflows/release.yaml
vendored
|
@ -1,37 +0,0 @@
|
|||
name: Create Release
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: get release info
|
||||
id: release_info
|
||||
run: |
|
||||
version="$(awk '/^## / { print tolower($2) }' CHANGELOG.md | head -1)"
|
||||
changelog="$(sed -e "1,/^## ${version}/d" -e "/^## /,\$d" CHANGELOG.md)"
|
||||
changelog="${changelog//'%'/'%25'}"
|
||||
changelog="${changelog//$'\n'/'%0A'}"
|
||||
changelog="${changelog//$'\r'/'%0D'}"
|
||||
echo "::set-output name=version::$version"
|
||||
echo "::set-output name=changelog::$changelog"
|
||||
|
||||
- name: create release
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && steps.release_info.outputs.version != 'unreleased'
|
||||
uses: actions/create-release@v1
|
||||
id: create_release
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
tag_name: ${{ steps.release_info.outputs.version }}
|
||||
release_name: Release ${{ steps.release_info.outputs.version }}
|
||||
body: ${{ steps.release_info.outputs.changelog }}
|
35
.woodpecker/.build.yaml
Normal file
35
.woodpecker/.build.yaml
Normal file
|
@ -0,0 +1,35 @@
|
|||
steps:
|
||||
- name: docker
|
||||
image: woodpeckerci/plugin-docker-buildx
|
||||
privileged: true
|
||||
settings:
|
||||
registry: git.ar21.de
|
||||
username:
|
||||
from_secret: REGISTRY_USER
|
||||
password:
|
||||
from_secret: REGISTRY_PASS
|
||||
repo: git.ar21.de/${CI_REPO}
|
||||
tags:
|
||||
- latest
|
||||
- ${CI_PIPELINE_NUMBER}
|
||||
when:
|
||||
- branch: main
|
||||
event: [push, manual]
|
||||
- name: docker-build
|
||||
image: woodpeckerci/plugin-docker-buildx
|
||||
privileged: true
|
||||
settings:
|
||||
registry: git.ar21.de
|
||||
username:
|
||||
from_secret: REGISTRY_USER
|
||||
password:
|
||||
from_secret: REGISTRY_PASS
|
||||
repo: git.ar21.de/${CI_REPO}
|
||||
tags:
|
||||
- testing-${CI_PIPELINE_NUMBER}
|
||||
when:
|
||||
- branch:
|
||||
exclude: main
|
||||
event: [push, manual]
|
||||
depends_on:
|
||||
- lint
|
57
.woodpecker/.deploy.yaml
Normal file
57
.woodpecker/.deploy.yaml
Normal file
|
@ -0,0 +1,57 @@
|
|||
skip_clone: true
|
||||
steps:
|
||||
- name: bump tag in deployment-repo (prod)
|
||||
image: git.ar21.de/aaron/kustomize-ci
|
||||
commands:
|
||||
- git clone https://git.ar21.de/yolokube/core-deployments.git deployment-repo
|
||||
- cd deployment-repo/traefik-certmanager/overlay
|
||||
- kustomize edit set image git.ar21.de/yolokube/traefik-certmanager=git.ar21.de/yolokube/traefik-certmanager:${CI_PIPELINE_NUMBER}
|
||||
when:
|
||||
- branch: main
|
||||
event: push
|
||||
- name: push new tag to deployment-repo (prod)
|
||||
image: appleboy/drone-git-push
|
||||
settings:
|
||||
branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod"
|
||||
remote: ssh://git@git.ar21.de:2222/yolokube/core-deployments.git
|
||||
path: deployment-repo
|
||||
force: false
|
||||
commit: true
|
||||
commit_message: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER} (done automagically via Woodpecker pipeline)"
|
||||
ssh_key:
|
||||
from_secret: FORGEJO_SSH_KEY
|
||||
when:
|
||||
- branch: main
|
||||
event: push
|
||||
- name: create pull request (prod)
|
||||
image: git.ar21.de/tom/push-message-randomizer:latest
|
||||
pull: true
|
||||
settings:
|
||||
gitea_address: https://git.ar21.de
|
||||
gitea_token:
|
||||
from_secret: FORGEJO_API
|
||||
owner: ${CI_REPO_OWNER}
|
||||
repo: deploymentrepo
|
||||
branch: "${CI_PIPELINE_NUMBER}_traefik-certmanager_prod"
|
||||
base_branch: main
|
||||
pr_title: "traefik-certmanager: update image tag to ${CI_PIPELINE_NUMBER}"
|
||||
pr_body: |
|
||||
### ℹ traefik-certmanager image update
|
||||
|
||||
{- random-pr-message -}
|
||||
|
||||
### Configuration
|
||||
|
||||
📅 **Schedule**: Branch creation - At any time, Automerge - At any time.
|
||||
|
||||
🚦 **Automerge**: Enabled.
|
||||
skip_on_missing_branch: true
|
||||
close_pr_if_empty: true
|
||||
delete_branch_if_pr_empty: true
|
||||
merge_when_checks_succeed: true
|
||||
delete_branch_after_merge: true
|
||||
when:
|
||||
- branch: main
|
||||
event: push
|
||||
depends_on:
|
||||
- build
|
8
main.py
8
main.py
|
@ -147,13 +147,9 @@ def main():
|
|||
signal.signal(signal.SIGINT, exit_gracefully)
|
||||
signal.signal(signal.SIGTERM, exit_gracefully)
|
||||
|
||||
# deprecated traefik CRD
|
||||
th1 = threading.Thread(target=watch_crd, args=("traefik.containo.us", "v1alpha1", "ingressroutes"), daemon=True)
|
||||
th1.start()
|
||||
|
||||
# new traefik CRD
|
||||
th2 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
|
||||
th2.start()
|
||||
th1 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
|
||||
th1.start()
|
||||
|
||||
# wait for threads to finish
|
||||
while th1.is_alive() and th2.is_alive():
|
||||
|
|
|
@ -50,7 +50,7 @@ spec:
|
|||
serviceAccount: traefik-certmanager
|
||||
containers:
|
||||
- name: traefik-certmanager
|
||||
image: kooper/traefik-certmanager
|
||||
image: git.ar21.de/yolokube/traefik-certmanager
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: ISSUER_NAME
|
||||
|
|
Loading…
Reference in a new issue