create argocd echo app #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: create argocd echo app | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| repo_name: | |
| description: 'Copied Repo Name' | |
| type: string | |
| default: 'echo-app' | |
| cluster-name: | |
| description: 'Name of GKE cluster to create app on' | |
| default: "k8s-demo-cluster" | |
| gcp-region: | |
| type: choice | |
| description: 'GCP region of cluster' | |
| default: "us-east5" | |
| options: | |
| - us-east5 | |
| - us-central1 | |
| - us-east4 | |
| gcp-zone: | |
| type: choice | |
| description: 'GCP zone of cluster' | |
| default: "b" | |
| options: | |
| - a | |
| - b | |
| - c | |
| env: | |
| REPO_NAME: ${{ github.event.inputs.repo_name || 'echo-app' }} | |
| CLUSTER_NAME: ${{ github.event.inputs.cluster-name || 'k8s-demo-cluster' }} | |
| GCP_REGION: ${{ github.event.inputs.gcp-region || 'us-east5' }} | |
| GCP_ZONE: ${{ github.event.inputs.gcp-region || 'us-east5' }}-${{ github.event.inputs.gcp-zone || 'a' }} | |
| GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT }} | |
| GCP_DNS_ZONE: k8s-kurt-madel | |
| jobs: | |
| create-argocd-echo-app: | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| - name: Generate km-demos GitHub App token | |
| id: generate_token | |
| uses: tibdex/[email protected] | |
| with: | |
| app_id: ${{ secrets.KM_DEMOS_GITHUB_APP_ID }} | |
| private_key: ${{ secrets.KM_DEMOS_GITHUB_APP_KEY }} | |
| - name: create-echo-repo-from-template | |
| shell: bash | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| run: | | |
| gh api \ | |
| --method POST \ | |
| -H "Accept: application/vnd.github+json" \ | |
| -H "X-GitHub-Api-Version: 2022-11-28" \ | |
| /repos/km-demos/echo-app-template/generate \ | |
| -f owner='km-demos' \ | |
| -f name="$REPO_NAME" \ | |
| -f description='Simple ehco app to use with ArgoCD demo.' \ | |
| -F include_all_branches=false \ | |
| -F private=false | |
| echo '{"name":"web","active":true,"events":["push","release"],"config":{"url":"https://argocd.k8s.kurtmadel.com/api/webhook","secret":"'"${{ secrets.ARGOCD_GITHUB_WEBHOOK_SECRET }}"'","content_type":"json","insecure_ssl":"0"}}' | gh api repos/km-demos/$REPO_NAME/hooks --input - -X POST | |
| echo '{"name":"web","active":true,"events":["pull_request"],"config":{"url":"https://argocd-appset.k8s.kurtmadel.com/api/webhook","secret":"'"${{ secrets.ARGOCD_GITHUB_WEBHOOK_SECRET }}"'","content_type":"json","insecure_ssl":"0"}}' | gh api repos/km-demos/$REPO_NAME/hooks --input - -X POST | |
| curl -L \ | |
| -X POST \ | |
| -H "Accept: application/vnd.github+json" \ | |
| -H "Authorization: Bearer ${{ secrets.DELETE_PACKAGES_TOKEN }}" \ | |
| -H "X-GitHub-Api-Version: 2022-11-28" \ | |
| https://api.github.com/repos/km-demos/$REPO_NAME/labels \ | |
| -d '{"name":"preview","description":"Create preview environment for pull request","color":"00BDFF"}' | |
| - id: 'gcp-auth' | |
| name: 'Authenticate to Google Cloud' | |
| uses: google-github-actions/[email protected] | |
| with: | |
| workload_identity_provider: ${{ secrets.WIF_POOL }} | |
| service_account: ${{ secrets.WIF_SA_EMAIL }} | |
| - id: get-credentials | |
| uses: google-github-actions/[email protected] | |
| with: | |
| cluster_name: ${{ env.CLUSTER_NAME }} | |
| location: ${{ env.GCP_ZONE }} | |
| - id: create-dns-entry | |
| continue-on-error: true | |
| run: | | |
| INGRESS_IP=$(kubectl get services -n ingress-nginx | grep LoadBalancer | awk '{print $4}') | |
| gcloud dns --project=$GCP_PROJECT_ID record-sets transaction start --zone=$GCP_DNS_ZONE | |
| gcloud dns --project=$GCP_PROJECT_ID record-sets transaction add $INGRESS_IP --name=$REPO_NAME.k8s.kurtmadel.com. --ttl=300 --type=A --zone=$GCP_DNS_ZONE | |
