kacerr/gatewayapi-certificates-operator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: kacerr:0.01
Branches Tags
kacerr:main
kacerr:0.07 kacerr:0.06 kacerr:0.05 kacerr:0.04 kacerr:0.03 kacerr:0.02 kacerr:0.01
...
compare: kacerr:0.07
Branches Tags
kacerr:main
kacerr:0.07 kacerr:0.06 kacerr:0.05 kacerr:0.04 kacerr:0.03 kacerr:0.02 kacerr:0.01

6 Commits
0.01 ... 0.07

Author SHA1 Message Date
Jan Novak
21468b9f78 deploy: fix image name to match Gitea repository name
All checks were successful
Deploy to K8s / deploy (push) Successful in 12s
Details
Build and Push / build (push) Successful in 5s
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-26 14:05:34 +01:00
Jan Novak
e61e397229 deploy: update image reference to use full Gitea registry path
All checks were successful
Build and Push / build (push) Successful in 6s
Details
Deploy to K8s / deploy (push) Successful in 7s
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-26 13:58:19 +01:00
Jan Novak
12969b137e ci: also tag built image as latest
All checks were successful
Deploy to K8s / deploy (push) Successful in 11s
Details
Build and Push / build (push) Successful in 5s
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-26 13:46:49 +01:00
Jan Novak
2c4126eac8 deploy: fix ExternalSecret namespace to gateway-cert-operator-system
All checks were successful
Deploy to K8s / deploy (push) Successful in 11s
Details
Build and Push / build (push) Successful in 4s
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-26 13:42:38 +01:00
Jan Novak
f7353d48f4 deploy: add Gitea registry pull secret and ExternalSecret
All checks were successful
Deploy to K8s / deploy (push) Successful in 8s
Details
Build and Push / build (push) Successful in 5s
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-26 13:37:16 +01:00
Jan Novak
4d800ffbfb convert deploy manifests to kustomization format
All checks were successful
Deploy to K8s / deploy (push) Successful in 9s
Details
Build and Push / build (push) Successful in 5s
Details 
Adds kustomization.yaml to enforce explicit resource ordering
(namespace before deployment/service). Updates CI to use
kubectl apply -k instead of kubectl apply -f.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-26 13:20:19 +01:00
7 changed files with 48 additions and 5 deletions
Expand all files Collapse all files

1
.claude/commands/ship.md Normal file
View File

@@ -0,0 +1 @@
Commit all staged and unstaged changes into git, assign the next tag in sequence, then ask for confirmation before pushing.

8
.gitea/workflows/build.yaml
View File

@@ -30,10 +30,12 @@ jobs:
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
TAG=${{ inputs.tag }} TAG=${{ inputs.tag }}
fi fi
IMAGE=gitea.home.hrajfrisbee.cz/${{ github.repository }}:$TAG REPO=gitea.home.hrajfrisbee.cz/${{ github.repository }}
docker build -f Dockerfile \ docker build -f Dockerfile \
--build-arg GIT_TAG=$TAG \ --build-arg GIT_TAG=$TAG \
--build-arg GIT_COMMIT=${{ github.sha }} \ --build-arg GIT_COMMIT=${{ github.sha }} \
--build-arg BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) \ --build-arg BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
-t $IMAGE . -t $REPO:$TAG \
docker push $IMAGE -t $REPO:latest .
docker push $REPO:$TAG
docker push $REPO:latest

2
.gitea/workflows/kubernetes-deploy.yaml
View File

@@ -106,4 +106,4 @@ jobs:
kubectl auth whoami kubectl auth whoami
kubectl get ns kubectl get ns
kubectl apply -f deploy/ kubectl apply -k deploy/

5
CLAUDE.md Normal file
View File

@@ -0,0 +1,5 @@
# Claude Instructions
## Git
- Always ask for confirmation before running `git push`.

4
deploy/deployment_gateway-cert-operator.yaml
View File

@@ -17,6 +17,8 @@ spec:
app.kubernetes.io/name: gateway-cert-operator app.kubernetes.io/name: gateway-cert-operator
app.kubernetes.io/component: operator app.kubernetes.io/component: operator
spec: spec:
imagePullSecrets:
- name: gitea-registry
serviceAccountName: gateway-cert-operator serviceAccountName: gateway-cert-operator
terminationGracePeriodSeconds: 10 terminationGracePeriodSeconds: 10
securityContext: securityContext:
@@ -25,7 +27,7 @@ spec:
type: RuntimeDefault type: RuntimeDefault
containers: containers:
- name: manager - name: manager
image: gateway-cert-operator:latest image: gitea.home.hrajfrisbee.cz/kacerr/gatewayapi-certificates-operator:latest
args: args:
- --metrics-bind-address=:8080 - --metrics-bind-address=:8080
- --health-probe-bind-address=:8081 - --health-probe-bind-address=:8081

22
deploy/externalsecret_gitea-registry.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: gitea-registry
namespace: gateway-cert-operator-system
spec:
refreshInterval: 1h
secretStoreRef:
name: vault-backend
kind: ClusterSecretStore
target:
name: gitea-registry
creationPolicy: Owner
template:
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: "{{ .token }}"
data:
- secretKey: token
remoteRef:
key: k8s_home/gitea/container-registry
property: token

11
deploy/kustomization.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace_gateway-cert-operator-system.yaml
- externalsecret_gitea-registry.yaml
- serviceaccount_gateway-cert-operator.yaml
- clusterrole_gateway-cert-operator.yaml
- clusterrolebinding_gateway-cert-operator.yaml
- deployment_gateway-cert-operator.yaml
- service_gateway-cert-operator-metrics.yaml