infra/kforge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

add tool to gitea
Build and Deploy / build-and-deploy (push) Failing after 20s
Details

Browse Source
This commit is contained in:
Nate
2026-06-05 02:34:00 +10:00
commit 532b912ffb
25 changed files with 4981 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
entrypoint.sh
+119
View File
@@ -0,0 +1,119 @@
#!/bin/sh
set -e
# INPUT_FILE="$1"
# OUTPUT_FILE="$2"
# AUTO_DEPLOY="$3"
# ----------------------------------------------------------------
# Registry login
# ----------------------------------------------------------------
if [ -n "$INPUT_REGISTRY_USERNAME" ] && [ -n "$INPUT_REGISTRY_PASSWORD" ]; then
echo "Logging in to $INPUT_REGISTRY..."
echo "$INPUT_REGISTRY_PASSWORD" | docker login "$INPUT_REGISTRY" \
-u "$INPUT_REGISTRY_USERNAME" --password-stdin
fi
# ----------------------------------------------------------------
# Build and push image
# ----------------------------------------------------------------
cleanup_old_tags() {
IMAGE="$1"
KEEP="$2"
echo "Fetching tags for $IMAGE..."
TAGS=$(curl -s -u "$INPUT_REGISTRY_USERNAME:$INPUT_REGISTRY_PASSWORD" \
"https://$INPUT_REGISTRY/v2/$IMAGE/tags/list" \
| tr ',' '\n' \
| grep -o '"[a-f0-9]\{7\}"' \
| tr -d '"')
COUNT=$(echo "$TAGS" | grep -c .)
DELETE_COUNT=$((COUNT - KEEP))
if [ "$DELETE_COUNT" -le 0 ]; then
echo "Only $COUNT hash tags found, no cleanup needed."
return
fi
echo "Found $COUNT hash tags, deleting oldest $DELETE_COUNT..."
echo "$TAGS" | head -n "$DELETE_COUNT" | while read -r TAG; do
echo "Deleting tag: $TAG..."
DIGEST=$(curl -s -I \
-u "$INPUT_REGISTRY_USERNAME:$INPUT_REGISTRY_PASSWORD" \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
"https://$INPUT_REGISTRY/v2/$IMAGE/manifests/$TAG" \
| grep -i "docker-content-digest" \
| tr -d '\r' \
| awk '{print $2}')
if [ -n "$DIGEST" ]; then
curl -s -X DELETE \
-u "$INPUT_REGISTRY_USERNAME:$INPUT_REGISTRY_PASSWORD" \
"https://$INPUT_REGISTRY/v2/$IMAGE/manifests/$DIGEST"
echo "Deleted $TAG ($DIGEST)"
else
echo "Could not find digest for $TAG, skipping."
fi
done
}
if [ -n "$INPUT_IMAGE_NAME" ]; then
FULL_IMAGE="$INPUT_REGISTRY/$INPUT_IMAGE_NAME"
if [ -n "$INPUT_IMAGE_TAG" ]; then
echo "Building image $FULL_IMAGE:$INPUT_IMAGE_TAG..."
docker build -t "$FULL_IMAGE:$INPUT_IMAGE_TAG" -f "$INPUT_DOCKERFILE" .
docker push "$FULL_IMAGE:$INPUT_IMAGE_TAG"
else
SHA=$(echo "$GITHUB_SHA" | cut -c1-7)
echo "Building image $FULL_IMAGE:latest and $FULL_IMAGE:$SHA..."
docker build \
-t "$FULL_IMAGE:latest" \
-t "$FULL_IMAGE:$SHA" \
-f "$INPUT_DOCKERFILE" .
docker push "$FULL_IMAGE:latest"
docker push "$FULL_IMAGE:$SHA"
cleanup_old_tags "$INPUT_IMAGE_NAME" "${INPUT_MAX_TAGS:-5}"
fi
fi
# ----------------------------------------------------------------
# Generate Kubernetes YAML
# ----------------------------------------------------------------
echo "Generating Kubernetes YAML from .kforge.yml"
/usr/local/bin/kforge generate
# ----------------------------------------------------------------
# Deploy to Kubernetes
# ----------------------------------------------------------------
# Build kubeconfig from token-based credentials
echo "Configuring kubectl..."
kubectl config set-cluster default \
--server="$INPUT_KUBE_HOST" \
--certificate-authority=<(echo "$INPUT_KUBE_CERTIFICATE" | base64 -d)
kubectl config set-credentials default \
--token="$INPUT_KUBE_TOKEN"
kubectl config set-context default \
--cluster=default \
--user=default
kubectl config use-context default
# Create/update regcred secret idempotently
echo "Creating regcred secret..."
kubectl create secret docker-registry regcred \
--docker-server="$INPUT_REGISTRY" \
--docker-username="$INPUT_REGISTRY_USERNAME" \
--docker-password="$INPUT_REGISTRY_PASSWORD" \
--dry-run=client -o yaml | kubectl apply -f -
echo "Deploying to Kubernetes..."
kubectl apply -f ./kforge-out/
echo "Deploy complete."