actions

kube-do
bootstrap
kube-secrets
helm-lint
discord
development

For a working example see kube-template

kube-do-action

Manage DigitalOcean Kubernetes cluster lifecycle

Create or delete clusters based on a config definition

# examples/kube-do-sample.yaml
version: 1
name: do-sample
provider: digitalocean
+ status: UP
- status: DOWN

config:
  region: lon1
  size: s-1vcpu-2gb
  count: 1

Example

- name: Provision
  uses: hckops/actions/kube-do-action@main
  with:
    access-token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
    config-path: examples/kube-do-sample.yaml
    wait: true

Requires DIGITALOCEAN_ACCESS_TOKEN secret

How to Create a Personal Access Token
Create a Personal Access Token

How to test it locally

# build image
docker build -t hckops/kube-do-action ./kube-do-action

# run action
docker run --rm \
  -e GITHUB_REPOSITORY="INVALID_GITHUB_REPOSITORY" \
  hckops/kube-do-action \
  "INVALID_GITHUB_TOKEN" "INVALID_ACCESS_TOKEN" "./examples/kube-do-sample.yaml" \
  "false" "false" "false"

TODOs

add domain if doesn't exist, see doctl_cluster create
validate cluster definition ClusterConfig e.g. JSON Schema
scheduler
- reconcile cluster drift status
- delete development clusters (add flag) after working hours
try to remove github-token from inputs
implementation: shell vs ???

bootstrap-action

Bootstrap a platform with ArgoCD

Example

- name: Bootstrap
  uses: hckops/actions/bootstrap-action@main
  with:
    gitops-ssh-key: ${{ secrets.GITOPS_SSH_KEY }}
    argocd-admin-password: ${{ secrets.ARGOCD_ADMIN_PASSWORD }}
    kubeconfig: <REPOSITORY_NAME>-kubeconfig.yaml
    chart-path: ./charts/argocd-config
    version: HEAD

Requires

GITOPS_SSH_KEY secret

Generate a new SSH key pair

# generate ssh key pair
ssh-keygen -t ed25519 -C "[email protected]" -N '' -f /tmp/id_ed25519_gitops

# add public key to a github user account with access to the repo
cat /tmp/id_ed25519_gitops.pub | xclip -selection clipboard

# create secret with private key
cat /tmp/id_ed25519_gitops | xclip -selection clipboard

# cleanup
rm /tmp/id_ed25519_gitops*

ARGOCD_ADMIN_PASSWORD secret
- User Management
- How to change admin password

How to test it locally on minikube

# see "scripts/local.sh"
make bootstrap
# default cluster
make bootstrap kube="template"

# admin|argocd
kubectl port-forward svc/argocd-server -n argocd 8080:443

kube-secrets-action

Init Kubernetes master Secret used by the operator

Example

# AKEYLESS
- name: Secrets
  uses: hckops/actions/kube-secrets-action@main
  with:
    kubeconfig: <REPOSITORY_NAME>-kubeconfig.yaml
    operator: external-secrets-akeyless
    external-secrets-akeyless-access-id: ${{ secrets.AKEYLESS_ACCESS_ID }}
    external-secrets-akeyless-access-type: api_key
    external-secrets-akeyless-access-type-param: ${{ secrets.AKEYLESS_ACCESS_KEY }}

# LASTPASS
- name: Secrets
  uses: hckops/actions/kube-secrets-action@main
  with:
    kubeconfig: <REPOSITORY_NAME>-kubeconfig.yaml
    operator: edgelevel-lastpass
    edgelevel-lastpass-username: ${{ secrets.LASTPASS_USERNAME }}
    edgelevel-lastpass-password: ${{ secrets.LASTPASS_PASSWORD }}

Requires

AKEYLESS_ACCESS_ID and AKEYLESS_ACCESS_KEY secrets for Akeyless
LASTPASS_USERNAME and LASTPASS_PASSWORD secrets for LastPass

helm-lint-action

Validate Helm chart

Example

- name: Helm Lint
  uses: hckops/actions/helm-lint-action@main

TODOs

rename kube-validate
add https://github.com/yannh/kubeconform
add https://github.com/koalaman/shellcheck

discord-action

Interact with Discord API

Example of Create message

- name: Notification
  uses: hckops/actions/discord-action@main
  with:
    action: create-message
    webhook-url: ${{ secrets.DISCORD_WEBHOOK_URL }}
    message: "Hello World"

Requires DISCORD_WEBHOOK_URL secret

Intro to Webhooks

How to test it locally

DISCORD_WEBHOOK_URL="INVALID_URL"
make discord-create webhook=${DISCORD_WEBHOOK_URL} message=test

docker build -t hckops/discord-action ./discord-action
docker run --rm hckops/discord-action "create-message" ${DISCORD_WEBHOOK_URL} "docker"

Development

Docker images

Actions base images

DockerHub

# run command
docker run --rm hckops/kube-base /bin/bash -c <kubectl|helm|argocd>

# start temporary container
docker run --rm --name hck-tmp -it hckops/kube-<base|aws|do>

How to publish docker images

# publish with action
git tag docker-X.Y.Z
git push origin --tags

# build and publish manually (old)
make docker-build
make docker-publish version=vX.Y.Z token=<ACCESS_TOKEN>
make docker-clean

Actions to update when a new tag is created

bootstrap-action
helm-lint-action
kube-do-action
kube-secrets-action

minikube

Documentation

# install 
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube_latest_amd64.deb
sudo dpkg -i minikube_latest_amd64.deb

# local cluster
minikube start --driver=docker --embed-certs
minikube delete --all

# verify status
kubectl get nodes

suyambuganesh82 / actions Goto Github PK

actions's Introduction

actions

kube-do-action

bootstrap-action

kube-secrets-action

helm-lint-action

discord-action

Development

Docker images

minikube

actions's People

Contributors

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent