ZB-Server/EscapeFromTeacher
Private
Public Access
1
0
Fork 0
Code Activity

Add Docker, Kubernetes configurations, and CI workflows for deployment. Integrate Gin server for API, WebSocket support, and static file hosting. Refactor WebSocket gateway to use Gin router.
Dynamic Branch Deploy / build-and-deploy (push) Has been cancelled

Browse Source
This commit is contained in:
Sebastian Unterschütz
2026-01-04 15:14:55 +01:00
parent 2fb19d314f
commit 16f683a360
13 changed files with 872 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/cleanup.yaml
+68
View File
@@ -0,0 +1,68 @@
name: Cleanup Environment
on: [delete]
jobs:
cleanup:
runs-on: ubuntu-latest
# Nur ausführen, wenn ein Branch gelöscht wurde (keine Tags)
if: github.event.ref_type == 'branch'
steps:
# 1. Variablen berechnen (MIT FIX FÜR REFS/HEADS & MAIN-CHECK)
- name: Prepare Variables
run: |
# Repo Name klein (z.B. "it232abschied")
REPO_LOWER=$(echo "${{ gitea.repository }}" | cut -d'/' -f2 | tr '[:upper:]' '[:lower:]')
# Branch Name aus Event (z.B. "refs/heads/feature-x")
RAW_REF="${{ github.event.ref }}"
# "refs/heads/" entfernen
BRANCH_CLEAN=${RAW_REF#refs/heads/}
# Kleinschreiben & Sonderzeichen
BRANCH_LOWER=$(echo "$BRANCH_CLEAN" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]/-/g')
# Logik synchron zum Deploy:
# Main/Master -> Namespace ist nur der Repo-Name
# Anderes -> Namespace ist Repo-Branch
if [ "$BRANCH_LOWER" = "main" ] || [ "$BRANCH_LOWER" = "master" ]; then
TARGET_NS="${REPO_LOWER}"
IS_MAIN="true"
else
TARGET_NS="${REPO_LOWER}-${BRANCH_LOWER}"
IS_MAIN="false"
fi
echo "DEBUG: Clean Branch: $BRANCH_LOWER"
echo "DEBUG: Target NS: $TARGET_NS"
echo "TARGET_NS=$TARGET_NS" >> $GITHUB_ENV
echo "IS_MAIN=$IS_MAIN" >> $GITHUB_ENV
# 2. Sicherheits-Check: Niemals Main/Master löschen!
# Wir prüfen jetzt die Variable IS_MAIN, statt den Namen hart zu codieren
- name: Protect Main
if: env.IS_MAIN == 'true'
run: |
echo "❌ ABBRUCH: Der Produktions-Namespace ${{ env.TARGET_NS }} darf nicht gelöscht werden!"
exit 1
# 3. Kubectl einrichten
- name: Setup Kubectl
run: |
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
mv kubectl /usr/local/bin/
mkdir -p $HOME/.kube
echo "${{ secrets.KUBE_CONFIG }}" > $HOME/.kube/config
chmod 600 $HOME/.kube/config
# Der Trick für interne Kommunikation
sed -i 's|server: https://.*:6443|server: https://kubernetes.default.svc:443|g' $HOME/.kube/config
# 4. Namespace löschen
- name: Delete Namespace
run: |
echo "🗑️ Lösche Namespace: ${{ env.TARGET_NS }}"
# Wir löschen den Namespace ohne zu warten (async), das geht schneller
kubectl delete namespace ${{ env.TARGET_NS }} --ignore-not-found --wait=false
.github/workflows/deploy.yaml
+128
View File
@@ -0,0 +1,128 @@
name: Dynamic Branch Deploy
on: [push]
env:
REGISTRY: git.zb-server.de
# WICHTIG: Deine echte Haupt-Domain
BASE_DOMAIN: escape-from-school.de
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
# 1. Code auschecken
- name: Checkout Code
uses: actions/checkout@v3
# 2. Variablen vorbereiten (MIT HAUPT-DOMAIN LOGIK)
- name: Prepare Environment Variables
id: prep
run: |
# 1. Repo und Branch Namen säubern
# Voller Pfad für Docker Image (z.B. "user/escape-teacher")
FULL_IMAGE_PATH=$(echo "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')
# Nur der Projektname für K8s (z.B. "escape-teacher")
REPO_LOWER=$(echo "$FULL_IMAGE_PATH" | cut -d'/' -f2)
# Branch Name säubern (Sonderzeichen zu Bindestrichen)
BRANCH_LOWER=$(echo "${{ gitea.ref_name }}" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]/-/g')
