From a42a1d7acf7a2e83c381fd95e3d43072e46f3a0c Mon Sep 17 00:00:00 2001 From: mbelfares Date: Thu, 18 Jun 2026 00:45:43 +0200 Subject: [PATCH] adapt pipeline --- .gitea/workflows/deploy.yml | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index b49daee..ff3e4bd 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -17,8 +17,15 @@ on: jobs: deploy: - runs-on: ubuntu-latest + runs-on: docker://alpine:3.20 steps: + - name: Install tools + run: | + apk add --no-cache curl bash git openssh-client + curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash + curl -LO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + chmod +x kubectl && mv kubectl /usr/local/bin/ + - name: Checkout uses: actions/checkout@v4 @@ -27,9 +34,6 @@ jobs: mkdir -p ~/.kube echo "${{ secrets.KUBECONFIG }}" | base64 -d > ~/.kube/config - - name: Setup Helm - uses: azure/setup-helm@v4 - - name: Add Helm repos run: | helm repo add apache-airflow https://airflow.apache.org @@ -39,7 +43,7 @@ jobs: helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo add oauth2-proxy https://oauth2-proxy.github.io/manifests helm repo update - + - name: Deploy Nginx if: ${{ inputs.service == 'all' || inputs.service == 'nginx' }} run: | @@ -55,13 +59,14 @@ jobs: kubectl create namespace airflow --dry-run=client -o yaml | kubectl apply -f - printf '%s' "$SSH_KEY" | base64 -d > /tmp/gitSshKey chmod 600 /tmp/gitSshKey - ssh-keyscan github.com 2>/dev/null > /tmp/known_hosts + ssh-keyscan -p 2222 gitea.idir-belfares.fr 2>/dev/null > /tmp/known_hosts kubectl create secret generic airflow-gitsync-ssh \ --from-file=gitSshKey=/tmp/gitSshKey \ --from-file=known_hosts=/tmp/known_hosts \ --namespace airflow \ --dry-run=client -o yaml | kubectl apply -f - rm -f /tmp/gitSshKey /tmp/known_hosts + - name: Deploy Airflow if: ${{ inputs.service == 'all' || inputs.service == 'airflow' }} run: | @@ -89,11 +94,12 @@ jobs: --create-namespace \ --values helm/keycloak/values.yaml \ --wait + - name: Create monitoring namespace if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} run: | kubectl create namespace monitoring --dry-run=client -o yaml | kubectl apply -f - - + - name: Create Grafana OAuth secret if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} run: | @@ -102,7 +108,7 @@ jobs: --from-literal=GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET="${{ secrets.GRAFANA_CLIENT_SECRET }}" \ --from-literal=GF_SECURITY_SECRET_KEY="${{ secrets.GRAFANA_SECRET_KEY }}" \ --dry-run=client -o yaml | kubectl apply -f - - + - name: Create oauth2-proxy secrets if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} run: | @@ -120,14 +126,6 @@ jobs: --from-literal=cookie-secret="${{ secrets.OAUTH2_PROXY_COOKIE_SECRET }}" \ --dry-run=client -o yaml | kubectl apply -f - - - # - name: Install/upgrade Prometheus CRDs (server-side, hors Helm) - # if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} - # run: | - # kubectl apply --server-side --force-conflicts -f \ - # https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/main/bundle.yaml \ - # --field-manager=prometheus-operator - - name: Deploy Monitoring if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} run: |