From e7cdebb8a19b062d4154ccec8101b09d7159c575 Mon Sep 17 00:00:00 2001 From: Mirko Sekulic Date: Mon, 15 Jul 2024 19:12:17 +0200 Subject: [PATCH] flux artifact pipeline --- .github/workflows/flux-artifact-push.yaml | 71 +++++++++++++++++++ charts/eid-logger-config/Chart.yaml | 24 +++++++ .../templates/helm-release.yaml | 27 +++++++ charts/eid-logger-config/values.yaml | 1 + 4 files changed, 123 insertions(+) create mode 100644 .github/workflows/flux-artifact-push.yaml create mode 100644 charts/eid-logger-config/Chart.yaml create mode 100644 charts/eid-logger-config/templates/helm-release.yaml create mode 100644 charts/eid-logger-config/values.yaml diff --git a/.github/workflows/flux-artifact-push.yaml b/.github/workflows/flux-artifact-push.yaml new file mode 100644 index 00000000000..2b4d95df487 --- /dev/null +++ b/.github/workflows/flux-artifact-push.yaml @@ -0,0 +1,71 @@ +name: Eid logger helm config build and push +on: + push: + branches: [ main ] + paths: + - 'eidlogger/**' + - '.github/workflows/flux-artifact-push.yaml' + - '.deploy/eid-logger/**' + workflow_dispatch: + +permissions: + id-token: write + contents: read + +jobs: + helm-build-push: + name: Flux config push + runs-on: ubuntu-latest + strategy: + matrix: + environment: [staging] + env: + REGISTRY: altinntjenestercontainerregistry.azurecr.io + REPOSITORY: eid-logger + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID_FC }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID_FC }} + AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID_FC }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: 'Azure login' + uses: azure/login@v2 + with: + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} + + - name: 'Install helm' + uses: azure/setup-helm@v4.2.0 + with: + version: '3.15.3' + id: install + + - name: Log in to Container registry + run: | + az acr login --name ${{ env.REGISTRY }} --expose-token --output tsv --query accessToken --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID_FC }} --only-show-errors | docker login ${{ env.REGISTRY }} --username 00000000-0000-0000-0000-000000000000 --password-stdin + + - name: Setup Flux CLI + uses: fluxcd/flux2/action@v2.3.0 + + - name: Install Flux + run: | + flux install + + - name: Generate cofiguration file + run: | + mkdir eid-logger-config + helm template eid-logger-config --set gitSha=${{ github.sha }} > eid-logger-config/helm-release.yaml + + - name: Push config artifact + run: | + flux push artifact oci://${{ env.REGISTRY }}/charts/configs/eid-logger-${{ matrix.environment }}:${{ github.sha }} \ + --path="./eid-logger-config" \ + --source="$(git config --get remote.origin.url)" \ + --revision="$(git branch --show-current)/$(git rev-parse HEAD)" + + - name: Tag artifact as latest + run: | + flux tag artifact oci://${{ env.REGISTRY }}/charts/configs/eid-logger-${{ matrix.environment }}:${{ github.sha }} --tag latest + diff --git a/charts/eid-logger-config/Chart.yaml b/charts/eid-logger-config/Chart.yaml new file mode 100644 index 00000000000..705778dbae1 --- /dev/null +++ b/charts/eid-logger-config/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: eid-logger +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/charts/eid-logger-config/templates/helm-release.yaml b/charts/eid-logger-config/templates/helm-release.yaml new file mode 100644 index 00000000000..2f54c1ff2cd --- /dev/null +++ b/charts/eid-logger-config/templates/helm-release.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: eid-logger + namespace: default +spec: + releaseName: eid-logger + targetNamespace: default + interval: 5m + install: + remediation: + retries: 1 + upgrade: + remediation: + retries: 1 + chart: + spec: + version: "{{ .Values.gitSha }}" + chart: eid-logger + sourceRef: + kind: HelmRepository + name: eid-logger + namespace: default + values: + image: + tag: "{{ .Values.gitSha }}" diff --git a/charts/eid-logger-config/values.yaml b/charts/eid-logger-config/values.yaml new file mode 100644 index 00000000000..242596f4b28 --- /dev/null +++ b/charts/eid-logger-config/values.yaml @@ -0,0 +1 @@ +gitSha: "placeholder"