feat: implements docker credentials and ci

2025-11-07 17:52:52 -03:00
parent bbe5420893
commit bfba489065
2 changed files with 27 additions and 4 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -2,11 +2,11 @@ name: remote ssh command

 on:
    repository_dispatch:
-        types: [deploy-prod]
+        types: 
+            - deploy
    push:
        branches:
            - main
-            - staging

 jobs:
    deploy:
@@ -14,13 +14,19 @@ jobs:
        environment: ${{ github.ref_name == 'main' && 'prod' || 'staging' }}
        runs-on: ubuntu-latest
        timeout-minutes: 30
+        env:
+            NAMESPACE: ${{ vars.NAMESPACE }}

        steps:
            - name: Set Kubernetes Context
              uses: azure/k8s-set-context@v1
              with:
                  method: kubeconfig
-                  kubeconfig: ${{ secrets.KUBECONFIG }}
+                  kubeconfig: ${{ secrets.PORTFOLIO_KUBECONFIG }}
+
+            - name: Configures GHCR credentials
+              run: |
+                  echo ${{ secrets.GHCR_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin

            - name: Execute deploy
              run: |
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,6 +1,7 @@
 #!/bin/bash


+### deploy flux operator ###
 helm upgrade --install flux-operator oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator \
    --namespace flux-system \
    --create-namespace
@@ -9,14 +10,30 @@ helm upgrade --install flux-operator oci://ghcr.io/controlplaneio-fluxcd/charts/
 kubectl apply -f manifest/flux-instance.yml


+###  Additional components ###
+# deploy descheduler
 kubectl apply -f manifest/charts/descheduler


+# deploy ingress-nginx
 kubectl create namespace ingress-nginx \
    --dry-run=client -o yaml | kubectl apply -f -
 kubectl apply -f manifest/charts/nginx


+# deploy cert-manager
 kubectl create namespace cert-manager \
    --dry-run=client -o yaml | kubectl apply -f -
-kubectl apply -f manifest/charts/cert-manager
+kubectl apply -f manifest/charts/cert-manager
+
+
+### configures docker registry secret ###
+if [[ -f $HOME/.docker/config.json ]]; then
+    kubectl create secret generic regcred \
+        --from-file=.dockerconfigjson=$HOME/.docker/config.json \
+        --type=kubernetes.io/dockerconfigjson \
+        --namespace=$NAMESPACE \
+        --dry-run=client -o yaml | kubectl apply -f -
+else
+    echo "Docker config file not found at $HOME/.docker/config.json. Skipping registry secret creation."
+fi