Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 12969b137e | |||
| 2c4126eac8 | |||
| f7353d48f4 | |||
| 4d800ffbfb |
@@ -30,10 +30,12 @@ jobs:
|
|||||||
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
|
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
|
||||||
TAG=${{ inputs.tag }}
|
TAG=${{ inputs.tag }}
|
||||||
fi
|
fi
|
||||||
IMAGE=gitea.home.hrajfrisbee.cz/${{ github.repository }}:$TAG
|
REPO=gitea.home.hrajfrisbee.cz/${{ github.repository }}
|
||||||
docker build -f Dockerfile \
|
docker build -f Dockerfile \
|
||||||
--build-arg GIT_TAG=$TAG \
|
--build-arg GIT_TAG=$TAG \
|
||||||
--build-arg GIT_COMMIT=${{ github.sha }} \
|
--build-arg GIT_COMMIT=${{ github.sha }} \
|
||||||
--build-arg BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
|
--build-arg BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
|
||||||
-t $IMAGE .
|
-t $REPO:$TAG \
|
||||||
docker push $IMAGE
|
-t $REPO:latest .
|
||||||
|
docker push $REPO:$TAG
|
||||||
|
docker push $REPO:latest
|
||||||
|
|||||||
@@ -106,4 +106,4 @@ jobs:
|
|||||||
kubectl auth whoami
|
kubectl auth whoami
|
||||||
kubectl get ns
|
kubectl get ns
|
||||||
|
|
||||||
kubectl apply -f deploy/
|
kubectl apply -k deploy/
|
||||||
|
|||||||
@@ -17,6 +17,8 @@ spec:
|
|||||||
app.kubernetes.io/name: gateway-cert-operator
|
app.kubernetes.io/name: gateway-cert-operator
|
||||||
app.kubernetes.io/component: operator
|
app.kubernetes.io/component: operator
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets:
|
||||||
|
- name: gitea-registry
|
||||||
serviceAccountName: gateway-cert-operator
|
serviceAccountName: gateway-cert-operator
|
||||||
terminationGracePeriodSeconds: 10
|
terminationGracePeriodSeconds: 10
|
||||||
securityContext:
|
securityContext:
|
||||||
|
|||||||
22
deploy/externalsecret_gitea-registry.yaml
Normal file
22
deploy/externalsecret_gitea-registry.yaml
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
apiVersion: external-secrets.io/v1
|
||||||
|
kind: ExternalSecret
|
||||||
|
metadata:
|
||||||
|
name: gitea-registry
|
||||||
|
namespace: gateway-cert-operator-system
|
||||||
|
spec:
|
||||||
|
refreshInterval: 1h
|
||||||
|
secretStoreRef:
|
||||||
|
name: vault-backend
|
||||||
|
kind: ClusterSecretStore
|
||||||
|
target:
|
||||||
|
name: gitea-registry
|
||||||
|
creationPolicy: Owner
|
||||||
|
template:
|
||||||
|
type: kubernetes.io/dockerconfigjson
|
||||||
|
data:
|
||||||
|
.dockerconfigjson: "{{ .token }}"
|
||||||
|
data:
|
||||||
|
- secretKey: token
|
||||||
|
remoteRef:
|
||||||
|
key: k8s_home/gitea/container-registry
|
||||||
|
property: token
|
||||||
11
deploy/kustomization.yaml
Normal file
11
deploy/kustomization.yaml
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- namespace_gateway-cert-operator-system.yaml
|
||||||
|
- externalsecret_gitea-registry.yaml
|
||||||
|
- serviceaccount_gateway-cert-operator.yaml
|
||||||
|
- clusterrole_gateway-cert-operator.yaml
|
||||||
|
- clusterrolebinding_gateway-cert-operator.yaml
|
||||||
|
- deployment_gateway-cert-operator.yaml
|
||||||
|
- service_gateway-cert-operator-metrics.yaml
|
||||||
Reference in New Issue
Block a user