diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index b47fd9a..6a4c8f7 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -1,99 +1,24 @@ -# Generated by kforge — do not edit manually. -# Re-generate: kforge gitea-actions > .gitea/workflows/deploy.yml -# -# Required Gitea org secrets: -# DOCKER_USERNAME, DOCKER_PASSWORD, KFORGE_NODE_IP -# CLOUDFLARE_API_TOKEN, CF_ZONE_ID_* (per zone) -# SOPS_AGE_KEY -# Required Gitea repo secrets: -# KUBE_HOST, KUBE_TOKEN, KUBE_CERTIFICATE - -name: Build and Deploy +# .gitea/workflows/publish.yml +name: Publish Action Image on: push: - branches: - - main + branches: [main] jobs: - build-and-deploy: + build: runs-on: ubuntu-latest steps: - - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: 22 - - - name: Create short commit hash - run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV + - uses: actions/checkout@v4 - name: Login to registry uses: docker/login-action@v2 with: - password: ${{ secrets.DOCKER_PASSWORD }} registry: registry.natelubitz.com username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} - - name: Build and push image - uses: docker/build-push-action@v5 - with: - context: . - file: Dockerfile - platforms: linux/amd64 - provenance: false - push: true - sbom: false - tags: | - registry.natelubitz.com/nate-lubitz/www:latest - registry.natelubitz.com/nate-lubitz/www:${{ env.SHORT_SHA }} - - - name: Install kforge + - name: Build and push action image run: | - KFORGE_VERSION="latest" - curl -fsSL "https://kforge/releases/download/${KFORGE_VERSION}/kforge-linux-amd64" -o /usr/local/bin/kforge - chmod +x /usr/local/bin/kforge - - - name: Validate kforge config (Production) - run: kforge validate - env: - CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} - KFORGE_NODE_IP: ${{ secrets.KFORGE_NODE_IP }} - SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }} - - - name: Apply cluster secrets (Production) - run: kforge secrets apply --env production - env: - KUBE_CERTIFICATE: ${{ secrets.KUBE_CERTIFICATE }} - KUBE_HOST: ${{ secrets.KUBE_HOST }} - KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} - - - name: Generate manifests (Production) - run: kforge generate --env production --output .kforge-out --set image_tag=${{ env.SHORT_SHA }} - env: - CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} - KFORGE_NODE_IP: ${{ secrets.KFORGE_NODE_IP }} - SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }} - - - name: Apply manifests (Production) - uses: actions-hub/kubectl@master - with: - args: apply -f .kforge-out/production-core.yaml -n production --insecure-skip-tls-verify - env: - KUBE_CERTIFICATE: ${{ secrets.KUBE_CERTIFICATE }} - KUBE_HOST: ${{ secrets.KUBE_HOST }} - KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} - - - name: Rollout restart (Production) - uses: actions-hub/kubectl@master - with: - args: rollout restart deployment/prod-nate-lubitz-www -n production --insecure-skip-tls-verify - env: - KUBE_CERTIFICATE: ${{ secrets.KUBE_CERTIFICATE }} - KUBE_HOST: ${{ secrets.KUBE_HOST }} - KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }} + docker build -t registry.natelubitz.com/infra/kforge:latest . + docker push registry.natelubitz.com/infra/kforge:latest diff --git a/action.yml b/action.yml index 8ccdf5c..15d5b6e 100644 --- a/action.yml +++ b/action.yml @@ -46,7 +46,7 @@ inputs: runs: using: "docker" - image: "Dockerfile" + image: "docker://registry.natelubitz.com/infra/kforge:latest" # args: # - ${{ inputs.input_file }} # - ${{ inputs.output_file }}