Compare commits
2 commits
6f7bd3155e
...
0cc71b6bb3
Author | SHA1 | Date | |
---|---|---|---|
0cc71b6bb3 | |||
1a99aab121 |
8 changed files with 261 additions and 0 deletions
55
.github/workflows/docker.yml
vendored
Normal file
55
.github/workflows/docker.yml
vendored
Normal file
|
@ -0,0 +1,55 @@
|
|||
name: docker
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
pull_request:
|
||||
push:
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
REGISTRY: git.devminer.xyz
|
||||
IMAGE_NAME: "${{ github.actor }}/publii-testing"
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
# - run: curl -fsSL https://get.docker.com | sh
|
||||
- uses: actions/checkout@v4
|
||||
- uses: docker/setup-buildx-action@v3
|
||||
- uses: actions/cache@v4
|
||||
id: cache
|
||||
with:
|
||||
path: /tmp/.buildx-cache
|
||||
key: ${{ runner.os }}-buildx-${{ github.sha }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-buildx-
|
||||
- id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern={{version}}
|
||||
labels: |
|
||||
cache-from=type=local,src=/tmp/.buildx-cache
|
||||
cache-to=type=local,dest=/tmp/.buildx-cache
|
||||
- uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
- id: get_commit
|
||||
run: echo ::set-output "name=hash::${GITHUB_SHA:0:7}"
|
||||
- uses: docker/build-push-action@v5
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
- run: |
|
||||
rm -rf /tmp/.buildx-cache
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
7
chart/Chart.yaml
Normal file
7
chart/Chart.yaml
Normal file
|
@ -0,0 +1,7 @@
|
|||
apiVersion: v2
|
||||
name: app
|
||||
description: ''
|
||||
|
||||
type: application
|
||||
version: 0.0.1
|
||||
appVersion: "0.0.1"
|
41
chart/templates/_helpers.tpl
Normal file
41
chart/templates/_helpers.tpl
Normal file
|
@ -0,0 +1,41 @@
|
|||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "app.name" -}}
|
||||
{{- .Values.devhosting.appname | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "app.fullname" -}}
|
||||
{{- .Values.devhosting.appname | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "app.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "app.labels" -}}
|
||||
helm.sh/chart: {{ include "app.chart" . }}
|
||||
{{ include "app.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "app.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "app.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
39
chart/templates/deployment.yaml
Normal file
39
chart/templates/deployment.yaml
Normal file
|
@ -0,0 +1,39 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "app.fullname" . }}
|
||||
labels:
|
||||
{{- include "app.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "app.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "app.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.app_port }}
|
||||
protocol: TCP
|
||||
startupProbe:
|
||||
initialDelaySeconds: 20
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
50
chart/templates/istio.yaml
Normal file
50
chart/templates/istio.yaml
Normal file
|
@ -0,0 +1,50 @@
|
|||
apiVersion: networking.istio.io/v1beta1
|
||||
kind: Gateway
|
||||
metadata:
|
||||
name: {{ include "app.fullname" . }}
|
||||
labels:
|
||||
{{- include "app.labels" . | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
istio: ingressgateway
|
||||
servers:
|
||||
- port:
|
||||
number: 80
|
||||
name: http
|
||||
protocol: HTTP
|
||||
hosts:
|
||||
- {{ .Values.service.host }}
|
||||
{{- if .Values.service.ssl.enabled }}
|
||||
- port:
|
||||
number: 443
|
||||
name: https
|
||||
protocol: HTTPS
|
||||
hosts:
|
||||
- {{ .Values.service.host }}
|
||||
tls:
|
||||
mode: SIMPLE
|
||||
credentialName: {{ include "app.fullname" . }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: networking.istio.io/v1beta1
|
||||
kind: VirtualService
|
||||
metadata:
|
||||
name: {{ include "app.fullname" . }}
|
||||
labels:
|
||||
{{- include "app.labels" . | nindent 4 }}
|
||||
spec:
|
||||
hosts:
|
||||
- {{ .Values.service.host }}
|
||||
gateways:
|
||||
- {{ include "app.fullname" . }}
|
||||
http:
|
||||
- name: primary
|
||||
headers:
|
||||
response:
|
||||
set:
|
||||
Cache-Control: public, max-age=31536000, immutable
|
||||
route:
|
||||
- destination:
|
||||
host: {{ include "app.fullname" . }}
|
||||
port:
|
||||
number: {{ .Values.service.app_port }}
|
14
chart/templates/service.yaml
Normal file
14
chart/templates/service.yaml
Normal file
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "app.fullname" . }}
|
||||
labels:
|
||||
{{- include "app.labels" . | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
{{- include "app.selectorLabels" . | nindent 4 }}
|
||||
ports:
|
||||
- port: {{ .Values.service.app_port }}
|
||||
targetPort: http
|
||||
name: http
|
||||
protocol: TCP
|
27
chart/templates/ssl.yaml
Normal file
27
chart/templates/ssl.yaml
Normal file
|
@ -0,0 +1,27 @@
|
|||
{{- if .Values.service.ssl.enabled }}
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ include "app.fullname" . }}
|
||||
namespace: istio-system
|
||||
spec:
|
||||
secretName: {{ include "app.fullname" . }}
|
||||
commonName: {{ .Values.service.host }}
|
||||
duration: 2160h0m0s # 90d
|
||||
renewBefore: 360h0m0s # 15d
|
||||
subject:
|
||||
organizations:
|
||||
- DevMiner.xyz
|
||||
privateKey:
|
||||
algorithm: RSA
|
||||
encoding: PKCS1
|
||||
size: 4096
|
||||
usages:
|
||||
- server auth
|
||||
- client auth
|
||||
dnsNames:
|
||||
- {{ .Values.service.host }}
|
||||
issuerRef:
|
||||
name: {{ .Values.service.ssl.issuer.name }}
|
||||
kind: {{ .Values.service.ssl.issuer.kind }}
|
||||
{{- end }}
|
28
chart/values.yml
Normal file
28
chart/values.yml
Normal file
|
@ -0,0 +1,28 @@
|
|||
image:
|
||||
repository: git.devminer.xyz/devminer/publii-testing
|
||||
pullPolicy: Always
|
||||
tag: "main"
|
||||
|
||||
replicas: 3
|
||||
|
||||
service:
|
||||
app_port: 80
|
||||
host: publii-testing.devminer.xyz
|
||||
ssl:
|
||||
enabled: true
|
||||
port: 443
|
||||
issuer:
|
||||
name: letsencrypt
|
||||
kind: ClusterIssuer
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 128m
|
||||
memory: 128Mi
|
||||
requests:
|
||||
cpu: 16m
|
||||
memory: 32Mi
|
||||
|
||||
# populated by the ArgoCD application
|
||||
devhosting:
|
||||
appname: ''
|
Loading…
Reference in a new issue