From f7e9326872b3f3dbf4eaa46958e5e9d478f2d84c Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Sat, 6 Dec 2025 21:14:03 +0000 Subject: [PATCH] save --- .github/workflows/k8s_traefik_init_setup.yml | 46 ++++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/k8s_traefik_init_setup.yml b/.github/workflows/k8s_traefik_init_setup.yml index 0d0b838..924f836 100644 --- a/.github/workflows/k8s_traefik_init_setup.yml +++ b/.github/workflows/k8s_traefik_init_setup.yml @@ -11,7 +11,7 @@ jobs: steps: # ----------------------------------------------------- - # Checkout + # Checkout Repo # ----------------------------------------------------- - uses: actions/checkout@v4 @@ -26,7 +26,7 @@ jobs: install -m 0755 kubectl /usr/local/bin/kubectl # ----------------------------------------------------- - # Configure kubeconfig using ARC pod token + # Configure kubeconfig via ARC pod token # ----------------------------------------------------- - name: Configure kubeconfig run: | @@ -41,21 +41,21 @@ jobs: kubectl config use-context runner-context # ----------------------------------------------------- - # Install buildctl (standalone BuildKit client) + # Install buildctl (BuildKit client only) # ----------------------------------------------------- - - name: Install buildctl (BuildKit CLI) + - name: Install buildctl run: | - apt-get update && apt-get install -y curl + apt-get update + apt-get install -y curl curl -sSL https://github.com/moby/buildkit/releases/download/v0.12.5/buildkit-v0.12.5.linux-amd64.tar.gz -o buildkit.tar.gz tar -xzf buildkit.tar.gz mv bin/buildctl /usr/local/bin/ chmod +x /usr/local/bin/buildctl - buildctl --version # ----------------------------------------------------- - # Log in to Docker Hub (registry auth for buildctl) + # Authenticate to Docker Hub for pushing # ----------------------------------------------------- - - name: Docker Hub Login for buildctl + - name: Docker Hub Login (buildctl) run: | echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | \ buildctl login docker.io \ @@ -63,12 +63,12 @@ jobs: --password-stdin # ----------------------------------------------------- - # Build & Push Docker Image (NO Docker, NO Buildx, NO Daemon) + # Build & Push Docker Image (ARC-compatible, simplest) # ----------------------------------------------------- - - name: Build & Push Traefik Image (ARC-safe buildctl) + - name: Build & Push Traefik Image env: - IMAGE_TAG: docker.io/kimjunte/edge_router:${{ github.sha }} - LATEST_TAG: docker.io/kimjunte/edge_router:latest + IMAGE_SHA: docker.io/kimjunte/edge_router:${{ github.sha }} + IMAGE_LATEST: docker.io/kimjunte/edge_router:latest run: | # Build SHA-tagged image buildctl build \ @@ -76,15 +76,15 @@ jobs: --local context="${GITHUB_WORKSPACE}/traefik" \ --local dockerfile="${GITHUB_WORKSPACE}/traefik" \ --opt platform=linux/amd64 \ - --output type=image,name=${IMAGE_TAG},push=true + --output type=image,name=${IMAGE_SHA},push=true - # Build latest tag + # Push latest tag buildctl build \ --frontend dockerfile.v0 \ --local context="${GITHUB_WORKSPACE}/traefik" \ --local dockerfile="${GITHUB_WORKSPACE}/traefik" \ --opt platform=linux/amd64 \ - --output type=image,name=${LATEST_TAG},push=true + --output type=image,name=${IMAGE_LATEST},push=true # ----------------------------------------------------- # Apply Storage Classes + PVCs @@ -106,7 +106,7 @@ jobs: kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/user-guides/crd-acme/05-tlsoption.yml else - echo "CRDs already exist — skipping." + echo "Traefik CRDs already exist — skipping." fi # ----------------------------------------------------- @@ -122,18 +122,18 @@ jobs: kubectl apply -f traefik/edge-router/traefik-ingressroute.yml # ----------------------------------------------------- - # Deploy whoami (test app) + # Deploy whoami test service # ----------------------------------------------------- - - name: Deploy whoami test service + - name: Deploy whoami run: | kubectl apply -f traefik/who-am-i/whoami-deployment.yml kubectl apply -f traefik/who-am-i/whoami-service.yml kubectl apply -f traefik/who-am-i/whoami-ingressroute.yml # ----------------------------------------------------- - # Create registry secret + # Default namespace registry secret # ----------------------------------------------------- - - name: Create registry secret (default ns) + - name: Create registry secret (default) run: | kubectl apply -f traefik/docker-registry-credentials/docker-credentials.yml @@ -142,12 +142,12 @@ jobs: # ----------------------------------------------------- - name: Create staging namespace run: | - kubectl get namespace staging >/dev/null 2>&1 || kubectl create namespace staging + kubectl get ns staging >/dev/null 2>&1 || kubectl create namespace staging # ----------------------------------------------------- - # Apply registry secret to staging + # Add registry secret to staging namespace # ----------------------------------------------------- - - name: Registry secret in staging namespace + - name: Registry secret to staging run: | sed 's/namespace: default/namespace: staging/' \ traefik/docker-registry-credentials/docker-credentials.yml \