deploy
This commit is contained in:
parent
4f648f1666
commit
9dbb56f30a
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
deployment/secrets.txt
|
36
.woodpecker.yml
Normal file
36
.woodpecker.yml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
steps:
|
||||||
|
build:
|
||||||
|
image: plugins/kaniko
|
||||||
|
settings:
|
||||||
|
repo: ${FORGE_NAME}/${CI_REPO}
|
||||||
|
registry:
|
||||||
|
from_secret: container_registry
|
||||||
|
tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG}
|
||||||
|
username:
|
||||||
|
from_secret: container_registry_username
|
||||||
|
password:
|
||||||
|
from_secret: container_registry_password
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
when:
|
||||||
|
- event: [push, tag]
|
||||||
|
scan_image:
|
||||||
|
image: aquasec/trivy
|
||||||
|
commands:
|
||||||
|
- trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --quiet --exit-code 1
|
||||||
|
when:
|
||||||
|
- event: [push, tag]
|
||||||
|
deploy:
|
||||||
|
image: quay.io/wollud1969/k8s-admin-helper:0.1.3
|
||||||
|
environment:
|
||||||
|
KUBE_CONFIG_CONTENT:
|
||||||
|
from_secret: kube_config
|
||||||
|
GPG_PASSPHRASE:
|
||||||
|
from_secret: gpg_passphrase
|
||||||
|
commands:
|
||||||
|
- export IMAGE_TAG=$CI_COMMIT_TAG
|
||||||
|
- printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
|
||||||
|
- export KUBECONFIG=/tmp/kubeconfig
|
||||||
|
- ./deployment/deploy.sh
|
||||||
|
when:
|
||||||
|
- event: tag
|
||||||
|
|
16
deployment/deploy-yml.tmpl
Normal file
16
deployment/deploy-yml.tmpl
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
apiVersion: batch/v1
|
||||||
|
kind: CronJob
|
||||||
|
metadata:
|
||||||
|
name: pv-energy-calculator
|
||||||
|
spec:
|
||||||
|
schedule: "1 1 * * *"
|
||||||
|
jobTemplate:
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: pv-energy-calculator
|
||||||
|
image: %IMAGE%
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: pv-energy-calculator
|
43
deployment/deploy.sh
Executable file
43
deployment/deploy.sh
Executable file
@ -0,0 +1,43 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [ "$IMAGE_TAG" == "" ]; then
|
||||||
|
echo "Make sure IMAGE_TAG is set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ "$GPG_PASSPHRASE" == "" ]; then
|
||||||
|
echo "Make sure GPG_PASSPHRASE is set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
IMAGE_NAME=gitea.hottis.de/wn/pv-energy-calculator
|
||||||
|
NAMESPACE=homea
|
||||||
|
DEPLOYMENT_DIR=$PWD/deployment
|
||||||
|
|
||||||
|
pushd $DEPLOYMENT_DIR > /dev/null
|
||||||
|
SECRETS_FILE=`mktemp`
|
||||||
|
pwd
|
||||||
|
id
|
||||||
|
echo $HOME
|
||||||
|
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output $SECRETS_FILE secrets.asc
|
||||||
|
. $SECRETS_FILE
|
||||||
|
rm $SECRETS_FILE
|
||||||
|
|
||||||
|
kubectl create namespace $NAMESPACE \
|
||||||
|
--dry-run=client \
|
||||||
|
-o yaml | \
|
||||||
|
kubectl -f - apply
|
||||||
|
|
||||||
|
kubectl create secret generic pv-energy-calculator \
|
||||||
|
--dry-run=client \
|
||||||
|
-o yaml \
|
||||||
|
--save-config \
|
||||||
|
--from-literal=PGPASSWORD="$PGPASSWORD" \
|
||||||
|
kubectl apply -f - -n $NAMESPACE
|
||||||
|
|
||||||
|
cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
|
||||||
|
sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
|
||||||
|
kubectl apply -f - -n $NAMESPACE
|
||||||
|
|
||||||
|
popd > /dev/null
|
||||||
|
|
||||||
|
|
7
deployment/secrets.asc
Normal file
7
deployment/secrets.asc
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
jA0ECQMIVw/NpawXlvj80mwBJYibjsXHXqgIV4lUIoQt//i2pZQjVXAGT5I+QTCy
|
||||||
|
UGv46tNuY3UtvbMyZI4lVHd/FMYvcAlHAYwzy09xojQTrzQoyvGG2lO0O5wfVn2M
|
||||||
|
Bj3oiUY4yqLF8FSiotSfFNRJAluifUtyk7onK8Q=
|
||||||
|
=sY15
|
||||||
|
-----END PGP MESSAGE-----
|
Loading…
x
Reference in New Issue
Block a user