11 Commits
0.0.5 ... 0.2.3

Author SHA1 Message Date
55803d3a5c debug
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
ci/woodpecker/tag/woodpecker Pipeline was successful
2025-01-22 16:00:53 +01:00
f46f7b06d1 gpg fix
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful
2025-01-22 15:46:44 +01:00
8af7497bad secrets
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful
2025-01-22 15:16:39 +01:00
87bb67365a secrets
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2025-01-22 15:08:18 +01:00
fcdf97a9fa new secret
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2025-01-21 22:17:38 +01:00
7483095d5f add plotly
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful
2025-01-21 18:42:52 +01:00
e2e497270d pvc added
All checks were successful
ci/woodpecker/tag/woodpecker Pipeline was successful
ci/woodpecker/push/woodpecker Pipeline was successful
2024-06-02 13:19:24 +02:00
492bd7292d fix 2
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful
2024-01-29 17:55:16 +01:00
e8e561ed27 fix
All checks were successful
ci/woodpecker/tag/woodpecker Pipeline was successful
ci/woodpecker/push/woodpecker Pipeline was successful
2024-01-29 17:52:24 +01:00
626441ad42 nothing
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful
2024-01-29 17:37:47 +01:00
cb4c5ab769 secrets
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2024-01-29 17:32:14 +01:00
7 changed files with 68 additions and 11 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
deployment/secrets.txt

View File

@ -15,14 +15,18 @@ steps:
- event: [push, tag]
deploy:
image: portainer/kubectl-shell:latest
image: quay.io/wollud1969/k8s-admin-helper:0.1.2
secrets:
- source: kube_config
target: KUBE_CONFIG_CONTENT
- source: gpg_passphrase
target: GPG_PASSPHRASE
commands:
- export IMAGE_TAG=$CI_COMMIT_TAG
- printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
- export KUBECONFIG=/tmp/kubeconfig
- id
- pwd
- ./deployment/deploy.sh
when:
- event: tag

View File

@ -13,6 +13,7 @@ USER $NB_USER
RUN \
conda update -y -n base conda && \
pip install psycopg && \
pip install plotly && \
conda install -y pandas-datareader && \
fix-permissions $CONDA_DIR && \
fix-permissions /home/$NB_USER

View File

@ -19,6 +19,8 @@ metadata:
name: traefik-forward-auth
labels:
app: traefik-forward-auth
annotations:
secret.reloader.stakater.com/reload: traefik-forward-auth
spec:
replicas: 1
selector:
@ -144,6 +146,18 @@ spec:
- X-Forwarded-User
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jupyter-workspace
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs-client
resources:
requests:
storage: 100Mi
---
apiVersion: apps/v1
kind: Deployment
metadata:
@ -169,6 +183,17 @@ spec:
env:
- name: JUPYTER_PORT
value: "8888"
envFrom:
- secretRef:
name: jupyter
volumeMounts:
- mountPath: /home/jovyan/work
name: work
volumes:
- name: work
persistentVolumeClaim:
claimName: jupyter-workspace
---
apiVersion: v1
kind: Service

View File

@ -4,19 +4,43 @@ if [ "$IMAGE_TAG" == "" ]; then
echo "Make sure IMAGE_TAG is set"
exit 1
fi
if [ "$GPG_PASSPHRASE" == "" ]; then
echo "Make sure GPG_PASSPHRASE is set"
exit 1
fi
IMAGE_NAME=gitea.hottis.de/wn/jupyter-scipy-database-extension
NAMESPACE=jupyter
DEPLOYMENT_DIR=$PWD/deployment
pushd $DEPLOYMENT_DIR > /dev/null
SECRETS_FILE=`mktemp`
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --output $SECRETS_FILE secrets.asc
. $SECRETS_FILE
rm $SECRETS_FILE
kubectl create namespace $NAMESPACE \
--dry-run=client \
-o yaml | \
kubectl -f - apply
kubectl create secret generic traefik-forward-auth \
--dry-run=client \
-o yaml \
--save-config \
--from-literal=PROVIDERS_OIDC_CLIENT_SECRET="$PROVIDERS_OIDC_CLIENT_SECRET" \
--from-literal=SECRET="$SECRET" | \
kubectl apply -f - -n $NAMESPACE
kubectl create secret generic jupyter \
--dry-run=client \
-o yaml \
--save-config \
--from-literal=PGHOST="$PGHOST" | \
--from-literal=PGUSER="$PGUSER" | \
--from-literal=PGPASSWORD="$PGPASSWORD" | \
--from-literal=PGSSLMODE="$PGSSLMODE" | \
kubectl apply -f - -n $NAMESPACE
cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
@ -24,3 +48,4 @@ cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
popd > /dev/null

View File

@ -1,9 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: traefik-forward-auth
type: Opaque
data:
PROVIDERS_OIDC_CLIENT_SECRET: PLACEHOLDER
SECRET: PLACEHOLDER

10
deployment/secrets.asc Normal file
View File

@ -0,0 +1,10 @@
-----BEGIN PGP MESSAGE-----
jA0ECQMIDcQyZABQeUf80sBKAQqlG05S05vOpXgoo7dj3iuiAXzOXA+M49yRAJwO
2T4OhVeEeUAkrzWNWtarDh8K6FJMS9wxhU6PkoJmry3+krIN+IvGGiMvRaxekB2F
xS6hA4eSH0GIKf7bzYSBekuyI0PuIXWozy4u8cK17mguPjWml3pp7niRmhDlSHyA
S8RBgiYCuVE4xk9jmJUPosHbDDpzuNb46iYQQdL7XGTVuASB7sujptgmn+ZJrs3i
kS6Qzkc6eCd6aDqqNwcynwzIi1e/jBk/zihEEY7qYPcU2Wsw0y9QqFRFR7F3WGUz
8MNv4bnC60awXzO9O3FTxe1JrkWN+V+q25iElLm2rpUUaPTNjyehnAmK0ho=
=/vom
-----END PGP MESSAGE-----