Init
Some checks failed
Dynamic Branch Deploy / build-and-deploy (push) Failing after 36s
Some checks failed
Dynamic Branch Deploy / build-and-deploy (push) Failing after 36s
This commit is contained in:
Sebastian Unterschütz
81
.github/workflows/deploy.yaml
vendored
81
.github/workflows/deploy.yaml
vendored
@@ -1,4 +1,4 @@
|
|||||||
name: Build & Deploy Game
|
name: Dynamic Branch Deploy
|
||||||
on: [push]
|
on: [push]
|
||||||
|
|
||||||
env:
|
env:
|
||||||
@@ -9,43 +9,59 @@ jobs:
|
|||||||
build-and-deploy:
|
build-and-deploy:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
# 1. Code holen
|
# 1. Code auschecken
|
||||||
- name: Checkout Code
|
- name: Checkout Code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
# 2. Variablen vorbereiten
|
# 2. Variablen vorbereiten (VEREINFACHT & KORRIGIERT)
|
||||||
- name: Prepare Environment Variables
|
- name: Prepare Environment Variables
|
||||||
id: prep
|
id: prep
|
||||||
run: |
|
run: |
|
||||||
USERNAME_LOWER=$(echo "${{ gitea.actor }}" | tr '[:upper:]' '[:lower:]')
|
# Wir nehmen einfach den vollen Repo-Namen (z.B. "User/Repo") und machen ihn klein
|
||||||
REPO_LOWER=$(echo "${{ gitea.repository }}" | cut -d'/' -f2 | tr '[:upper:]' '[:lower:]')
|
# Das ist sicherer als cut und owner einzeln zu holen
|
||||||
OWNER_LOWER=$(echo "${{ gitea.repository_owner }}" | tr '[:upper:]' '[:lower:]')
|
FULL_IMAGE_PATH=$(echo "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')
|
||||||
|
|
||||||
|
# Repo Name für K8s (nur der Teil nach dem /)
|
||||||
|
REPO_LOWER=$(echo "$FULL_IMAGE_PATH" | cut -d'/' -f2)
|
||||||
|
|
||||||
|
# Branch Name säubern
|
||||||
BRANCH_LOWER=$(echo "${{ gitea.ref_name }}" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]/-/g')
|
BRANCH_LOWER=$(echo "${{ gitea.ref_name }}" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]/-/g')
|
||||||
|
|
||||||
|
# Namespace und URL bauen
|
||||||
TARGET_NS="${REPO_LOWER}-${BRANCH_LOWER}"
|
TARGET_NS="${REPO_LOWER}-${BRANCH_LOWER}"
|
||||||
APP_URL="${TARGET_NS}.${{ env.BASE_DOMAIN }}"
|
APP_URL="${TARGET_NS}.${{ env.BASE_DOMAIN }}"
|
||||||
FULL_IMAGE_PATH="${OWNER_LOWER}/${REPO_LOWER}"
|
|
||||||
IMAGE_TAG="${{ env.REGISTRY }}/${FULL_IMAGE_PATH}:${{ gitea.sha }}"
|
# Image Tag (Commit Hash)
|
||||||
|
IMAGE_TAG="${{ gitea.sha }}"
|
||||||
|
|
||||||
|
# Debug Ausgabe (damit du siehst, ob es geklappt hat)
|
||||||
|
echo "DEBUG: Image Path is: $FULL_IMAGE_PATH"
|
||||||
|
echo "DEBUG: Target NS is: $TARGET_NS"
|
||||||
|
|
||||||
|
# In Gitea Actions Environment schreiben
|
||||||
|
echo "FULL_IMAGE_PATH=$FULL_IMAGE_PATH" >> $GITHUB_ENV
|
||||||
|
echo "REPO_NAME=$REPO_LOWER" >> $GITHUB_ENV
|
||||||
echo "TARGET_NS=$TARGET_NS" >> $GITHUB_ENV
|
echo "TARGET_NS=$TARGET_NS" >> $GITHUB_ENV
|
||||||
echo "APP_URL=$APP_URL" >> $GITHUB_ENV
|
echo "APP_URL=$APP_URL" >> $GITHUB_ENV
|
||||||
echo "IMAGE_FULL=$IMAGE_TAG" >> $GITHUB_ENV
|
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
|
||||||
|
|
||||||
echo "Deploying to Namespace: $TARGET_NS URL: $APP_URL"
|
|
||||||
|
|
||||||
# 3. Docker Image bauen (Kaniko)
|
# 3. Kaniko Build (Mit DEBUG Fix)
|
||||||
- name: Build and Push
|
- name: Build and Push with Kaniko
|
||||||
uses: aevea/action-kaniko@v0.12.0
|
uses: aevea/action-kaniko@v0.12.0
|
||||||
with:
|
with:
|
||||||
registry: ${{ env.REGISTRY }}
|
registry: ${{ env.REGISTRY }}
|
||||||
|
# username/password werden oft nicht gebraucht, wenn Gitea Actions Runner
|
||||||
|
# im selben Netzwerk ist, aber sicher ist sicher:
|
||||||
username: ${{ gitea.actor }}
|
username: ${{ gitea.actor }}
|
||||||
password: ${{ secrets.PACKAGE_TOKEN }}
|
password: ${{ secrets.PACKAGE_TOKEN }}
|
||||||
image: ${{ env.FULL_IMAGE_PATH }} # Achtung: Hier muss evtl. angepasst werden wie im Prep step berechnet
|
# Hier war der Fehler: Wir nutzen jetzt die vereinfachte Variable
|
||||||
tag: ${{ gitea.sha }}
