Tellsanguis/Homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(ci): Configure CI/CD workflow triggers
Some checks failed
CD - Deploy Infrastructure / Terraform Validation (push) Successful in 16s
Details
CD - Deploy Infrastructure / Deploy on pve1 (push) Failing after 1m5s
Details
CD - Deploy Infrastructure / Deploy on pve2 (push) Failing after 2m25s
Details
CD - Deploy Infrastructure / Deploy on pve3 (push) Failing after 2m12s
Details
CD - Deploy Infrastructure / Validate K3s Cluster (push) Has been skipped
Details
CD - Deploy Infrastructure / Deployment Notification (push) Failing after 1s
Details

Browse source
This commit is contained in:
Tellsanguis 2025-11-26 19:28:17 +01:00
parent 801e130679
commit c70d3e3c03
8 changed files with 181 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.forgejo/workflows/ci.yml
View file

@ -6,6 +6,7 @@ on:
- '**'
- '!main' # Exclude main branch (CD workflow handles it)
pull_request:
workflow_call: # Allow this workflow to be called by other workflows
jobs:
ci-terraform:

155
.forgejo/workflows/deploy.yml
View file

@ -7,20 +7,80 @@ on:
workflow_dispatch: # Allow manual trigger
jobs:
# Run CI first
ci:
uses: ./.forgejo/workflows/ci.yml
secrets: inherit
# Run Terraform validation first
ci-terraform:
name: Terraform Validation
runs-on: self-hosted
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup OpenTofu
run: |
if ! command -v tofu &> /dev/null; then
curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash -s -- --install-method standalone --opentofu-version 1.10.7
fi
- name: Terraform Format Check
run: |
cd terraform
tofu fmt -check -recursive
continue-on-error: false
- name: Terraform Validate
run: |
for dir in terraform/pve*; do
if [ -d "$dir" ]; then
echo "--- Validating $dir ---"
(cd "$dir" && tofu init -backend=false && tofu validate)
fi
done
- name: Terraform Plan
run: |
for dir in terraform/pve*; do
if [ -d "$dir" ]; then
echo "--- Planning $dir ---"
(
cd "$dir" && \
tofu init && \
tofu plan || echo "WARNING: Plan failed for $(basename $dir) - node may be unavailable"
)
fi
done
env:
TF_VAR_proxmox_api_url: "https://192.168.100.10:8006/api2/json"
TF_VAR_proxmox_token_id: ${{ secrets.PROXMOX_TOKEN_ID }}
TF_VAR_proxmox_token_secret: ${{ secrets.PROXMOX_TOKEN_SECRET }}
TF_VAR_proxmox_tls_insecure: "true"
TF_VAR_ssh_public_key: ${{ secrets.SSH_PUBLIC_KEY }}
TF_VAR_forgejo_token: ${{ secrets.GIT_TOKEN }}
TF_VAR_forgejo_repo_url: ${{ secrets.GIT_REPO_URL }}
TF_VAR_k3s_version: "v1.28.5+k3s1"
TF_VAR_ubuntu_template: "ubuntu-2404-cloudinit"
TF_VAR_storage_pool: "linstor_storage"
TF_VAR_snippets_storage: "local"
TF_VAR_k3s_network_bridge: "k3s"
TF_VAR_k3s_gateway: "10.100.20.1"
TF_VAR_k3s_dns: '["10.100.20.1", "1.1.1.1"]'
TF_VAR_k3s_server_1_config: '{ ip = "10.100.20.10/24", cores = 6, memory = 12288, disk_size = "100G" }'
TF_VAR_k3s_server_2_config: '{ ip = "10.100.20.20/24", cores = 6, memory = 12288, disk_size = "100G" }'
TF_VAR_etcd_witness_config: '{ ip = "10.100.20.30/24", cores = 2, memory = 2048, disk_size = "20G" }'
# Deploy infrastructure in parallel
deploy-pve1:
name: Deploy on pve1
runs-on: self-hosted
needs: ci
needs: ci-terraform
continue-on-error: true
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup OpenTofu
run: |
if ! command -v tofu &> /dev/null; then
curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash -s -- --install-method standalone --opentofu-version 1.10.7
fi
- name: Terraform Apply on pve1
run: |
cd terraform/pve1
@ -30,14 +90,15 @@ jobs:
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
forgejo_token = "${{ secrets.GIT_TOKEN }}"
forgejo_repo_url = "${{ secrets.GIT_REPO_URL }}"
k3s_version = "v1.28.5+k3s1"
ubuntu_template = "ubuntu-2404-cloudinit"
storage_pool = "linstor_storage"
snippets_storage = "local"
k3s_network_bridge = "k3s"
k3s_gateway = "10.100.20.1"
k3s_dns = ["10.100.20.1", "1.1.1.1"]
k3s_server_1_config = { ip = "10.100.20.10/24", cores = 6, memory = 12288, disk_size = "100G" }
k3s_version = "v1.28.5+k3s1"
ubuntu_template = "ubuntu-2404-cloudinit"
storage_pool = "linstor_storage"
k3s_server_1_storage_pool = "linstor_storage"
snippets_storage = "local"
k3s_network_bridge = "k3s"
k3s_gateway = "10.100.20.1"
k3s_dns = ["10.100.20.1", "1.1.1.1"]
k3s_server_1_config = { ip = "10.100.20.10/24", cores = 6, memory = 12288, disk_size = "100G" }
EOF
tofu init
tofu apply -auto-approve
@ -45,28 +106,34 @@ jobs:
deploy-pve2:
name: Deploy on pve2
runs-on: self-hosted
needs: ci
needs: ci-terraform
continue-on-error: true
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup OpenTofu
run: |
if ! command -v tofu &> /dev/null; then
curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash -s -- --install-method standalone --opentofu-version 1.10.7
fi
- name: Terraform Apply on pve2
run: |
cd terraform/pve2
cat > terraform.tfvars <<EOF
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
forgejo_token = "${{ secrets.GIT_TOKEN }}"
forgejo_repo_url = "${{ secrets.GIT_REPO_URL }}"
k3s_version = "v1.28.5+k3s1"
ubuntu_template = "ubuntu-2404-cloudinit"
storage_pool = "linstor_storage"
snippets_storage = "local"
k3s_network_bridge = "k3s"
k3s_gateway = "10.100.20.1"
k3s_dns = ["10.100.20.1", "1.1.1.1"]
k3s_server_2_config = { ip = "10.100.20.20/24", cores = 6, memory = 12288, disk_size = "100G" }
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
forgejo_token = "${{ secrets.GIT_TOKEN }}"
forgejo_repo_url = "${{ secrets.GIT_REPO_URL }}"
k3s_version = "v1.28.5+k3s1"
ubuntu_template = "ubuntu-2404-cloudinit"
storage_pool = "linstor_storage"
k3s_server_2_storage_pool = "linstor_storage"
snippets_storage = "local"
k3s_network_bridge = "k3s"
k3s_gateway = "10.100.20.1"
k3s_dns = ["10.100.20.1", "1.1.1.1"]
k3s_server_2_config = { ip = "10.100.20.20/24", cores = 6, memory = 12288, disk_size = "100G" }
EOF
tofu init
tofu apply -auto-approve
@ -74,28 +141,34 @@ jobs:
deploy-pve3:
name: Deploy on pve3
runs-on: self-hosted
needs: ci
needs: ci-terraform
continue-on-error: true
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup OpenTofu
run: |
if ! command -v tofu &> /dev/null; then
curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash -s -- --install-method standalone --opentofu-version 1.10.7
fi
- name: Terraform Apply on pve3
run: |
cd terraform/pve3
cat > terraform.tfvars <<EOF
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
forgejo_token = "${{ secrets.GIT_TOKEN }}"
forgejo_repo_url = "${{ secrets.GIT_REPO_URL }}"
k3s_version = "v1.28.5+k3s1"
ubuntu_template = "ubuntu-2404-cloudinit"
storage_pool = "linstor_storage"
snippets_storage = "local"
k3s_network_bridge = "k3s"
k3s_gateway = "10.100.20.1"
k3s_dns = ["10.100.20.1", "1.1.1.1"]
etcd_witness_config = { ip = "10.100.20.30/24", cores = 2, memory = 2048, disk_size = "20G" }
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
forgejo_token = "${{ secrets.GIT_TOKEN }}"
forgejo_repo_url = "${{ secrets.GIT_REPO_URL }}"
k3s_version = "v1.28.5+k3s1"
ubuntu_template = "ubuntu-2404-cloudinit"
storage_pool = "linstor_storage"
etcd_witness_storage_pool = "local-lvm"
snippets_storage = "local"
k3s_network_bridge = "k3s"
k3s_gateway = "10.100.20.1"
k3s_dns = ["10.100.20.1", "1.1.1.1"]
etcd_witness_config = { ip = "10.100.20.30/24", cores = 2, memory = 2048, disk_size = "20G" }
EOF
tofu init
tofu apply -auto-approve

