added default workflows

2025-01-07 16:23:51 +03:00
parent 7dabe9f65c
commit aea2e1729e
4 changed files with 237 additions and 154 deletions
--- a/.gitea/workflows/k8s-deploy.yml
+++ b/.gitea/workflows/k8s-deploy.yml
@@ -0,0 +1,106 @@
+name: Workflow for deploy helm to k8s
+on:
+  workflow_call:
+    inputs:
+      APP_NAME:
+        required: true
+        type: string
+        description: Application name which would be the name of Docker and Helm release
+      REGISTRY:
+        required: true
+        type: string
+        default: registry.project-rent-dev.com
+      PROD_NAMESPACE:
+        required: true
+        type: string        
+        description: Namespace where PROD Helm Release would be install
+        default: greedy
+      DEV_NAMESPACE:
+        required: true
+        type: string        
+        description: Namespace where DEV Helm Release would be install
+        default: greedy-dev
+      PROD_VALUES_FILE:
+        required: true
+        type: string        
+        description: Prod values file location in repo
+        default: chart/values-prod.yaml     
+      DEV_VALUES_FILE:
+        required: true
+        type: string        
+        description: Dev values file location in repo
+        default: chart/values-dev.yaml     
+      REGISTRY_USER:
+        type: string
+        default: registry-bot  
+        description: Because of gitea registry specific docker images path we need that var 
+      DEV_KUBECONF_SECRET_PATH:
+        required: true
+        type: string        
+        description: Kubeconf secret path in vault for dev
+      PROD_KUBECONF_SECRET_PATH:
+        required: true
+        type: string        
+        description: Kubeconf secret path in vault for prod
+    secrets:
+      VAULT_TOKEN:
+        required: true
+
+jobs:
+
+  deploy:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-22.04
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Extract version from tag or set commit SHA
+        id: vars
+        run: |
+          if [ "${{ github.ref_type }}" = "tag" ]; then
+            echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
+          else
+            VERSION=$(echo "${{ github.sha }}" | cut -c1-7)
+            echo "VERSION=$VERSION" >> $GITHUB_ENV
+          fi
+
+      - name: Export secrets for deploy
+        run: |
+          if [ "${{ github.ref }}" == "refs/heads/main" ]; then
+            echo "NAMESPACE=${{ inputs.PROD_NAMESPACE }}" >> $GITHUB_ENV
+            echo "VALUES_FILE=${{ inputs.PROD_VALUES_FILE }}" >> $GITHUB_ENV
+            echo "KUBECONF=${{ inputs.PROD_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
+          else
+            echo "NAMESPACE=${{ inputs.DEV_NAMESPACE }}" >> $GITHUB_ENV 
+            echo "VALUES_FILE=${{ inputs.DEV_VALUES_FILE }}" >> $GITHUB_ENV
+            echo "KUBECONF=${{ inputs.DEV_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
+          fi
+
+      - name: Import config of k8s
+        uses: hashicorp/vault-action@v2
+        with:
+          url: https://vault.project-rent-dev.com
+          token: ${{ secrets.VAULT_TOKEN }}
+          secrets: | 
+            ${{ env.KUBECONF }} | KUBECONFIG;
+
+      - name: Install helm
+        uses: azure/setup-helm@v4.2.0
+        with:
+          version: latest 
+
+      - name: Set up Kubectl
+        uses: azure/k8s-set-context@v4
+        with:
+          kubeconfig: ${{ env.KUBECONFIG }}
+
+      - name: Install chart
+        run: |
+          helm upgrade --install --cleanup-on-fail --atomic --timeout 2m --wait ${{ inputs.APP_NAME }} ./chart \
+            --create-namespace --namespace ${{ env.NAMESPACE }} \
+            --set image.repository=${{ inputs.REGISTRY }}/${{ inputs.REGISTRY_USER }}/${{ inputs.APP_NAME }} \
+            --set image.tag=${{ env.VERSION }} \
+            -f ${{ env.VALUES_FILE }}