kasun/homelab-infrastructure-as-code
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added k3s bootstrap config to deploy to all dedicated nodes.

Browse Source
This commit is contained in:
Kasun Jayatilaka
2026-05-29 17:55:36 +02:00
parent 3b356aa823
commit 8e60b5bcd2
9 changed files with 2999 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/deploy-k8s-bootstrap.yaml
+115
View File
@@ -0,0 +1,115 @@
name: Deploy k8s Bootstrap
on:
workflow_dispatch:
push:
branches:
- main
paths:
- 'k8s-bootstrap/**'
- '.gitea/workflows/deploy-k8s-bootstrap.yaml'
pull_request:
branches:
- main
paths:
- 'k8s-bootstrap/**'
- '.gitea/workflows/deploy-k8s-bootstrap.yaml'
jobs:
preview:
name: Pulumi Preview
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '24'
- name: Restore Stack Config
run: echo "${{ secrets.K8S_BOOTSTRAP_DEV_YAML }}" | base64 -d > k8s-bootstrap/Pulumi.dev.yaml
- name: Install Dependencies
run: npm install
working-directory: k8s-bootstrap
- name: Preview
uses: pulumi/actions@v5
with:
command: preview
stack-name: dev
work-dir: k8s-bootstrap
cloud-url: ${{ secrets.PULUMI_BACKEND_URL }}
env:
PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
deploy:
name: Bootstrap k3s Cluster
runs-on: ubuntu-latest
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '24'
- name: Restore Stack Config
run: echo "${{ secrets.K8S_BOOTSTRAP_DEV_YAML }}" | base64 -d > k8s-bootstrap/Pulumi.dev.yaml
- name: Install Dependencies
run: npm install
working-directory: k8s-bootstrap
- name: Refresh State
uses: pulumi/actions@v5
with:
command: refresh
stack-name: dev
work-dir: k8s-bootstrap
cloud-url: ${{ secrets.PULUMI_BACKEND_URL }}
env:
PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
- name: Deploy
uses: pulumi/actions@v5
with:
command: up
stack-name: dev
work-dir: k8s-bootstrap
cloud-url: ${{ secrets.PULUMI_BACKEND_URL }}
env:
PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
# Propagate kubeconfig to the downstream stacks so their next deploy picks it up
- name: Propagate kubeconfig to k8s-infra
run: |
echo "${{ secrets.K8S_INFRA_DEV_YAML }}" | base64 -d > k8s-infra/Pulumi.dev.yaml
cd k8s-infra && npm install
KUBECONFIG=$(cd ../k8s-bootstrap && pulumi stack output kubeconfig --show-secrets \
--cloud-url "${{ secrets.PULUMI_BACKEND_URL }}" -s dev)
pulumi config set --secret kubeconfig "$KUBECONFIG" \
--cloud-url "${{ secrets.PULUMI_BACKEND_URL }}" -s dev
# Re-encode updated config for the secret (update manually in Gitea after first run)
base64 -w 0 Pulumi.dev.yaml
working-directory: .
env:
PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
- name: Propagate kubeconfig to k8s-apps
run: |
echo "${{ secrets.K8S_APPS_DEV_YAML }}" | base64 -d > k8s-apps/Pulumi.dev.yaml
cd k8s-apps && npm install
KUBECONFIG=$(cd ../k8s-bootstrap && pulumi stack output kubeconfig --show-secrets \
--cloud-url "${{ secrets.PULUMI_BACKEND_URL }}" -s dev)
pulumi config set --secret kubeconfig "$KUBECONFIG" \
--cloud-url "${{ secrets.PULUMI_BACKEND_URL }}" -s dev
base64 -w 0 Pulumi.dev.yaml
working-directory: .
env:
PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}