admin/airflow3-kub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cad03104f7810586e9fbc2bda02376aa15e7adc6
airflow3-kub/.github/workflows/deploy.yml
T
mbelfares cad03104f7 ingress for monitoring
2026-06-08 15:22:55 +02:00

125 lines
4.6 KiB
YAML
Raw Blame History

name: Deploy Stack
on:
workflow_dispatch:
inputs:
service:
description: "Service to deploy"
required: true
type: choice
options:
- all
- airflow
- keycloak
- keycloak-db
- nginx
- monitoring
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup kubeconfig
run: |
mkdir -p ~/.kube
echo "${{ secrets.KUBECONFIG }}" | base64 -d > ~/.kube/config
- name: Setup Helm
uses: azure/setup-helm@v4
- name: Add Helm repos
run: |
helm repo add apache-airflow https://airflow.apache.org
helm repo add codecentric https://codecentric.github.io/helm-charts
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add oauth2-proxy https://oauth2-proxy.github.io/manifests
helm repo update
- name: Deploy Nginx
if: ${{ inputs.service == 'all' || inputs.service == 'nginx' }}
run: |
helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx \
--namespace ingress-nginx \
--create-namespace \
--wait
- name: Deploy Airflow
if: ${{ inputs.service == 'all' || inputs.service == 'airflow' }}
run: |
helm upgrade --install airflow apache-airflow/airflow \
--namespace airflow \
--create-namespace \
--values helm/airflow/values.yaml
- name: Deploy Keycloak PostgreSQL
if: ${{ inputs.service == 'all' || inputs.service == 'keycloak' || inputs.service == 'keycloak-db' }}
run: |
helm upgrade --install keycloak-db oci://registry-1.docker.io/bitnamicharts/postgresql \
--namespace keycloak \
--create-namespace \
--set auth.username=keycloak \
--set auth.password=keycloak \
--set auth.database=keycloak \
--wait
- name: Deploy Keycloak
if: ${{ inputs.service == 'all' || inputs.service == 'keycloak' }}
run: |
helm upgrade --install keycloak codecentric/keycloakx \
--namespace keycloak \
--create-namespace \
--values helm/keycloak/values.yaml \
--wait
- name: Create monitoring namespace
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: |
kubectl create namespace monitoring --dry-run=client -o yaml | kubectl apply -f -
- name: Create oauth2-proxy secrets
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: |
kubectl create secret generic oauth2-proxy-prometheus \
-n monitoring \
--from-literal=client-id=prometheus \
--from-literal=client-secret="${{ secrets.PROMETHEUS_CLIENT_SECRET }}" \
--from-literal=cookie-secret="${{ secrets.OAUTH2_PROXY_COOKIE_SECRET }}" \
--dry-run=client -o yaml | kubectl apply -f -
kubectl create secret generic oauth2-proxy-alertmanager \
-n monitoring \
--from-literal=client-id=alertmanager \
--from-literal=client-secret="${{ secrets.ALERTMANAGER_CLIENT_SECRET }}" \
--from-literal=cookie-secret="${{ secrets.OAUTH2_PROXY_COOKIE_SECRET }}" \
--dry-run=client -o yaml | kubectl apply -f -
- name: Deploy Monitoring
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: |
helm upgrade --install monitoring prometheus-community/kube-prometheus-stack \
--namespace monitoring \
--create-namespace \
--values helm/monitoring/values.yaml \
--wait
- name: Deploy oauth2-proxy Prometheus
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: |
helm upgrade --install oauth2-proxy-prometheus \
oauth2-proxy/oauth2-proxy \
--namespace monitoring \
-f helm/monitoring/oauth2-proxy-prometheus.yaml \
--wait
- name: Deploy oauth2-proxy Alertmanager
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: |
helm upgrade --install oauth2-proxy-alertmanager \
oauth2-proxy/oauth2-proxy \
--namespace monitoring \
-f helm/monitoring/oauth2-proxy-alertmanager.yaml \
--wait
Reference in New Issue View Git Blame Copy Permalink