feat(tag) switch tag to github sha

CardinPatson · Oct 31, 2023 · 3930cb4 · 3930cb4
1 parent 48ddf36
commit 3930cb4
Show file tree

Hide file tree

Showing 7 changed files with 88 additions and 6 deletions.
diff --git a/.github/workflows/composite/action.yml b/.github/workflows/composite/action.yml
@@ -15,7 +15,7 @@ inputs:
     description: "registry password"
     required: true
   registry_endpoint:
-    description: "repo registry https://hub.docker.com/u/cardin21"
+    description: "repo registry docker.io/cardin21"
 
 runs:
   using: "composite"
@@ -34,24 +34,31 @@ runs:
       username: ${{ inputs.registry_username }}
       password: ${{ inputs.registry_password }}
 
+  - name: Set SHA as env variable
+    run: |
+      currentsha=$(echo ${GITHUB_SHA##*/}) 
+      echo "running on $currentsha"
+      echo "SHA=$currentsha" >> $GITHUB_ENV
+    shell: bash
+
   - name: Compose build ${{ inputs.service }}
     shell: bash
     run: sudo -E docker-compose build ${{ inputs.service }}
     working-directory: ./multicontainer-k8s
     env:
-      TAG: latest
+      TAG: ${{ env.SHA }}
       REGISTRY: ${{ inputs.registry_endpoints }}
 
   - name: Compose push ${{ inputs.service }}
     shell: bash
     run: sudo -E docker-compose push ${{ inputs.service }}
     working-directory: ./multicontainer-k8s
     env:
-      TAG: latest
+      TAG: ${{ env.SHA }}
       REGISTRY: ${{ inputs.registry_endpoint }}
 
   - name: Create multiarch manifest
     shell: bash 
     run: |
-      docker --config ~/.docker manifest create ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:latest ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:linux-latest
-      docker --config ~/.docker manifest push ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:latest
+      docker --config ~/.docker manifest create ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:${{ env.SHA }} ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:latest ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:linux-${{ env.SHA }}
+      docker --config ~/.docker manifest push ${{ inputs.registry_endpoint }}/${{ inputs.image_name }}:${{ env.SHA }}
diff --git a/.github/workflows/multi-client.yml b/.github/workflows/multi-client.yml
@@ -8,6 +8,7 @@ on:
     paths:
     - multicontainer-k8s/client
     - .github/workflows/multi-client.yml
+    - .github/workflows/composite/action.yml
 
 env:
   SERVICE: client

diff --git a/.github/workflows/multi-server.yml b/.github/workflows/multi-server.yml
@@ -8,6 +8,7 @@ on:
     paths:
     - multicontainer-k8s/server
     - .github/workflows/multi-server.yml
+    - .github/workflows/composite/action.yml
 
 env:
   SERVICE: server

diff --git a/.github/workflows/multi-worker.yml b/.github/workflows/multi-worker.yml
@@ -9,6 +9,7 @@ on:
     paths:
     - multicontainer-k8s/worker
     - .github/workflows/multi-worker.yml
+    - .github/workflows/composite/action.yml
 
 env:
   SERVICE: worker

diff --git a/.github/workflows/deploy-gke.yml → .github/workflows/old/gke-deploy.yml.old b/.github/workflows/deploy-gke.yml → .github/workflows/old/gke-deploy.yml.old
diff --git a/multicontainer-k8s/deploy.sh b/multicontainer-k8s/deploy.sh
@@ -0,0 +1,9 @@
+docker build -t cardin21/multi-client -f ./client/Dockerfile ./client
+docker build -t cardin21/multi-server -f ./server/Dockerfile ./server
+docker build -t cardin21/multi-worker -f ./server/Dockerfile ./worker 
+docker push cardin21/multi-client
+docker push cardin21/multi-server
+docker push cardin21/multi-worker
+kubectl apply -f k8s
+kubectl set image deployments/server-deployment server=cardin21/multi-server
+#git rev-parse HEAD
diff --git a/multicontainer-k8s/docs/readme.md b/multicontainer-k8s/docs/readme.md
@@ -219,4 +219,67 @@ installer choco = Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Ob
 la commande
 `helm upgrade --install ingress-nginx ingress-nginx --repo https://kubernetes.github.io/ingress-nginx --namespace ingress-nginx --create-namespace`
 
-## Déploiment sur le cloud
+## Déploiment sur le cloud
+
+
+### sur la console de ton cluster
+
+- gcloud config set project <project-id>
+
+- gcloud config set compute/zone <cluster-zone>
+
+- gcloud container clusters get-credentials <cluster-name >
+
+### pour définir les variables d'environnment
+
+- kubectl create secret generic pgpassword --from-litteral <KEY>=<VALUE>
+
+dans la console de google cloud pour installer le controlleur ingress 
+
+```bash
+curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
+chmod 700 get_helm.sh
+./get_helm.sh
+
+helm upgrade --install ingress-nginx ingress-nginx \
+  --repo https://kubernetes.github.io/ingress-nginx \
+  --namespace ingress-nginx --create-namespace
+
+kubectl get service ingress-nginx-controller --namespace=ingress-nginx
+```
+--- 
+Venant de la documentation : https://kubernetes.github.io/ingress-nginx/deploy/#gce-gke
+```bash
+kubectl create clusterrolebinding cluster-admin-binding \
+  --clusterrole cluster-admin \
+  --user $(gcloud config get-value account)
+
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.2/deploy/static/provider/cloud/deploy.yaml
+```
+Terminology
+- User Account
+- Service Account
+- CLusterRoleBinding : Authorize an account to do a set of actions accross the cluster
+- RoleBinding:  to a set of actions in a single namespace 
+
+### Sécurité RBAC de kubernetes (Optionel) : Dans HELMV3 l'utilisation de tiller est optionnel
+
+On crée un nouveau compte de service nommé tiller
+
+```bash
+kubectl create service account --namespace kube-system tiller
+```
+
+On crée un nouveau clusterrolebinding avec le role cluster-admin et on l'assigne au compte de service tiller
+
+```bash
+kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
+```
+
+Avant de créer le controller ingress nginx, initialiser helm avec le compte de service tiller
+
+```bash
+helm init -- service-account tiller --upgrade
+```
+
+-- Set up maintenant le controlleur ingress nginx a l'aide de helm