Adding runner script to deploy auth microservice

2025-11-23 01:37:03 -06:00 · 2025-11-23 01:37:03 -06:00 · b1ca87c681
commit b1ca87c681
parent f3f90ec900
1 changed files with 104 additions and 0 deletions
--- a/.gitea/workflows/deploy-auth.yml
+++ b/.gitea/workflows/deploy-auth.yml
@ -0,0 +1,104 @@
+name: Deploy Promiscuity Auth API
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch: {}
+
+jobs:
+  deploy:
+    runs-on: self-hosted
+
+    env:
+      IMAGE_NAME: promiscuity-auth:latest
+      IMAGE_TAR: /tmp/promiscuity-auth.tar
+      # All nodes that might run the pod (control-plane + workers)
+      NODES: "k8s-cp-01 k8s-w-01 k8s-w-02"
+
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      # -----------------------------
+      # Build Docker image
+      # -----------------------------
+      - name: Build Docker image
+        run: |
+          cd microservices/Auth
+          docker build -t "${IMAGE_NAME}" .
+
+      # -----------------------------
+      # Save image as TAR on runner
+      # -----------------------------
+      - name: Save Docker image to TAR
+        run: |
+          docker save "${IMAGE_NAME}" -o "${IMAGE_TAR}"
+
+      # -----------------------------
+      # Copy TAR to each Kubernetes node
+      # -----------------------------
+      - name: Copy TAR to nodes
+        run: |
+          for node in ${NODES}; do
+            echo "Copying image tar to $node ..."
+            scp -o StrictHostKeyChecking=no "${IMAGE_TAR}" hz@"$node":/tmp/promiscuity-auth.tar
+          done
+
+      # -----------------------------
+      # Import image into containerd on each node
+      # -----------------------------
+      - name: Import image on nodes
+        run: |
+          for node in ${NODES}; do
+            echo "Importing image on $node ..."
+            ssh -o StrictHostKeyChecking=no hz@"$node" "sudo ctr -n k8s.io images import /tmp/promiscuity-auth.tar"
+          done
+
+      # -----------------------------
+      # CLEANUP: delete TAR from nodes
+      # -----------------------------
+      - name: Clean TAR from nodes
+        run: |
+          for node in ${NODES}; do
+            echo "Removing image tar on $node ..."
+            ssh -o StrictHostKeyChecking=no hz@"$node" "rm -f /tmp/promiscuity-auth.tar"
+          done
+
+      # -----------------------------
+      # CLEANUP: delete TAR from runner
+      # -----------------------------
+      - name: Clean TAR on runner
+        run: |
+          rm -f "${IMAGE_TAR}"
+
+      # -----------------------------
+      # Write kubeconfig from secret
+      # -----------------------------
+      - name: Write kubeconfig from secret
+        env:
+          KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }}
+        run: |
+          mkdir -p /tmp/kube
+          printf '%s\n' "$KUBECONFIG_CONTENT" > /tmp/kube/config
+
+      # -----------------------------
+      # Apply Kubernetes manifests
+      # (You create these files in your repo)
+      # -----------------------------
+      - name: Apply Auth deployment & service
+        env:
+          KUBECONFIG: /tmp/kube/config
+        run: |
+          kubectl apply -f microservices/Auth/k8s/deployment.yaml -n promiscuity-auth
+          kubectl apply -f microservices/Auth/k8s/service.yaml -n promiscuity-auth
+
+      # -----------------------------
+      # Rollout restart & wait
+      # -----------------------------
+      - name: Restart Auth deployment
+        env:
+          KUBECONFIG: /tmp/kube/config
+        run: |
+          kubectl rollout restart deployment/promiscuity-auth -n promiscuity-auth
+          kubectl rollout status deployment/promiscuity-auth -n promiscuity-auth