From 75f57f954eb6fb833015e5375e9c219ceea2e99e Mon Sep 17 00:00:00 2001 From: Finn Date: Tue, 29 Oct 2024 23:42:29 -0700 Subject: [PATCH] fix some autodeploy stuff --- .forgejo/workflows/build-deployer.yaml | 2 +- .forgejo/workflows/k8s-diff-and-deploy.yaml | 2 +- k8s/external-account-rbac/infra-deployer.yaml | 20 +++++++++++++++++++ k8s/external-account-rbac/kustomization.yaml | 4 ++++ .../forgejo-secret-sync.py | 2 +- k8s/operators/longhorn/kustomization.yaml | 2 +- 6 files changed, 28 insertions(+), 4 deletions(-) create mode 100644 k8s/external-account-rbac/infra-deployer.yaml create mode 100644 k8s/external-account-rbac/kustomization.yaml diff --git a/.forgejo/workflows/build-deployer.yaml b/.forgejo/workflows/build-deployer.yaml index 4822b27..994ddfe 100644 --- a/.forgejo/workflows/build-deployer.yaml +++ b/.forgejo/workflows/build-deployer.yaml @@ -11,7 +11,7 @@ jobs: steps: - run: apk add --no-cache nodejs git - name: login to container registry - run: echo "${{ secrets.DEPLOY_SECRET }}" | docker login --username ${{ secrets.DEPLOY_USER }} --password-stdin git.janky.solutions + run: echo "${{ secrets.DEPLOY_TOKEN }}" | docker login --username ${{ secrets.DEPLOY_USER }} --password-stdin git.janky.solutions - name: build container image uses: docker/build-push-action@v6 with: diff --git a/.forgejo/workflows/k8s-diff-and-deploy.yaml b/.forgejo/workflows/k8s-diff-and-deploy.yaml index 9284dcd..1fc0cd0 100644 --- a/.forgejo/workflows/k8s-diff-and-deploy.yaml +++ b/.forgejo/workflows/k8s-diff-and-deploy.yaml @@ -7,7 +7,7 @@ jobs: diff-and-deploy: runs-on: ubuntu-latest container: - image: git.devhack.net/devhack/containers/deployer:latest + image: git.janky.solutions/jankysolutions/infra/deployer:latest steps: - uses: actions/checkout@v4 - name: kubectl diff and deploy diff --git a/k8s/external-account-rbac/infra-deployer.yaml b/k8s/external-account-rbac/infra-deployer.yaml new file mode 100644 index 0000000..72b5017 --- /dev/null +++ b/k8s/external-account-rbac/infra-deployer.yaml @@ -0,0 +1,20 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: infra-deployer +rules: + - apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: infra-deployer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: infra-deployer +subjects: +- kind: User + name: infra-deployer diff --git a/k8s/external-account-rbac/kustomization.yaml b/k8s/external-account-rbac/kustomization.yaml new file mode 100644 index 0000000..689f0a9 --- /dev/null +++ b/k8s/external-account-rbac/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - infra-deployer.yaml diff --git a/k8s/forgejo/forgejo-secret-sync/forgejo-secret-sync.py b/k8s/forgejo/forgejo-secret-sync/forgejo-secret-sync.py index 27a23f2..e1fd554 100644 --- a/k8s/forgejo/forgejo-secret-sync/forgejo-secret-sync.py +++ b/k8s/forgejo/forgejo-secret-sync/forgejo-secret-sync.py @@ -53,7 +53,7 @@ apiVersion: v1 clusters: - cluster: certificate-authority-data: {ca} - server: https://k8s-node-1:6443 + server: https://10.5.1.110:6443 name: default contexts: - context: diff --git a/k8s/operators/longhorn/kustomization.yaml b/k8s/operators/longhorn/kustomization.yaml index 065ff39..509af71 100644 --- a/k8s/operators/longhorn/kustomization.yaml +++ b/k8s/operators/longhorn/kustomization.yaml @@ -3,7 +3,7 @@ kind: Kustomization namespace: longhorn-system resources: - https://github.com/longhorn/longhorn/releases/download/v1.6.2/longhorn.yaml - - secrets.yaml + # - secrets.yaml - backup.yaml - ingress.yaml - servicemonitor.yaml