infinicaretech
9fad0b80c5
- Webhook-based controller listens for push events from all repos - Auto-detects Dockerfile, triggers Kaniko build, pushes to registry - Updates gitops-infra kustomization with new image tag - Auto-scaffolds gitops environment for new projects - Ignores non-main branches and repos in ignore list (gitops-infra) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
103 lines
2.2 KiB
YAML
103 lines
2.2 KiB
YAML
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: ci-controller-secret
|
|
namespace: build
|
|
type: Opaque
|
|
stringData:
|
|
GITEA_PASSWORD: "InfiniCare2026!"
|
|
WEBHOOK_SECRET: "ci-controller-webhook-secret-2026"
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: ci-controller-config
|
|
namespace: build
|
|
data:
|
|
GITEA_URL: "http://gitea-http.gitea.svc:3000"
|
|
GITEA_USER: "gitea_admin"
|
|
REGISTRY: "10.0.0.3:31427"
|
|
BUILD_NAMESPACE: "build"
|
|
REGISTRY_SECRET: "gitea-registry"
|
|
IGNORED_REPOS: "gitops-infra"
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: ci-controller
|
|
namespace: build
|
|
labels:
|
|
app: ci-controller
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: ci-controller
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ci-controller
|
|
spec:
|
|
serviceAccountName: gitea-runner
|
|
nodeSelector:
|
|
kubernetes.io/hostname: kubemaster1
|
|
tolerations:
|
|
- key: node-role.kubernetes.io/control-plane
|
|
effect: NoSchedule
|
|
containers:
|
|
- name: controller
|
|
image: python:3.12-alpine
|
|
command: ["sh", "-c"]
|
|
args:
|
|
- |
|
|
apk add --no-cache git curl kubectl
|
|
cd /app
|
|
python3 controller.py
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http
|
|
envFrom:
|
|
- configMapRef:
|
|
name: ci-controller-config
|
|
- secretRef:
|
|
name: ci-controller-secret
|
|
volumeMounts:
|
|
- name: controller-code
|
|
mountPath: /app
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 64Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
periodSeconds: 30
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
periodSeconds: 10
|
|
volumes:
|
|
- name: controller-code
|
|
configMap:
|
|
name: ci-controller-code
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: ci-controller
|
|
namespace: build
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 8080
|
|
targetPort: http
|
|
protocol: TCP
|
|
name: http
|
|
selector:
|
|
app: ci-controller
|