dewan-ahmed · April 17, 2024 13:02
diff --git a/cd-pipeline.yaml b/cd-pipeline.yaml
 kind: pipeline
 spec:
  stages:
  - name: ci-stage
    type: ci
    spec:
      steps:
      - name: ci-step
        type: run
        spec:
          container: alpine/k8s:1.26.9
          script: |-
            echo "build done and image pushed to registry!"
  - name: cd-stage
    type: ci
    spec:
      steps:
      - name: cd-step
        type: run
        spec:
          container: alpine/k8s:1.26.9
          script: |-
            kubectl config set-cluster gitness-k8s-cluster --server=${{secrets.get("k8s-server")}} --insecure-skip-tls-verify=true
            kubectl config set-credentials gitness-user --token=${{secrets.get('gitness-sa-token')}}
            kubectl config set-context gitness-k8s-context --cluster=gitness-k8s-cluster --user=gitness-user
            kubectl config use-context gitness-k8s-context
            kubectl apply -f nginx-deployment.yaml -n gitness
            kubectl wait --for=condition=Ready pods -l app=nginx -n gitness --timeout=300s
            kubectl get pods -n gitness
            pod_name=$(kubectl get pods -n gitness -l app=nginx -o jsonpath='{.items[0].metadata.name}')
            kubectl exec $pod_name -n gitness -- curl localhost
diff --git a/gitness-docker-run.sh b/gitness-docker-run.sh
 docker run -d \
  -p 3000:3000 \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /tmp/gitness:/data \
  --name gitness \
  --restart always \
  harness/gitness
diff --git a/gitness-sa-manifest.yaml b/gitness-sa-manifest.yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: gitness-sa
  namespace: gitness

 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: deployment-manager
  namespace: gitness
 rules:
 - apiGroups: ["", "extensions", "apps"]
  resources: ["deployments", "pods", "pods/exec", "services"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]

 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: gitness-sa-deployment-binder
  namespace: gitness
 subjects:
 - kind: ServiceAccount
  name: gitness-sa
  namespace: gitness
 roleRef:
  kind: Role
  name: deployment-manager
  apiGroup: rbac.authorization.k8s.io

 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: gitness-sa-token
  namespace: gitness
  annotations:
    kubernetes.io/service-account.name: gitness-sa
 type: kubernetes.io/service-account-token
diff --git a/nginx-deployment.yaml b/nginx-deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: nginx-deployment
  namespace: gitness
 spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: nginx-service
  namespace: gitness
 spec:
  selector:
    app: nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: NodePort
	kind: pipeline
	spec:
	stages:
	- name: ci-stage
	type: ci
	spec:
	steps:
	- name: ci-step
	type: run
	spec:
	container: alpine/k8s:1.26.9
	script: \|-
	echo "build done and image pushed to registry!"
	- name: cd-stage
	type: ci
	spec:
	steps:
	- name: cd-step
	type: run
	spec:
	container: alpine/k8s:1.26.9
	script: \|-
	kubectl config set-cluster gitness-k8s-cluster --server=${{secrets.get("k8s-server")}} --insecure-skip-tls-verify=true
	kubectl config set-credentials gitness-user --token=${{secrets.get('gitness-sa-token')}}
	kubectl config set-context gitness-k8s-context --cluster=gitness-k8s-cluster --user=gitness-user
	kubectl config use-context gitness-k8s-context
	kubectl apply -f nginx-deployment.yaml -n gitness
	kubectl wait --for=condition=Ready pods -l app=nginx -n gitness --timeout=300s
	kubectl get pods -n gitness
	pod_name=$(kubectl get pods -n gitness -l app=nginx -o jsonpath='{.items[0].metadata.name}')
	kubectl exec $pod_name -n gitness -- curl localhost
	docker run -d \
	-p 3000:3000 \
	-v /var/run/docker.sock:/var/run/docker.sock \
	-v /tmp/gitness:/data \
	--name gitness \
	--restart always \
	harness/gitness
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: gitness-sa
	namespace: gitness

	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: Role
	metadata:
	name: deployment-manager
	namespace: gitness
	rules:
	- apiGroups: ["", "extensions", "apps"]
	resources: ["deployments", "pods", "pods/exec", "services"]
	verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]

	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: RoleBinding
	metadata:
	name: gitness-sa-deployment-binder
	namespace: gitness
	subjects:
	- kind: ServiceAccount
	name: gitness-sa
	namespace: gitness
	roleRef:
	kind: Role
	name: deployment-manager
	apiGroup: rbac.authorization.k8s.io

	---
	apiVersion: v1
	kind: Secret
	metadata:
	name: gitness-sa-token
	namespace: gitness
	annotations:
	kubernetes.io/service-account.name: gitness-sa
	type: kubernetes.io/service-account-token
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: nginx-deployment
	namespace: gitness
	spec:
	replicas: 2
	selector:
	matchLabels:
	app: nginx
	template:
	metadata:
	labels:
	app: nginx
	spec:
	containers:
	- name: nginx
	image: nginx:latest
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: nginx-service
	namespace: gitness
	spec:
	selector:
	app: nginx
	ports:
	- protocol: TCP
	port: 80
	targetPort: 80
	type: NodePort