|
image: ${{ env.FULL_IMAGE_PATH }}
|
||||||
|
tag: ${{ env.IMAGE_TAG }}
|
||||||
cache: true
|
cache: true
|
||||||
extra_args: --skip-tls-verify-pull
|
# WICHTIG bei selbst-signierten oder internen Gitea Instanzen:
|
||||||
|
extra_args: --skip-tls-verify-pull --insecure
|
||||||
|
|
||||||
# 4. Kubectl einrichten (Interner Trick)
|
# 4. Setup Kubectl (Interner Trick)
|
||||||
- name: Setup Kubectl
|
- name: Setup Kubectl
|
||||||
run: |
|
run: |
|
||||||
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
||||||
@@ -56,43 +72,40 @@ jobs:
|
|||||||
echo "${{ secrets.KUBE_CONFIG }}" > $HOME/.kube/config
|
echo "${{ secrets.KUBE_CONFIG }}" > $HOME/.kube/config
|
||||||
chmod 600 $HOME/.kube/config
|
chmod 600 $HOME/.kube/config
|
||||||
|
|
||||||
# Der "Internal Kubernetes Trick"
|
# Internal DNS Trick
|
||||||
sed -i 's|server: https://.*:6443|server: https://kubernetes.default.svc:443|g' $HOME/.kube/config
|
sed -i 's|server: https://.*:6443|server: https://kubernetes.default.svc:443|g' $HOME/.kube/config
|
||||||
|
|
||||||
# 5. Deploy
|
# 5. Deploy to Kubernetes
|
||||||
- name: Deploy to Kubernetes
|
- name: Deploy to Kubernetes
|
||||||
run: |
|
run: |
|
||||||
# Namespace erstellen
|
# Namespace
|
||||||
kubectl create namespace ${{ env.TARGET_NS }} --dry-run=client -o yaml | kubectl apply -f -
|
kubectl create namespace ${{ env.TARGET_NS }} --dry-run=client -o yaml | kubectl apply -f -
|
||||||
|
|
||||||
# Platzhalter in den YAML Dateien ersetzen
|
# Platzhalter ersetzen
|
||||||
# Wir nutzen sed, um die Variablen in die Dateien zu schreiben
|
# Wir bauen den vollen Image-Pfad für die Ersetzung
|
||||||
|
FULL_IMAGE_URL="${{ env.REGISTRY }}/${{ env.FULL_IMAGE_PATH }}:${{ env.IMAGE_TAG }}"
|
||||||
|
|
||||||
# 1. Ingress
|
# Ingress
|
||||||
sed -i "s|\${APP_URL}|${{ env.APP_URL }}|g" k8s/ingress.yaml
|
sed -i "s|\${APP_URL}|${{ env.APP_URL }}|g" k8s/ingress.yaml
|
||||||
|
|
||||||
# 2. App Deployment (Image & Secrets)
|
# App Deployment & Secrets
|
||||||
# Hinweis: Secrets sollten idealerweise in den Repo-Settings hinterlegt sein
|
# HINWEIS: Falls du keine Secrets hast, nimm Fallback-Werte oder entferne die Zeilen
|
||||||
ADMIN_USER="${{ secrets.ADMIN_USER || 'lehrer' }}"
|
ADMIN_USER="${{ secrets.ADMIN_USER || 'lehrer' }}"
|
||||||
ADMIN_PASS="${{ secrets.ADMIN_PASS || 'geheim123' }}"
|
ADMIN_PASS="${{ secrets.ADMIN_PASS || 'geheim123' }}"
|
||||||
|
|
||||||
sed -i "s|\${IMAGE_NAME}|${{ env.IMAGE_FULL }}|g" k8s/app.yaml
|
sed -i "s|\${IMAGE_NAME}|$FULL_IMAGE_URL|g" k8s/app.yaml
|
||||||
sed -i "s|\${ADMIN_USER}|$ADMIN_USER|g" k8s/app.yaml
|
sed -i "s|\${ADMIN_USER}|$ADMIN_USER|g" k8s/app.yaml
|
||||||
sed -i "s|\${ADMIN_PASS}|$ADMIN_PASS|g" k8s/app.yaml
|
sed -i "s|\${ADMIN_PASS}|$ADMIN_PASS|g" k8s/app.yaml
|
||||||
|
|
||||||
# Anwenden im richtigen Namespace
|
# Apply
|
||||||
echo "Applying Redis..."
|
echo "Deploying to Namespace: ${{ env.TARGET_NS }}"
|
||||||
kubectl apply -f k8s/redis.yaml -n ${{ env.TARGET_NS }}
|
kubectl apply -f k8s/redis.yaml -n ${{ env.TARGET_NS }}
|
||||||
|
|
||||||
echo "Applying App..."
|
|
||||||
kubectl apply -f k8s/app.yaml -n ${{ env.TARGET_NS }}
|
kubectl apply -f k8s/app.yaml -n ${{ env.TARGET_NS }}
|
||||||
|
|
||||||
echo "Applying Ingress..."
|
|
||||||
kubectl apply -f k8s/ingress.yaml -n ${{ env.TARGET_NS }}
|
kubectl apply -f k8s/ingress.yaml -n ${{ env.TARGET_NS }}
|
||||||
|
|
||||||
# Force Restart damit das neue Image gezogen wird
|
# Force Update
|
||||||
kubectl rollout restart deployment/escape-game -n ${{ env.TARGET_NS }}
|
kubectl rollout restart deployment/escape-game -n ${{ env.TARGET_NS }}
|
||||||
|
|
||||||
# 6. Info
|
# 6. Summary
|
||||||
- name: Summary
|
- name: Summary
|
||||||
run: echo "🚀 Deployed to https://${{ env.APP_URL }}"
|
run: echo "🚀 Deployed to https://${{ env.APP_URL }}"
|
||||||
Reference in New Issue
Block a user