Uber5-Public/gha-deploy-to-k3s
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Uber5-Public:v1
Branches Tags
Uber5-Public:main
Uber5-Public:v2
Uber5-Public:v1
...
compare: Uber5-Public:main
Branches Tags
Uber5-Public:main
Uber5-Public:v2
Uber5-Public:v1

10 Commits
v1 ... main

Author SHA1 Message Date
chris
fa5133ee88 Update README.md 2025-03-23 20:41:41 +00:00
Chris Oloff
72d570731d update README 2025-01-01 17:35:32 +02:00
Chris Oloff
b305152e9f cleanup, add docs 2025-01-01 17:26:31 +02:00
Chris Oloff
6a94eb6279 add error handling for missing input 2025-01-01 17:17:20 +02:00
Chris Oloff
e79d57928a Update config to use properly named input param 2025-01-01 16:37:06 +02:00
Chris Oloff
edcc936564 fix Dockerfile, tested locally 2025-01-01 16:30:17 +02:00
Chris Oloff
c9073c61d2 fix confused 'apt install' command 2025-01-01 16:02:44 +02:00
Chris Oloff
44a237aed4 add calling kubectl etc to apply kustomizations and then deploy by applying the manifests 2025-01-01 15:23:25 +02:00
Chris Oloff
94931ef4e3 more debugging, why is output not coming through in next step 2025-01-01 14:27:48 +02:00
Chris Oloff
22ff2f2c04 add env debug output 2025-01-01 14:18:42 +02:00
4 changed files with 87 additions and 12 deletions
Show Stats Expand all files Collapse all files

10
Dockerfile
View File

@ -2,15 +2,19 @@
FROM debian:12.8-slim FROM debian:12.8-slim
# compare https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/ # compare https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/
# https://stackoverflow.com/a/69684246
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN apt-get update && \ RUN apt-get update && \
export DEBIAN_FRONTEND=noninteractive && \ export DEBIAN_FRONTEND=noninteractive && \
apt-get install --no-install-recommends -y git nodejs gpg npm dnsutils \ apt-get install --no-install-recommends -y git nodejs gpg npm dnsutils \
apt-transport-https ca-certificates curl gnupg # packages in this line required for kubectl && \ apt-transport-https ca-certificates curl gnupg && \
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg && \ curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg && \
chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg && \ chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg && \
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list && \ echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list && \
chmod 644 /etc/apt/sources.list.d/kubernetes.list # helps tools such as command-not-found to work correctly && \ chmod 644 /etc/apt/sources.list.d/kubernetes.list && \
apt-get update && apt-get install -y kubectl && \ apt-get update && apt-get install -y --no-install-recommends kubectl && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Copies your code file from your action repository to the filesystem path `/` of the container # Copies your code file from your action repository to the filesystem path `/` of the container

34
README.md
View File

@ -3,6 +3,34 @@
This is a [Github Action](https://docs.github.com/en/actions/sharing-automations/creating-actions/creating-a-docker-container-action) This is a [Github Action](https://docs.github.com/en/actions/sharing-automations/creating-actions/creating-a-docker-container-action)
using Docker, with the intention to efficiently deploy to a k3s or k8s cluster using kustomize. using Docker, with the intention to efficiently deploy to a k3s or k8s cluster using kustomize.
# How to Use
## How to Configure in .github/workflows/main.yaml
```yaml
jobs:
deploy_staging:
steps:
- name: deploy to staging
id: deploy
uses: https://gitea.uber5.com/Uber5-Public/gha-deploy-to-k3s@v2
with:
kust_config: kustomize/overlays/testing
env:
K3S_YAML: ${{ secrets.K3S_YAML }} # assuming that K3S_YAML is defined in a README, see also below
- name: Check output of previous step (kinda dummy)
run: echo "The start time was ${{ steps.deploy.outputs.time }}"
```
## How to Setup K3S_YAML
We assume you use k3s. Otherwise, use comparable kubectl configuration.
- Grab k3s.yaml (\`/etc/rancher/k3s/k3s.yaml\`), copy it to /tmp/ and make it readable for you, then copy it from the master node of the k3s cluster: `scp your-node-123.uber5.com:/tmp/k3s.yaml /tmp/`
- Change the `server` entry to use its public DNS name
- Insert `tls-server-name: kubernetes` underneath the `server` key. The value (`kubernetes` in this case) needs to be one of the names that are in the cert. If you get it wrong, the error message in the pipeline will tell you.
- encode k3s.yaml with `base64 -i /tmp/k3s.yaml -o /tmp/encoded`, and set it as the value for a secret `K3S_YAML` in gitea for the repository under "Settings > Actions > Secrets"
# Open Questions # Open Questions
- We use [kustomize](https://kustomize.io/). Is this overkill? As the complexity of deployments is not that high, usually, this may be more technical complexity than necessary. We could go back to using plain kubernetes manifests, and just have different ones for staging and prod. - We use [kustomize](https://kustomize.io/). Is this overkill? As the complexity of deployments is not that high, usually, this may be more technical complexity than necessary. We could go back to using plain kubernetes manifests, and just have different ones for staging and prod.
@ -10,6 +38,6 @@ using Docker, with the intention to efficiently deploy to a k3s or k8s cluster u
- Advantages Github Actions: - Advantages Github Actions:
- execution time should be faster - execution time should be faster
- it's closer to the mainstream - it's closer to the mainstream
- Advantages Woodpecker: - Advantages Woodpecker:
- Current deployments use woodpecker already - Current deployments use woodpecker already
- Simpler technology (This is debatable) - Simpler technology (This is debatable)

