feat: add gitea workflows for kubeadm bootstrap and reset
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
This commit is contained in:
64
.gitea/workflows/kubeadm-bootstrap.yml
Normal file
64
.gitea/workflows/kubeadm-bootstrap.yml
Normal file
@@ -0,0 +1,64 @@
|
|||||||
|
name: Kubeadm Bootstrap
|
||||||
|
run-name: ${{ gitea.actor }} requested kubeadm bootstrap
|
||||||
|
|
||||||
|
on:
|
||||||
|
workflow_dispatch:
|
||||||
|
inputs:
|
||||||
|
confirm:
|
||||||
|
description: "Type BOOTSTRAP to run rebuild + kubeadm bootstrap"
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: kubeadm-bootstrap
|
||||||
|
cancel-in-progress: false
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
bootstrap:
|
||||||
|
name: "Rebuild and Bootstrap Cluster"
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Validate confirmation phrase
|
||||||
|
run: |
|
||||||
|
if [ "${{ inputs.confirm }}" != "BOOTSTRAP" ]; then
|
||||||
|
echo "Confirmation failed. You must type BOOTSTRAP."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: https://gitea.com/actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Create SSH key
|
||||||
|
run: |
|
||||||
|
install -m 0700 -d ~/.ssh
|
||||||
|
cat > ~/.ssh/id_ed25519 << 'EOF'
|
||||||
|
${{ secrets.KUBEADM_SSH_PRIVATE_KEY }}
|
||||||
|
EOF
|
||||||
|
chmod 0600 ~/.ssh/id_ed25519
|
||||||
|
|
||||||
|
- name: Create kubeadm inventory
|
||||||
|
working-directory: nixos/kubeadm/scripts
|
||||||
|
run: |
|
||||||
|
cat > inventory.env << EOF
|
||||||
|
SSH_USER=${{ secrets.KUBEADM_SSH_USER }}
|
||||||
|
CP_1=${{ secrets.KUBEADM_CP_1_IP }}
|
||||||
|
CP_2=${{ secrets.KUBEADM_CP_2_IP }}
|
||||||
|
CP_3=${{ secrets.KUBEADM_CP_3_IP }}
|
||||||
|
WK_1=${{ secrets.KUBEADM_WK_1_IP }}
|
||||||
|
WK_2=${{ secrets.KUBEADM_WK_2_IP }}
|
||||||
|
WK_3=${{ secrets.KUBEADM_WK_3_IP }}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
- name: Validate nix installation
|
||||||
|
run: |
|
||||||
|
if [ ! -x /nix/var/nix/profiles/default/bin/nix ]; then
|
||||||
|
echo "Nix not found at /nix/var/nix/profiles/default/bin/nix"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Run cluster rebuild and bootstrap
|
||||||
|
env:
|
||||||
|
PATH: /nix/var/nix/profiles/default/bin:${{ env.PATH }}
|
||||||
|
run: |
|
||||||
|
./nixos/kubeadm/scripts/rebuild-and-bootstrap.sh
|
||||||
55
.gitea/workflows/kubeadm-reset.yml
Normal file
55
.gitea/workflows/kubeadm-reset.yml
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
name: Kubeadm Reset
|
||||||
|
run-name: ${{ gitea.actor }} requested kubeadm reset
|
||||||
|
|
||||||
|
on:
|
||||||
|
workflow_dispatch:
|
||||||
|
inputs:
|
||||||
|
confirm:
|
||||||
|
description: "Type RESET to run kubeadm reset on all nodes"
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: kubeadm-bootstrap
|
||||||
|
cancel-in-progress: false
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
reset:
|
||||||
|
name: "Reset Cluster Nodes"
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Validate confirmation phrase
|
||||||
|
run: |
|
||||||
|
if [ "${{ inputs.confirm }}" != "RESET" ]; then
|
||||||
|
echo "Confirmation failed. You must type RESET."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: https://gitea.com/actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Create SSH key
|
||||||
|
run: |
|
||||||
|
install -m 0700 -d ~/.ssh
|
||||||
|
cat > ~/.ssh/id_ed25519 << 'EOF'
|
||||||
|
${{ secrets.KUBEADM_SSH_PRIVATE_KEY }}
|
||||||
|
EOF
|
||||||
|
chmod 0600 ~/.ssh/id_ed25519
|
||||||
|
|
||||||
|
- name: Create kubeadm inventory
|
||||||
|
working-directory: nixos/kubeadm/scripts
|
||||||
|
run: |
|
||||||
|
cat > inventory.env << EOF
|
||||||
|
SSH_USER=${{ secrets.KUBEADM_SSH_USER }}
|
||||||
|
CP_1=${{ secrets.KUBEADM_CP_1_IP }}
|
||||||
|
CP_2=${{ secrets.KUBEADM_CP_2_IP }}
|
||||||
|
CP_3=${{ secrets.KUBEADM_CP_3_IP }}
|
||||||
|
WK_1=${{ secrets.KUBEADM_WK_1_IP }}
|
||||||
|
WK_2=${{ secrets.KUBEADM_WK_2_IP }}
|
||||||
|
WK_3=${{ secrets.KUBEADM_WK_3_IP }}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
- name: Run cluster reset
|
||||||
|
run: |
|
||||||
|
./nixos/kubeadm/scripts/reset-cluster-nodes.sh
|
||||||
@@ -115,6 +115,20 @@ For a full nuke/recreate lifecycle:
|
|||||||
- run Terraform destroy/apply for VMs first,
|
- run Terraform destroy/apply for VMs first,
|
||||||
- then run `./scripts/rebuild-and-bootstrap.sh` again.
|
- then run `./scripts/rebuild-and-bootstrap.sh` again.
|
||||||
|
|
||||||
|
## Optional Gitea workflow automation
|
||||||
|
|
||||||
|
Manual dispatch workflows are available:
|
||||||
|
|
||||||
|
- `.gitea/workflows/kubeadm-bootstrap.yml`
|
||||||
|
- `.gitea/workflows/kubeadm-reset.yml`
|
||||||
|
|
||||||
|
Required repository secrets:
|
||||||
|
|
||||||
|
- `KUBEADM_SSH_PRIVATE_KEY`
|
||||||
|
- `KUBEADM_SSH_USER`
|
||||||
|
- `KUBEADM_CP_1_IP`, `KUBEADM_CP_2_IP`, `KUBEADM_CP_3_IP`
|
||||||
|
- `KUBEADM_WK_1_IP`, `KUBEADM_WK_2_IP`, `KUBEADM_WK_3_IP`
|
||||||
|
|
||||||
## Notes
|
## Notes
|
||||||
|
|
||||||
- Scripts are intentionally manual-triggered (predictable for homelab bring-up).
|
- Scripts are intentionally manual-triggered (predictable for homelab bring-up).
|
||||||
|
|||||||
Reference in New Issue
Block a user