mbelfares/airflow3-kube
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adapt pipeline

Browse Source
This commit is contained in:
Mohand Ou Idir Belfares
2026-06-18 00:45:43 +02:00
parent 962f24811b
commit a42a1d7acf
1 changed files with 14 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/deploy.yml
+14 -16
View File
@@ -17,8 +17,15 @@ on:
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: docker://alpine:3.20
steps: steps:
- name: Install tools
run: |
apk add --no-cache curl bash git openssh-client
curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
curl -LO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl && mv kubectl /usr/local/bin/
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
@@ -27,9 +34,6 @@ jobs:
mkdir -p ~/.kube mkdir -p ~/.kube
echo "${{ secrets.KUBECONFIG }}" | base64 -d > ~/.kube/config echo "${{ secrets.KUBECONFIG }}" | base64 -d > ~/.kube/config
- name: Setup Helm
uses: azure/setup-helm@v4
- name: Add Helm repos - name: Add Helm repos
run: | run: |
helm repo add apache-airflow https://airflow.apache.org helm repo add apache-airflow https://airflow.apache.org
@@ -39,7 +43,7 @@ jobs:
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add oauth2-proxy https://oauth2-proxy.github.io/manifests helm repo add oauth2-proxy https://oauth2-proxy.github.io/manifests
helm repo update helm repo update
- name: Deploy Nginx - name: Deploy Nginx
if: ${{ inputs.service == 'all' || inputs.service == 'nginx' }} if: ${{ inputs.service == 'all' || inputs.service == 'nginx' }}
run: | run: |
@@ -55,13 +59,14 @@ jobs:
kubectl create namespace airflow --dry-run=client -o yaml | kubectl apply -f - kubectl create namespace airflow --dry-run=client -o yaml | kubectl apply -f -
printf '%s' "$SSH_KEY" | base64 -d > /tmp/gitSshKey printf '%s' "$SSH_KEY" | base64 -d > /tmp/gitSshKey
chmod 600 /tmp/gitSshKey chmod 600 /tmp/gitSshKey
ssh-keyscan github.com 2>/dev/null > /tmp/known_hosts ssh-keyscan -p 2222 gitea.idir-belfares.fr 2>/dev/null > /tmp/known_hosts
kubectl create secret generic airflow-gitsync-ssh \ kubectl create secret generic airflow-gitsync-ssh \
--from-file=gitSshKey=/tmp/gitSshKey \ --from-file=gitSshKey=/tmp/gitSshKey \
--from-file=known_hosts=/tmp/known_hosts \ --from-file=known_hosts=/tmp/known_hosts \
--namespace airflow \ --namespace airflow \
--dry-run=client -o yaml | kubectl apply -f - --dry-run=client -o yaml | kubectl apply -f -
rm -f /tmp/gitSshKey /tmp/known_hosts rm -f /tmp/gitSshKey /tmp/known_hosts
- name: Deploy Airflow - name: Deploy Airflow
if: ${{ inputs.service == 'all' || inputs.service == 'airflow' }} if: ${{ inputs.service == 'all' || inputs.service == 'airflow' }}
run: | run: |
@@ -89,11 +94,12 @@ jobs:
--create-namespace \ --create-namespace \
--values helm/keycloak/values.yaml \ --values helm/keycloak/values.yaml \
--wait --wait
- name: Create monitoring namespace - name: Create monitoring namespace
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: | run: |
kubectl create namespace monitoring --dry-run=client -o yaml | kubectl apply -f - kubectl create namespace monitoring --dry-run=client -o yaml | kubectl apply -f -
- name: Create Grafana OAuth secret - name: Create Grafana OAuth secret
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: | run: |
@@ -102,7 +108,7 @@ jobs:
--from-literal=GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET="${{ secrets.GRAFANA_CLIENT_SECRET }}" \ --from-literal=GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET="${{ secrets.GRAFANA_CLIENT_SECRET }}" \
--from-literal=GF_SECURITY_SECRET_KEY="${{ secrets.GRAFANA_SECRET_KEY }}" \ --from-literal=GF_SECURITY_SECRET_KEY="${{ secrets.GRAFANA_SECRET_KEY }}" \
--dry-run=client -o yaml | kubectl apply -f - --dry-run=client -o yaml | kubectl apply -f -
- name: Create oauth2-proxy secrets - name: Create oauth2-proxy secrets
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: | run: |
@@ -120,14 +126,6 @@ jobs:
--from-literal=cookie-secret="${{ secrets.OAUTH2_PROXY_COOKIE_SECRET }}" \ --from-literal=cookie-secret="${{ secrets.OAUTH2_PROXY_COOKIE_SECRET }}" \
--dry-run=client -o yaml | kubectl apply -f - --dry-run=client -o yaml | kubectl apply -f -
# - name: Install/upgrade Prometheus CRDs (server-side, hors Helm)
# if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
# run: |
# kubectl apply --server-side --force-conflicts -f \
# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/main/bundle.yaml \
# --field-manager=prometheus-operator
- name: Deploy Monitoring - name: Deploy Monitoring
if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }} if: ${{ inputs.service == 'all' || inputs.service == 'monitoring' }}
run: | run: |