rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Update .forgejo/workflows/deploy.yaml

Browse source
This commit is contained in:
bohessefm 2026-02-21 13:25:41 +00:00
parent d002a7dbad
commit adfc8386fe
1 changed files with 14 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
.forgejo/workflows/deploy.yaml
View file

@ -66,15 +66,7 @@ jobs:
grep -vE "resourceVersion|uid|creationTimestamp|namespace" | \
kubectl apply --namespace=${{ env.NAMESPACE }} -f -
# 3. Limpeza da Chave RSA
RSA_CONTENT="${{ secrets.RSA_PRIVATE_KEY_BASE64 || vars.RSA_PRIVATE_KEY_BASE64 }}"
if [ -n "$RSA_CONTENT" ]; then
echo "$RSA_CONTENT" | tr -d '\r\n ' > /tmp/rsa_clean_base64.txt
base64 -d /tmp/rsa_clean_base64.txt > /tmp/rsa_key.pem || cp /tmp/rsa_clean_base64.txt /tmp/rsa_key.pem
fi
# 4. Geração do arquivo de ambiente de forma compatível com YAML
# Usando printf para evitar problemas com o parser de Heredoc do GitHub
# 3. Geração do arquivo de ambiente (Variáveis de texto)
printf "MTU=%s\n" "${{ vars.MTU }}" > .env.backend
printf "DATABASE_URL=%s\n" "${{ vars.DATABASE_URL }}" >> .env.backend
printf "AMQP_URL=%s\n" "${{ vars.AMQP_URL }}" >> .env.backend
@ -93,12 +85,23 @@ jobs:
printf "AWS_ACCESS_KEY_ID=%s\n" "${{ vars.AWS_ACCESS_KEY_ID }}" >> .env.backend
printf "AWS_SECRET_ACCESS_KEY=%s\n" "${{ vars.AWS_SECRET_ACCESS_KEY }}" >> .env.backend
# Aplica a secret lendo o arquivo
# 4. Cria a secret baseada nas variáveis primeiro
kubectl create secret generic backend-secrets -n ${{ env.NAMESPACE }} \
--from-env-file=.env.backend \
$( [ -f /tmp/rsa_key.pem ] && echo "--from-file=private_key.pem=/tmp/rsa_key.pem" ) \
--dry-run=client -o yaml | kubectl apply -f -
# 5. Adiciona a chave RSA separadamente (se existir) para evitar o erro de combinação
RSA_CONTENT="${{ secrets.RSA_PRIVATE_KEY_BASE64 || vars.RSA_PRIVATE_KEY_BASE64 }}"
if [ -n "$RSA_CONTENT" ]; then
echo "$RSA_CONTENT" | tr -d '\r\n ' > /tmp/rsa_clean_base64.txt
if base64 -d /tmp/rsa_clean_base64.txt > /tmp/rsa_key.pem 2>/dev/null; then
# Adiciona o arquivo .pem na secret já existente usando set data
kubectl create secret generic backend-secrets -n ${{ env.NAMESPACE }} \
--from-file=private_key.pem=/tmp/rsa_key.pem \
--dry-run=client -o yaml | kubectl apply -f -
fi
fi
- name: Deploy to K3s
run: |
kubectl apply -f k8s/dev/ -n ${{ env.NAMESPACE }}