diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..fb34ac6 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,93 @@ +--- +when: + event: + - push + +steps: + - image: alpine/helm + name: Publish the Helm chart + commands: + - helm plugin install https://github.com/chartmuseum/helm-push + - helm package chart -d chart-package + - helm repo add --username allanger --password $GITEA_TOKEN badhouseplants-net https://git.badhouseplants.net/api/packages/badhouseplants/helm + - helm cm-push "./chart-package/$(ls chart-package)" badhouseplants-net + secrets: + - gitea_token + + - name: Test a build + image: git.badhouseplants.net/badhouseplants/hugo-container + commands: + - hugo -s ./src + + - name: Build and push the docker image + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + privileged: true + depends_on: + - Test a build + secrets: + - gitea_token + environment: + BUILDER_COMMIT: 2449b73b13a62ae916c6703778d096e5290157b3 + commands: + - rm -rf $DRONE_WORKSPACE/src/assets/ + - ./scripts/build-container.pl + backend_options: + kubernetes: + resources: + requests: + memory: 500Mi + cpu: 200m + limits: + memory: 1000Mi + cpu: 1000m + securityContext: + privileged: true + + - name: Sync pictures from lfs to Minio + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + depends_on: + - Test a build + secrets: + - rclone_config_content + environment: + RCLONE_CONFIG: /tmp/rclone.conf + commands: + - echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG + - ./scripts/upload-media.pl + + - name: Deploy the application + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + depends_on: + - Build and push the docker image + - Sync pictures from lfs to Minio + secrets: + - gitea_token + - argocd_auth_token + - argo_github_oauth_key + - argo_google_oauth_key + environment: + ARGOCD_SERVER: argo.badhouseplants.net:443 + commands: + - ./scripts/deploy-app.pl + + - name: Cleanup everything + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + depends_on: + - Deploy the application + secrets: + - gitea_token + - argocd_auth_token + - rclone_config_content + environment: + ARGOCD_SERVER: argo.badhouseplants.net:443 + RCLONE_CONFIG: /tmp/rclone.conf + commands: + - echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG + - ./scripts/cleanup.pl + + - name: Spell-Checker + failure: ignore + image: node + commands: + - npm i markdown-spellcheck -g + - mdspell "src/content/**/*.md" -n -r diff --git a/chart/Chart.yaml b/chart/Chart.yaml index b249eeb..96d4f43 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: badhouseplants-net description: A Helm chart for Kubernetes type: application -version: 0.8.6 +version: 0.9.0 appVersion: "4.20.0" dependencies: - name: remark42 - version: 0.5.5 + version: 0.7.0 repository: https://groundhog2k.github.io/helm-charts/ condition: remark42.enabled diff --git a/chart/templates/virtual-service.yaml b/chart/templates/virtual-service.yaml deleted file mode 100644 index 0db7593..0000000 --- a/chart/templates/virtual-service.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- if .Values.istio.enabled -}} -apiVersion: networking.istio.io/v1beta1 -kind: VirtualService -metadata: - name: {{ include "badhouseplants-net.fullname" . }} - labels: - {{- include "badhouseplants-net.labels" . | nindent 4 }} - {{- with .Values.istio.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - gateways: - - istio-system/badhouseplants-net - hosts: - {{- range .Values.istio.hosts}} - - {{ . }} - {{- end }} - http: - - match: - - uri: - prefix: {{ .Values.istio.prefix }} - route: - - destination: - host: {{ include "badhouseplants-net.fullname" . }} - port: - number: {{ .Values.service.port }} -{{- end }} ---- -{{- if .Values.remark42.istio.enabled -}} -apiVersion: networking.istio.io/v1beta1 -kind: VirtualService -metadata: - name: {{ include "remark42.fullname" . }}-remark42 - labels: - {{- include "badhouseplants-net.labels" . | nindent 4 }} - {{- with .Values.remark42.istio.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - gateways: - - istio-system/badhouseplants-net - hosts: - {{- range .Values.remark42.istio.hosts}} - - {{ . }} - {{- end }} - http: - - match: - - uri: - prefix: {{ .Values.remark42.istio.prefix }} - route: - - destination: - host: {{ .Release.Name }}-remark42 - port: - number: {{ .Values.remark42.service.port }} -{{- end }} diff --git a/chart/values.yaml b/chart/values.yaml index ed5d115..c0463a3 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -39,14 +39,6 @@ hugo: env: HUGO_PARAMS_GITBRANCH: main -istio: - annotations: {} - enabled: true - hosts: - - badhouseplants.net - - www.badhouseplants.net - prefix: / - volumes: # ---------------------------------------------- # -- An emptydir volume where hugo should diff --git a/kube/values-main.yaml b/kube/values-main.yaml index 7555fdb..4d25e03 100644 --- a/kube/values-main.yaml +++ b/kube/values-main.yaml @@ -5,11 +5,33 @@ values: | tag: $ARGO_APP_IMAGE_TAG env: HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG - istio: - annotations: + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 link.argocd.argoproj.io/env: https://badhouseplants.net/ link.argocd.argoproj.io/build: $DRONE_BUILD_LINK - link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web + pathtype: ImplementationSpecific + hosts: + - host: badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + - host: www.badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: badhp-tls + hosts: + - badhouseplants.net + - www.badhouseplants.net + remark42: settings: secret: $ARGO_REMARK_SECRET @@ -26,3 +48,25 @@ values: | secret: $ARGO_GOOGLE_OAUTH_KEY storage: requestedSize: 300Mi + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 + link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web + ## Hosts + hosts: + - host: remark42.badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + + tls: + secretName: chart-example-tls + hosts: + - remark42.badhouseplants.net + \ No newline at end of file diff --git a/kube/values-preview.yaml b/kube/values-preview.yaml index 5789c75..c618bd8 100644 --- a/kube/values-preview.yaml +++ b/kube/values-preview.yaml @@ -1,12 +1,27 @@ --- values: | - istio: - hosts: - - $ARGO_APP_HOSTNAME - annotations: + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 link.argocd.argoproj.io/env: https://$ARGO_APP_HOSTNAME/ - link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/web link.argocd.argoproj.io/build: $DRONE_BUILD_LINK + pathtype: ImplementationSpecific + hosts: + - host: $ARGO_APP_HOSTNAME + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: badhp-$ARGO_APP_BRANCH-tls + hosts: + - $ARGO_APP_HOSTNAME + hugo: image: tag: $ARGO_APP_IMAGE_TAG @@ -17,13 +32,31 @@ values: | HUGO_PARAMS_COMMENTS_REMARK42_HOST: https://remark42-$ARGO_APP_HOSTNAME HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG remark42: - istio: - hosts: - - remark42-$ARGO_APP_HOSTNAME settings: url: https://remark42-$ARGO_APP_HOSTNAME/ auth: anonymous: true secretKey: $ARGO_REMARK_SECRET + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 + link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/ + ## Hosts + hosts: + - host: remark42.badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + + tls: + secretName: remark-$ARGO_APP_BRANCH-tls + hosts: + - remark42-$ARGO_APP_HOSTNAME rclone: command: 'rclone copy -P badhouseplants-public:/badhouseplants-net/$ARGO_APP_IMAGE_TAG /static'