From cc4a7a3c33e6e32a4ded4f45458336e3610fdea2 Mon Sep 17 00:00:00 2001 From: "t.behrendt" Date: Mon, 6 Apr 2026 14:46:26 +0200 Subject: [PATCH] Initial commit --- .gitea/workflows/deploy.yaml | 69 ++++++++++++++++++++++++++++++++++ .gitea/workflows/validate.yaml | 34 +++++++++++++++++ README.md | 17 +++++++++ k8s/10_namespace.yaml | 4 ++ renovate.json | 13 +++++++ 5 files changed, 137 insertions(+) create mode 100644 .gitea/workflows/deploy.yaml create mode 100644 .gitea/workflows/validate.yaml create mode 100644 README.md create mode 100644 k8s/10_namespace.yaml create mode 100644 renovate.json diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml new file mode 100644 index 0000000..b546683 --- /dev/null +++ b/.gitea/workflows/deploy.yaml @@ -0,0 +1,69 @@ +name: Deploy + +on: + push: + branches: + - main + +jobs: + check-changes: + runs-on: ubuntu-latest + outputs: + changes: ${{ steps.filter.outputs.k8s }} + helm: ${{ steps.filter.outputs.helm }} + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + fetch-depth: 0 + - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1 + id: filter + with: + filters: | + k8s: + - 'k8s/**' + helm: + - 'values/**' + - 'helmfile.yaml' + + deploy: + runs-on: ubuntu-latest + needs: check-changes + if: ${{ needs.check-changes.outputs.changes == 'true' || needs.check-changes.outputs.helm == 'true' }} + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: https://gitea.t000-n.de/t.behrendt/k_deploy_workflows/.gitea/actions/extract-namespace-from-repo-name@c373c34c836716e663e2d6379e686997bfd7746c # 0.0.6 + id: namespace + with: + repo: ${{ github.repository }} + - uses: azure/setup-kubectl@15650b3ad78fff148532a140b8a4c821796b2d7b # v5.0.0 + - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5 + with: + version: "3.15.0" + - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + - name: Set restic backup secret + uses: azure/k8s-create-secret@6e0ba8047235646753f2a3a3b359b4d0006ff218 # v5.0.1 + with: + namespace: ${{ steps.namespace.outputs.namespace }} + secret-name: backupsidecar-secret + secret-type: generic + data: | + { + "restic_password": "${{ secrets.RESTIC_PASSWORD }}", + "restic_rest_username": "${{ secrets.RESTIC_REST_USERNAME }}", + "restic_rest_password": "${{ secrets.RESTIC_REST_PASSWORD }}", + "gotify_token": "${{ secrets.GOTIFY_TOKEN }}" + } + - name: Deploy + uses: azure/k8s-deploy@c8cfec839dc09896b3b8cc40cd13d04792680771 # v5.1.0 + with: + action: deploy + manifests: "k8s/" + strategy: basic + namespace: ${{ steps.namespace.outputs.namespace }} + - name: Deploy helm + uses: helmfile/helmfile-action@d9fefe29b0d07e9ab187ecfe1d63eff91e0a070c # v2.4.1 + with: + helmfile-args: apply diff --git a/.gitea/workflows/validate.yaml b/.gitea/workflows/validate.yaml new file mode 100644 index 0000000..36f9adc --- /dev/null +++ b/.gitea/workflows/validate.yaml @@ -0,0 +1,34 @@ +name: Validate + +on: + push: + branches-ignore: + - main + +jobs: + validate: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: https://gitea.t000-n.de/t.behrendt/k_deploy_workflows/.gitea/actions/extract-namespace-from-repo-name@c373c34c836716e663e2d6379e686997bfd7746c # 0.0.6 + id: namespace + with: + repo: ${{ github.repository }} + - uses: azure/setup-kubectl@15650b3ad78fff148532a140b8a4c821796b2d7b # v5.0.0 + - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5 + with: + version: "3.15.0" + - uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + - name: Validate + uses: azure/k8s-lint@6aefe5066f95e73d2b140d8835cc95583b886989 # v3.0.1 + with: + namespace: ${{ steps.namespace.outputs.namespace }} + lintType: dryrun + manifests: "k8s/" + - name: Validate Helm + uses: helmfile/helmfile-action@d9fefe29b0d07e9ab187ecfe1d63eff91e0a070c # v2.4.1 + with: + helmfile-args: diff diff --git a/README.md b/README.md new file mode 100644 index 0000000..64d5f1d --- /dev/null +++ b/README.md @@ -0,0 +1,17 @@ +Template DoDos: + +- Add KUBECONFIG secret to your repo +- Place your k8s files in ./k8s/ +- Replace \ with the name of the service +- Replace \ with the URL of the service +- Replace \ with the authentication method used +- Replace \ with the namespace where the service is deployed in .github/workflows/deploy.yaml +- Provide a screenshot of the service in action in ./screenshot.png + +# Kubernetes Deployment for \ + +Deployed to: \ + +Authentication: \ + +![Screenshot](screenshot.png) diff --git a/k8s/10_namespace.yaml b/k8s/10_namespace.yaml new file mode 100644 index 0000000..badbdd5 --- /dev/null +++ b/k8s/10_namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..7591449 --- /dev/null +++ b/renovate.json @@ -0,0 +1,13 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "local>t.behrendt/renovate-configs:common", + "local>t.behrendt/renovate-configs:k8s", + "local>t.behrendt/renovate-configs:action" + ], + "kubernetes": { + "managerFilePatterns": [ + "/^k8s/.*\\.yaml$/" + ] + } +}