Merge pull request #203 from konflux-ci/konflux/references/main #235
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: App-interface repo update | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| generate: | |
| name: Push internal-services resources | |
| runs-on: ubuntu-20.04 | |
| env: | |
| NAMESPACE: stonesoup-int-srvc | |
| REMOTE_CLIENT_CONFIG_SECRET: remote-client-config | |
| REMOTE_CLIENT_CONFIG_MOUNT_PATH: "/mnt/internal-services/remote-client-config" | |
| USERS: "damoreno jbieren lmendes shebert mmalina" | |
| YQ_VERSION: "v4.30.8" | |
| steps: | |
| - name: Checkout internal-services repo | |
| uses: actions/checkout@v3 | |
| with: | |
| path: internal-services | |
| - name: Checkout app-interface repo | |
| uses: actions/checkout@v3 | |
| with: | |
| path: app-interface-deployments | |
| ref: main | |
| repository: hacbs-release/app-interface-deployments | |
| ssh-key: ${{ secrets.APP_INTERFACE_DEPLOYMENTS_SSH_PRIVATE_KEY }} | |
| - name: Copy files to app-interface-deployments | |
| run: | | |
| mkdir -p internal-services | |
| mkdir -p internal-services/crds | |
| mkdir -p internal-services/manager | |
| mkdir -p internal-services/rbac | |
| cp ../internal-services/config/crd/bases/*.yaml internal-services/crds | |
| cp ../internal-services/config/manager/manager.yaml internal-services/manager | |
| cp ../internal-services/config/rbac/*.yaml internal-services/rbac | |
| rm -r internal-services/rbac/kustomization.yaml | |
| working-directory: app-interface-deployments | |
| - name: Setup yq | |
| uses: chrisdickinson/setup-yq@latest | |
| with: | |
| yq-version: ${{ env.YQ_VERSION }} | |
| - name: Update namespaces | |
| run: | | |
| find . -type f -exec sed -i 's/namespace: system/namespace: ${{ env.NAMESPACE }}/' {} \; | |
| working-directory: app-interface-deployments/internal-services | |
| - name: Update image | |
| run: | | |
| sed -i 's/image: controller:latest/image: quay.io\/redhat-appstudio\/internal-services:${{ github.sha }}/' manager.yaml | |
| working-directory: app-interface-deployments/internal-services/manager | |
| - name: Add users to role binding | |
| run: | | |
| users=($USERS) | |
| for user in "${users[@]}" | |
| do | |
| yq -i ".subjects += {\"kind\": \"User\", \"apiGroup\": \"rbac.authorization.k8s.io\", \"name\": \"$user\" }" role_binding.yaml | |
| done | |
| working-directory: app-interface-deployments/internal-services/rbac | |
| - name: Add remote client config volume and secret | |
| run: | | |
| yq -i ".spec.template.spec.volumes = [{\"name\": \"${{ env.REMOTE_CLIENT_CONFIG_SECRET }}\", \"secret\": {\"secretName\": \"${{ env.REMOTE_CLIENT_CONFIG_SECRET }}\"}}]" manager.yaml | |
| yq -i '.spec.template.spec.containers[0].args += "--remote-cluster-config-file"' manager.yaml | |
| yq -i ".spec.template.spec.containers[0].args += \"${{ env.REMOTE_CLIENT_CONFIG_MOUNT_PATH }}/kubeconfig\"" manager.yaml | |
| yq -i ".spec.template.spec.containers[0].volumeMounts = [{\"mountPath\": \"${{ env.REMOTE_CLIENT_CONFIG_MOUNT_PATH }}\", \"name\": \"${{ env.REMOTE_CLIENT_CONFIG_SECRET }}\", \"readOnly\": true }]" manager.yaml | |
| working-directory: app-interface-deployments/internal-services/manager | |
| - name: Push to app-interface-deployments | |
| run: | | |
| git config user.name github-actions | |
| git config user.email github-actions@github.com | |
| git add . | |
| git diff-index --quiet HEAD || git commit -m "Automatic push from redhat-appstudio/internal-services" | |
| git push | |
| working-directory: app-interface-deployments |