10
action.yml
View File

@ -2,15 +2,15 @@
name: "Hello World" name: "Hello World"
description: "Greet someone and record the time" description: "Greet someone and record the time"
inputs: inputs:
who-to-greet: # id of input kust_config: # id of input
description: "Who to greet" description: "the kustomization configuration, e.g. kustomize/overlays/testing"
required: true required: true
default: "World" default: "kustomize/overlays/testing"
outputs: outputs:
time: # id of output time: # id of output
description: "The time we greeted you" description: "The time we started"
runs: runs:
using: "docker" using: "docker"
image: "Dockerfile" image: "Dockerfile"
args: args:
- ${{ inputs.who-to-greet }} - ${{ inputs.kust_config }}

45
entrypoint.sh
View File

@ -1,5 +1,48 @@
#!/bin/sh -l #!/bin/sh -l
echo "Hello $1" set -e # fail if any command fails
time=$(date) time=$(date)
echo "time=$time" >>"$GITHUB_OUTPUT" echo "time=$time" >>"$GITHUB_OUTPUT"
echo "env:"
env
echo "github output:"
cat "$GITHUB_OUTPUT"
KUST_CONFIG=$1
if [ -z "$KUST_CONFIG" ]; then
echo "KUST_CONFIG not defined, pass it in a 'with:' clause to the action" && exit 1
fi
if [ -z "$K3S_YAML" ]; then
echo "K3S_YAML not defined, pass it in the environment with an 'env:' clause to the action" && exit 1
fi
if [ -z "$GITHUB_SHA" ]; then
echo "GITHUB_SHA not defined, pass it in the environment with an 'env:' clause to the action" && exit 1
fi
echo "Going to apply kustomization configuration at ${KUST_CONFIG}"
echo "K3S_YAML:"
echo "$K3S_YAML"
echo "$K3S_YAML" | base64 -d >/tmp/k3s.yaml
chmod 600 /tmp/k3s.yaml
ls -lth /tmp/
echo "K3S_YAML, deserialized:"
cat /tmp/k3s.yaml
cp -r ./kustomize /tmp/ # TODO: we expect the kustomize folder to be present in the root of the repository
find /tmp/kustomize -type f -print0 | xargs -0 sed -i "s/GIT_VERSION/${GITHUB_SHA}/"
# echo "try and get nodes and version... (debugging)"
# kubectl --kubeconfig /tmp/k3s.yaml get all
# kubectl --kubeconfig /tmp/k3s.yaml version
echo "determine kustomize version..."
KUSTOMIZE_VERSION=$(kubectl --kubeconfig /tmp/k3s.yaml version | grep Kustomize | awk '{ print $3 }')
echo "KUSTOMIZE_VERSION=${KUSTOMIZE_VERSION}"
# echo "run kustomize, and print output to console"
# kubectl --kubeconfig /tmp/k3s.yaml kustomize "/tmp/${KUST_CONFIG}"
echo "replace faulty kustomize version (compare https://github.com/kubernetes/kubectl/issues/1495)"
kubectl --kubeconfig /tmp/k3s.yaml kustomize "/tmp/${KUST_CONFIG}" | sed "s/kustomize-(devel)/kustomize-$KUSTOMIZE_VERSION/" >/tmp/manifests.yaml
echo "UPDATED YAML:"
cat /tmp/manifests.yaml
echo "applying..."
kubectl --kubeconfig /tmp/k3s.yaml apply -f - </tmp/manifests.yaml
echo "Done applying kustomized manifests at ${KUST_CONFIG}, success"