testing workflows

.gitea/workflows/docker.yaml

@@ -1,4 +1,4 @@
-name: Build and Push Docker Image
+name: Build and Deploy
 
 on:
   push:
@@ -6,11 +6,11 @@ on:
       - main
 
 env:
-  REGISTRY: repositry.talutasku.ee
+  APP_IMAGE: my-python-app
-  IMAGE_NAME: my-python-app
+  OPERATOR_IMAGE: configmap-operator
 
 jobs:
-  build-and-push:
+  build-and-deploy:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -19,36 +19,43 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Log in to registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ secrets.REGISTRY_USERNAME }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
-
       - name: Extract git SHA
         id: vars
         run: echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
 
-      - name: Build and push Docker image
+      - name: Build app image
         uses: docker/build-push-action@v5
         with:
           context: .
+          file: ./Dockerfile
           push: true
           tags: |
-            ${{ env.REGISTRY }}/v2/${{ env.IMAGE_NAME }}:${{ steps.vars.outputs.sha }}
+            repositry.talutasku.ee/v2/my-python-app:${{ steps.vars.outputs.sha }}
-            ${{ env.REGISTRY }}/v2/${{ env.IMAGE_NAME }}:latest
+            repositry.talutasku.ee/v2/my-python-app:latest
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
 
-      - name: Update image tag file
+      - name: Build operator image
-        run: |
+        uses: docker/build-push-action@v5
-          echo "${{ steps.vars.outputs.sha }}" > k8s/image-tag.txt
+        with:
+          context: ./operator
+          file: ./operator/Dockerfile
+          push: true
+          tags: |
+            repositry.talutasku.ee/v2/configmap-operator:${{ steps.vars.outputs.sha }}
+            repositry.talutasku.ee/v2/configmap-operator:latest
 
-      - name: Commit and push image tag
+      - name: Set up kubectl
+        uses: azure/setup-kubectl@v4
+        with:
+          version: 'latest'
+
+      - name: Configure kubectl
         run: |
-          git config --local user.email "gitea-ci@example.com"
+          echo "${{ secrets.KUBE_CONFIG }}" | base64 -d > kubeconfig
-          git config --local user.name "Gitea CI"
+          echo "KUBECONFIG=$(pwd)/kubeconfig" >> $GITHUB_ENV
-          git add k8s/image-tag.txt
+
-          git commit -m "Update image tag to ${{ steps.vars.outputs.sha }}" || exit 0
+      - name: Patch ConfigMap
-          git push
+        run: |
+          kubectl patch configmap python-app-config \
+            --namespace default \
+            --type merge \
+            --patch '{"data":{"IMAGE_TAG":"${{ steps.vars.outputs.sha }}"}}'

k8s/all-in-one.yaml

@@ -1,51 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: python-app
-  labels:
-    app: python-app
-spec:
-  containers:
-    - name: python-app
-      image: repositry.talutasku.ee/v2/my-python-app:latest
-      ports:
-        - containerPort: 8000
-      resources:
-        limits:
-          memory: "128Mi"
-          cpu: "500m"
-        requests:
-          memory: "64Mi"
-          cpu: "100m"
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: python-app
-spec:
-  selector:
-    app: python-app
-  ports:
-    - protocol: TCP
-      port: 80
-      targetPort: 8000
-  type: ClusterIP
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: python-app
-  annotations:
-    kubernetes.io/ingress.class: traefik
-spec:
-  rules:
-    - host: python-app.talutasku.ee
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: python-app
-                port:
-                  number: 80

k8s/app-deployment.yaml

@@ -0,0 +1,26 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: python-app
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: python-app
+  template:
+    metadata:
+      labels:
+        app: python-app
+    spec:
+      containers:
+        - name: python-app
+          image: repositry.talutasku.ee/v2/my-python-app:latest
+          ports:
+            - containerPort: 8000
+          resources:
+            limits:
+              memory: "128Mi"
+              cpu: "500m"
+            requests:
+              memory: "64Mi"
+              cpu: "100m"

k8s/configmap.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: python-app-config
+data:
+  IMAGE_TAG: "latest"

k8s/image-tag.txt

@@ -1 +0,0 @@
-latest

k8s/ingress.yaml

@@ -0,0 +1,18 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: python-app
+  annotations:
+    kubernetes.io/ingress.class: traefik
+spec:
+  rules:
+    - host: python-app.talutasku.ee
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: python-app
+                port:
+                  number: 80

k8s/operator.yaml

@@ -0,0 +1,27 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: configmap-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: configmap-operator
+  template:
+    metadata:
+      labels:
+        app: configmap-operator
+    spec:
+      containers:
+        - name: operator
+          image: repositry.talutasku.ee/v2/configmap-operator:latest
+          env:
+            - name: NAMESPACE
+              value: "default"
+          resources:
+            limits:
+              memory: "64Mi"
+              cpu: "100m"
+            requests:
+              memory: "32Mi"
+              cpu: "50m"

k8s/service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: python-app
+spec:
+  selector:
+    app: python-app
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8000
+  type: ClusterIP

operator/Dockerfile

@@ -0,0 +1,8 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+COPY operator.py .
+
+CMD ["python", "operator.py"]

operator/operator.py

@@ -0,0 +1,55 @@
+#!/usr/bin/env python3
+import os
+import time
+import subprocess
+from kubernetes import client, config
+from kubernetes.client.api import CoreV1Api
+from kubernetes.client.models import V1ConfigMap
+
+NAMESPACE = os.getenv("NAMESPACE", "default")
+CONFIGMAP_NAME = "python-app-config"
+APP_DEPLOYMENT = "python-app"
+APP_CONTAINER = "python-app"
+
+def load_kube_config():
+    try:
+        config.load_incluster_config()
+    except Exception:
+        config.load_kube_config()
+
+def get_current_image_tag() -> str:
+    v1 = CoreV1Api()
+    cm = v1.read_namespaced_config_map(CONFIGMAP_NAME, NAMESPACE)
+    return cm.data.get("IMAGE_TAG", "latest")
+
+def set_deployment_image(new_tag: str):
+    image = f"repositry.talutasku.ee/v2/my-python-app:{new_tag}"
+    cmd = [
+        "kubectl", "set", "image",
+        f"deployment/{APP_DEPLOYMENT}",
+        f"{APP_CONTAINER}={image}",
+        "--namespace", NAMESPACE
+    ]
+    subprocess.run(cmd, check=True)
+
+def watch_configmap():
+    v1 = CoreV1Api()
+    last_tag = None
+
+    print(f"Watching ConfigMap {CONFIGMAP_NAME} in namespace {NAMESPACE}...")
+
+    while True:
+        try:
+            current_tag = get_current_image_tag()
+            if current_tag != last_tag:
+                print(f"ConfigMap updated: IMAGE_TAG={current_tag}")
+                set_deployment_image(current_tag)
+                last_tag = current_tag
+        except Exception as e:
+            print(f"Error: {e}")
+
+        time.sleep(5)
+
+if __name__ == "__main__":
+    load_kube_config()
+    watch_configmap()

operator/requirements.txt

@@ -0,0 +1,2 @@
+kubernetes>=28.0.0
+pyyaml>=6.0