This repository was archived by the owner on Sep 16, 2025. It is now read-only.
Enhance Ingress configuration by adding TLS settings and updating ann… #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Kubernetes | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - dev | |
| env: | |
| IMAGE_NAME: ghcr.io/${{ github.repository }}:${{ github.sha }} | |
| jobs: | |
| build-and-push: | |
| runs-on: self-hosted | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Docker tags | |
| id: docker_tags | |
| run: | | |
| BRANCH="${GITHUB_REF_NAME}" | |
| SHORT_SHA=$(echo "${GITHUB_SHA}" | cut -c1-7) | |
| IMAGE_BASE="ghcr.io/${{ github.repository }}" | |
| TAGS="" | |
| if [ "$BRANCH" = "main" ]; then | |
| TAGS+="${IMAGE_BASE}:main,${IMAGE_BASE}:latest,${IMAGE_BASE}:main-${SHORT_SHA}" | |
| elif [ "$BRANCH" = "dev" ]; then | |
| TAGS+="${IMAGE_BASE}:dev,${IMAGE_BASE}:dev-${SHORT_SHA}" | |
| else | |
| TAGS+="${IMAGE_BASE}:${BRANCH},${IMAGE_BASE}:${BRANCH}-${SHORT_SHA}" | |
| fi | |
| echo "tags=$TAGS" >> $GITHUB_OUTPUT | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.docker_tags.outputs.tags }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build-and-push | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Kubeconfig | |
| env: | |
| KUBECONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }} | |
| run: | | |
| mkdir -p ~/.kube | |
| # Decode and write kubeconfig | |
| echo "${KUBECONFIG_DATA}" | base64 -d > ~/.kube/config | |
| # Verify kubeconfig was decoded properly | |
| if [ ! -s ~/.kube/config ]; then | |
| echo "❌ ERROR: Kubeconfig file is empty after decoding!" | |
| echo "Please verify that KUBECONFIG_DATA secret contains valid base64 encoded kubeconfig" | |
| exit 1 | |
| fi | |
| # Set proper permissions | |
| chmod 600 ~/.kube/config | |
| # Verify connection | |
| echo "Testing connection to Kubernetes cluster..." | |
| kubectl cluster-info | |
| - name: Deploy to Kubernetes | |
| run: | | |
| if [ "${{ github.ref_name }}" = "main" ]; then | |
| OVERLAY=main | |
| elif [ "${{ github.ref_name }}" = "dev" ]; then | |
| OVERLAY=dev | |
| else | |
| echo "Branch is not main or dev, skipping deployment." | |
| exit 1 | |
| fi | |
| cd k8s/overlays/$OVERLAY | |
| if [ "$OVERLAY" = "main" ]; then | |
| ENV_LABEL="main" | |
| else | |
| ENV_LABEL="dev" | |
| fi | |
| kustomize build . | kubectl apply -f |