| gcloud dns --project=$GCP_PROJECT_ID record-sets transaction execute --zone=$GCP_DNS_ZONE | |
| - id: create-argocd-app | |
| run: | | |
| kubectl create namespace $REPO_NAME --dry-run=client -o yaml | kubectl apply -f - | |
| kubectl create secret docker-registry ghcr-login-secret -n $REPO_NAME --docker-server=https://ghcr.io \ | |
| --docker-username=km-demos --docker-password=${{ secrets.KM_MANAGE_PACKAGES_TOKEN }} [email protected] | |
| yq e -i ".metadata.name = \"$REPO_NAME\"" argo-cd/argocd-app.yaml | |
| yq e -i ".spec.source.repoURL = \"https://github.com/km-demos/$REPO_NAME.git\"" argo-cd/argocd-app.yaml | |
| yq e -i ".spec.destination.namespace = \"$REPO_NAME\"" argo-cd/argocd-app.yaml | |
| kubectl apply -f argo-cd/argocd-app.yaml | |
| - id: branch-protection | |
| name: branch-protection | |
| shell: bash | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| run: | | |
| curl -X PUT \ | |
| -H "Accept: application/vnd.github+json" \ | |
| -H "Authorization: Bearer $GITHUB_TOKEN"\ | |
| -H "X-GitHub-Api-Version: 2022-11-28" \ | |
| https://api.github.com/repos/km-demos/$REPO_NAME/branches/main/protection \ | |
| -d '{"required_status_checks":null,"enforce_admins":false,"required_pull_request_reviews":{"required_approving_review_count": 0},"restrictions":null}' | |
| mkdir -p $REPO_NAME | |
| - id: clone-repo-copy | |
| name: clone-repo-copy | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: km-demos/${{ env.REPO_NAME }} | |
| token: ${{ secrets.KM_DEMOS_PAT }} | |
| path: ${{ env.REPO_NAME }} | |
| ref: main | |
| - id: branches-prs | |
| name: branches-prs | |
| shell: bash | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| GITHUB_PAT: ${{ secrets.KM_DEMOS_PAT }} | |
| run: | | |
| cd $REPO_NAME | |
| ls -la | |
| git config --global init.defaultBranch main | |
| git config user.name 'github-actions[bot]' | |
| git config user.email 'github-actions[bot]@users.noreply.github.com' | |
| git config pull.rebase false | |
| git remote set-url origin https://x-access-token:[email protected]/km-demos/$REPO_NAME.git | |
| git checkout main | |
| sed -i "s|REPO_NAME|$REPO_NAME|g" helm-chart/Chart.yaml | |
| sed -i "s|REPO_NAME|$REPO_NAME|g" helm-chart/values.yaml | |
| touch src/main.go | |
| git commit -am "updating values.yaml with repo name" | |
| git push origin main | |
| git checkout -b fix-err-image-pull | |
| curl https://raw.githubusercontent.com/km-demos/echo-app-template/fix-err-image-pull/helm-chart/values.yaml > helm-chart/values.yaml | |
| git add * | |
| git commit -am "updating values.yaml to fix ImagePullBackOff" | |
| git push origin fix-err-image-pull | |
| git checkout -b fix-crash-loop-backoff | |
| curl https://raw.githubusercontent.com/km-demos/echo-app-template/fix-crash-loop-backoff/helm-chart/values.yaml > helm-chart/values.yaml | |
| curl https://raw.githubusercontent.com/km-demos/echo-app-template/fix-crash-loop-backoff/helm-chart/templates/deployments.yaml > helm-chart/templates/deployments.yaml | |
| git add * | |
| git commit -am "udadtes to fix CrashLoopBackOff" | |
| git push origin fix-crash-loop-backoff | |
| curl -H 'Accept: application/vnd.github.antiope-preview+json' \ | |
| -H "authorization: Bearer $GITHUB_TOKEN" \ | |
| --data '{"title":"Fix ImagePullBackOff ","head":"fix-err-image-pull","base":"main"}' \ | |
| https://api.github.com/repos/km-demos/$REPO_NAME/pulls | |
| curl -H 'Accept: application/vnd.github.antiope-preview+json' \ | |
| -H "authorization: Bearer $GITHUB_TOKEN" \ | |
| --data '{"title":"Fix CrashLoopBackOff ","head":"fix-crash-loop-backoff","base":"fix-err-image-pull"}' \ | |
| https://api.github.com/repos/km-demos/$REPO_NAME/pulls |