# 2. Logik: Ist es der Haupt-Branch?
if [ "$BRANCH_LOWER" = "main" ] || [ "$BRANCH_LOWER" = "master" ]; then
# PRODUKTION:
# URL ist direkt die Domain (ohne Subdomain)
APP_URL="${{ env.BASE_DOMAIN }}"
# Namespace ist nur der Projektname (ohne Branch-Suffix)
TARGET_NS="${REPO_LOWER}"
echo "Mode: PRODUCTION (Root Domain)"
else
# ENTWICKLUNG:
# URL ist repo-branch.domain.de
APP_URL="${REPO_LOWER}-${BRANCH_LOWER}.${{ env.BASE_DOMAIN }}"
# Namespace ist repo-branch
TARGET_NS="${REPO_LOWER}-${BRANCH_LOWER}"
echo "Mode: DEVELOPMENT (Subdomain)"
fi
# Image Tag (Commit Hash)
IMAGE_TAG="${{ gitea.sha }}"
# Debug Ausgabe
echo "DEBUG: Branch: $BRANCH_LOWER"
echo "DEBUG: Namespace: $TARGET_NS"
echo "DEBUG: URL: $APP_URL"
# In Gitea Actions Environment schreiben
echo "FULL_IMAGE_PATH=$FULL_IMAGE_PATH" >> $GITHUB_ENV
echo "REPO_NAME=$REPO_LOWER" >> $GITHUB_ENV
echo "TARGET_NS=$TARGET_NS" >> $GITHUB_ENV
echo "APP_URL=$APP_URL" >> $GITHUB_ENV
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
# 3. Kaniko Build
- name: Build and Push with Kaniko
uses: aevea/action-kaniko@v0.12.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ gitea.actor }}
password: ${{ secrets.PACKAGE_TOKEN }}
image: ${{ env.FULL_IMAGE_PATH }}
tag: ${{ env.IMAGE_TAG }}
cache: true
extra_args: --skip-tls-verify-pull --insecure
# 4. Setup Kubectl (Interner Trick)
- name: Setup Kubectl
run: |
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
mv kubectl /usr/local/bin/
mkdir -p $HOME/.kube
echo "${{ secrets.KUBE_CONFIG }}" > $HOME/.kube/config
chmod 600 $HOME/.kube/config
# Internal DNS Trick (für Kommunikation innerhalb des Clusters)
sed -i 's|server: https://.*:6443|server: https://kubernetes.default.svc:443|g' $HOME/.kube/config
# 5. Deploy to Kubernetes
- name: Deploy to Kubernetes
run: |
# Namespace erstellen (falls nicht existiert)
kubectl create namespace ${{ env.TARGET_NS }} --dry-run=client -o yaml | kubectl apply -f -
# Vollen Image Pfad bauen
FULL_IMAGE_URL="${{ env.REGISTRY }}/${{ env.FULL_IMAGE_PATH }}:${{ env.IMAGE_TAG }}"
# 1. Ingress anpassen (Hier wird die URL eingesetzt!)
sed -i "s|\${APP_URL}|${{ env.APP_URL }}|g" k8s/ingress.yaml
# 2. App Deployment anpassen (Image)
sed -i "s|\${IMAGE_NAME}|$FULL_IMAGE_URL|g" k8s/app.yaml
# Anwenden
echo "Deploying Resources to Namespace: ${{ env.TARGET_NS }}"
kubectl apply -f k8s/pvc.yaml -n ${{ env.TARGET_NS }}
kubectl apply -f k8s/redis.yaml -n ${{ env.TARGET_NS }}
kubectl apply -f k8s/app.yaml -n ${{ env.TARGET_NS }}
kubectl apply -f k8s/ingress.yaml -n ${{ env.TARGET_NS }}
# HPA (Autoscaling) nur für Main/Master Branch aktivieren
# Wir vergleichen den Namespace mit dem Repo-Namen
# Wenn Namespace == RepoName, dann sind wir im Main Branch
if [ "${{ env.TARGET_NS }}" == "${{ env.REPO_NAME }}" ]; then
echo "Main Branch detected: Applying HPA (Autoscaling)..."
kubectl apply -f k8s/hpa.yaml -n ${{ env.TARGET_NS }}
else
echo "Feature Branch: Skipping HPA."
# Optional: HPA löschen, falls es versehentlich da ist
kubectl delete hpa escape-game-hpa -n ${{ env.TARGET_NS }} --ignore-not-found
fi
# Force Update (damit das neue Image sicher geladen wird)
kubectl rollout restart deployment/escape-game -n ${{ env.TARGET_NS }}
# 6. Summary
- name: Summary
run: echo "🚀 Deployed successfully to https://${{ env.APP_URL }}"