From b1ca87c681d0a530fb185f89727d471cb16b5c5e Mon Sep 17 00:00:00 2001 From: hz Date: Sun, 23 Nov 2025 01:37:03 -0600 Subject: [PATCH] Adding runner script to deploy auth microservice --- .gitea/workflows/deploy-auth.yml | 104 +++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 .gitea/workflows/deploy-auth.yml diff --git a/.gitea/workflows/deploy-auth.yml b/.gitea/workflows/deploy-auth.yml new file mode 100644 index 0000000..2b4bfcb --- /dev/null +++ b/.gitea/workflows/deploy-auth.yml @@ -0,0 +1,104 @@ +name: Deploy Promiscuity Auth API + +on: + push: + branches: + - main + workflow_dispatch: {} + +jobs: + deploy: + runs-on: self-hosted + + env: + IMAGE_NAME: promiscuity-auth:latest + IMAGE_TAR: /tmp/promiscuity-auth.tar + # All nodes that might run the pod (control-plane + workers) + NODES: "k8s-cp-01 k8s-w-01 k8s-w-02" + + steps: + - name: Checkout repo + uses: actions/checkout@v4 + + # ----------------------------- + # Build Docker image + # ----------------------------- + - name: Build Docker image + run: | + cd microservices/Auth + docker build -t "${IMAGE_NAME}" . + + # ----------------------------- + # Save image as TAR on runner + # ----------------------------- + - name: Save Docker image to TAR + run: | + docker save "${IMAGE_NAME}" -o "${IMAGE_TAR}" + + # ----------------------------- + # Copy TAR to each Kubernetes node + # ----------------------------- + - name: Copy TAR to nodes + run: | + for node in ${NODES}; do + echo "Copying image tar to $node ..." + scp -o StrictHostKeyChecking=no "${IMAGE_TAR}" hz@"$node":/tmp/promiscuity-auth.tar + done + + # ----------------------------- + # Import image into containerd on each node + # ----------------------------- + - name: Import image on nodes + run: | + for node in ${NODES}; do + echo "Importing image on $node ..." + ssh -o StrictHostKeyChecking=no hz@"$node" "sudo ctr -n k8s.io images import /tmp/promiscuity-auth.tar" + done + + # ----------------------------- + # CLEANUP: delete TAR from nodes + # ----------------------------- + - name: Clean TAR from nodes + run: | + for node in ${NODES}; do + echo "Removing image tar on $node ..." + ssh -o StrictHostKeyChecking=no hz@"$node" "rm -f /tmp/promiscuity-auth.tar" + done + + # ----------------------------- + # CLEANUP: delete TAR from runner + # ----------------------------- + - name: Clean TAR on runner + run: | + rm -f "${IMAGE_TAR}" + + # ----------------------------- + # Write kubeconfig from secret + # ----------------------------- + - name: Write kubeconfig from secret + env: + KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }} + run: | + mkdir -p /tmp/kube + printf '%s\n' "$KUBECONFIG_CONTENT" > /tmp/kube/config + + # ----------------------------- + # Apply Kubernetes manifests + # (You create these files in your repo) + # ----------------------------- + - name: Apply Auth deployment & service + env: + KUBECONFIG: /tmp/kube/config + run: | + kubectl apply -f microservices/Auth/k8s/deployment.yaml -n promiscuity-auth + kubectl apply -f microservices/Auth/k8s/service.yaml -n promiscuity-auth + + # ----------------------------- + # Rollout restart & wait + # ----------------------------- + - name: Restart Auth deployment + env: + KUBECONFIG: /tmp/kube/config + run: | + kubectl rollout restart deployment/promiscuity-auth -n promiscuity-auth + kubectl rollout status deployment/promiscuity-auth -n promiscuity-auth