diff --git a/.gitea/workflows/deploy-aws-cronjob.yml b/.gitea/workflows/deploy-aws-cronjob.yml new file mode 100644 index 0000000..c3f7b33 --- /dev/null +++ b/.gitea/workflows/deploy-aws-cronjob.yml @@ -0,0 +1,49 @@ +name: Deploy to Kube AWS Cronjob + +on: + workflow_call: + inputs: + app-name: + required: true + type: string + app-target: + required: true + type: string + image-tag: + required: true + type: string + secrets: + REGISTRY: + required: true + EKS_KEY: + required: true + EKS_SECRET: + required: true + +jobs: + deploy-k8s-eks-cron: + name: Deploy Cronjob + runs-on: ubuntu-js-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{secrets.EKS_KEY}} + aws-secret-access-key: ${{secrets.EKS_SECRET}} + aws-region: ap-southeast-3 + - name: Deploy + env: + REGISTRY: ${{ secrets.REGISTRY }} + APP: ${{ inputs.app-name }} + APPTARGET: ${{inputs.app-target}} + TAG: ${{inputs.image-tag}} + run: | + curl -o kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.24.7/2022-10-31/bin/linux/amd64/kubectl + chmod +x kubectl + mv kubectl /usr/local/bin/ + cd ~ + mkdir .kube + aws eks update-kubeconfig --region ap-southeast-3 --name btwedutech + kubectl set image cronjob/$APP $APPTARGET=$REGISTRY:$TAG diff --git a/.gitea/workflows/deploy-aws.yml b/.gitea/workflows/deploy-aws.yml new file mode 100644 index 0000000..b9797f5 --- /dev/null +++ b/.gitea/workflows/deploy-aws.yml @@ -0,0 +1,50 @@ +name: Deploy to Kube AWS + +on: + workflow_call: + inputs: + app-name: + required: true + type: string + app-target: + required: true + type: string + image-tag: + required: true + type: string + secrets: + REGISTRY: + required: true + EKS_KEY: + required: true + EKS_SECRET: + required: true + +jobs: + deploy-k8s-eks: + name: Deploy to deployment EKS + runs-on: ubuntu-js-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{secrets.EKS_KEY}} + aws-secret-access-key: ${{secrets.EKS_SECRET}} + aws-region: ap-southeast-3 + - name: Deploy + env: + REGISTRY: ${{ secrets.REGISTRY }} + APP: ${{ inputs.app-name }} + APPTARGET: ${{inputs.app-target}} + TAG: ${{inputs.image-tag}} + run: | + curl -o kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.24.7/2022-10-31/bin/linux/amd64/kubectl + chmod +x kubectl + mv kubectl /usr/local/bin/ + cd ~ + mkdir .kube + aws eks update-kubeconfig --region ap-southeast-3 --name btwedutech + kubectl set image deployment/$APP $APPTARGET=$REGISTRY:$TAG + kubectl rollout restart deployment/$APP diff --git a/.gitea/workflows/deploy-cronjob.yml b/.gitea/workflows/deploy-cronjob.yml new file mode 100644 index 0000000..c75c034 --- /dev/null +++ b/.gitea/workflows/deploy-cronjob.yml @@ -0,0 +1,40 @@ +name: Deploy to Kube Cronjob + +on: + workflow_call: + inputs: + app-name: + required: true + type: string + app-target: + required: true + type: string + image-tag: + required: true + type: string + secrets: + REGISTRY: + required: true + K8S_CONFIG: + required: true + +jobs: + deploy-k8s: + name: Deploy Cronjob + runs-on: ubuntu-js-latest + steps: + - name: Deploy + env: + K8S_CONFIG: ${{secrets.K8S_CONFIG}} + REGISTRY: ${{ secrets.REGISTRY }} + APP: ${{ inputs.app-name }} + APPTARGET: ${{inputs.app-target}} + TAG: ${{inputs.image-tag}} + run: | + curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x kubectl + mv kubectl /usr/local/bin/ + cd ~ + mkdir .kube + echo "$K8S_CONFIG" > .kube/config + kubectl set image cronjob/$APP $APPTARGET=$REGISTRY:$TAG diff --git a/.gitea/workflows/deploy-gke-cronjob.yml b/.gitea/workflows/deploy-gke-cronjob.yml new file mode 100644 index 0000000..48fabb5 --- /dev/null +++ b/.gitea/workflows/deploy-gke-cronjob.yml @@ -0,0 +1,51 @@ +name: Deploy to Kube GKE Cronjob + +on: + workflow_call: + inputs: + app-name: + required: true + type: string + app-target: + required: true + type: string + image-tag: + required: true + type: string + secrets: + REGISTRY: + required: true + GKE_SA_KEY: + required: true + GKE_CLUSTER_NAME: + required: true + GKE_ZONE_NAME: + required: true + GKE_PROJECT_ID: + required: true + +jobs: + deploy-k8s-gke-cron: + name: Deploy Cronjob + runs-on: ubuntu-js-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Authenticate Google Cloud + uses: google-github-actions/auth@v2 + with: + credentials_json: ${{ secrets.GKE_SA_KEY }} + - name: Configure GKE credentials + uses: google-github-actions/get-gke-credentials@v2 + with: + cluster_name: ${{ secrets.GKE_CLUSTER_NAME }} + location: ${{ secrets.GKE_ZONE_NAME }} + project_id: ${{ secrets.GKE_PROJECT_ID }} + - name: Deploy + env: + REGISTRY: ${{ secrets.REGISTRY }} + APP: ${{ inputs.app-name }} + APPTARGET: ${{inputs.app-target}} + TAG: ${{inputs.image-tag}} + run: | + kubectl set image cronjob/$APP $APPTARGET=$REGISTRY:$TAG diff --git a/.gitea/workflows/deploy-gke.yml b/.gitea/workflows/deploy-gke.yml new file mode 100644 index 0000000..87b0b8b --- /dev/null +++ b/.gitea/workflows/deploy-gke.yml @@ -0,0 +1,52 @@ +name: Deploy to Kube GKE + +on: + workflow_call: + inputs: + app-name: + required: true + type: string + app-target: + required: true + type: string + image-tag: + required: true + type: string + secrets: + REGISTRY: + required: true + GKE_SA_KEY: + required: true + GKE_CLUSTER_NAME: + required: true + GKE_ZONE_NAME: + required: true + GKE_PROJECT_ID: + required: true + +jobs: + deploy-k8s-gke: + name: Deploy to deployment GKE + runs-on: ubuntu-js-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Authenticate Google Cloud + uses: google-github-actions/auth@v2 + with: + credentials_json: ${{ secrets.GKE_SA_KEY }} + - name: Configure GKE credentials + uses: google-github-actions/get-gke-credentials@v2 + with: + cluster_name: ${{ secrets.GKE_CLUSTER_NAME }} + location: ${{ secrets.GKE_ZONE_NAME }} + project_id: ${{ secrets.GKE_PROJECT_ID }} + - name: Deploy + env: + REGISTRY: ${{ secrets.REGISTRY }} + APP: ${{ inputs.app-name }} + APPTARGET: ${{inputs.app-target}} + TAG: ${{inputs.image-tag}} + run: | + kubectl set image deployment/$APP $APPTARGET=$REGISTRY:$TAG + kubectl rollout restart deployment/$APP diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml new file mode 100644 index 0000000..0e12b22 --- /dev/null +++ b/.gitea/workflows/deploy.yml @@ -0,0 +1,41 @@ +name: Deploy to Kube + +on: + workflow_call: + inputs: + app-name: + required: true + type: string + app-target: + required: true + type: string + image-tag: + required: true + type: string + secrets: + REGISTRY: + required: true + K8S_CONFIG: + required: true + +jobs: + deploy-k8s: + name: Deploy to deployment + runs-on: ubuntu-js-latest + steps: + - name: Deploy + env: + K8S_CONFIG: ${{secrets.K8S_CONFIG}} + REGISTRY: ${{ secrets.REGISTRY }} + APP: ${{ inputs.app-name }} + APPTARGET: ${{inputs.app-target}} + TAG: ${{inputs.image-tag}} + run: | + curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl + chmod +x kubectl + mv kubectl /usr/local/bin/ + cd ~ + mkdir .kube + echo "$K8S_CONFIG" > .kube/config + kubectl set image deployment/$APP $APPTARGET=$REGISTRY:$TAG + kubectl rollout restart deployment/$APP diff --git a/.gitea/workflows/osv.yml b/.gitea/workflows/osv.yml new file mode 100644 index 0000000..fb65c55 --- /dev/null +++ b/.gitea/workflows/osv.yml @@ -0,0 +1,14 @@ +name: Package Vulnerability Scanning +on: [workflow_call] + +jobs: + osv-scanner: + runs-on: ubuntu-js-latest + name: OSV Scanner + container: registry.btwazure.com/marvelousbtw/osv-scanner + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Run OSV Scanner + run: | + test -f ./osv-config.toml && osv-scanner --config=./osv-config.toml -r . || osv-scanner -r .