27
terraform/pve1/main.tf
View file

@ -4,7 +4,7 @@ terraform {
required_providers {
proxmox = {
source = "telmate/proxmox"
version = "~> 2.9"
version = "3.0.2-rc05"
}
local = {
source = "hashicorp/local"
@ -20,32 +20,37 @@ provider "proxmox" {
pm_tls_insecure = var.proxmox_tls_insecure
}
# K3s Server VM on pve1
# K3s Server VM on acemagician
resource "proxmox_vm_qemu" "k3s_server_1" {
name = "k3s-server-1"
target_node = "pve1"
target_node = "acemagician"
clone = var.ubuntu_template
full_clone = true
cores = var.k3s_server_1_config.cores
sockets = 1
memory = var.k3s_server_1_config.memory
agent = 1
cpu {
cores = var.k3s_server_1_config.cores
sockets = 1
}
memory = var.k3s_server_1_config.memory
agent = 1
boot = "order=scsi0"
scsihw = "virtio-scsi-single"
onboot = true
network {
id = 0
model = "virtio"
bridge = var.k3s_network_bridge
}
disk {
slot = 0
slot = "scsi0"
size = var.k3s_server_1_config.disk_size
type = "scsi"
storage = var.storage_pool
iothread = 1
type = "disk"
storage = var.k3s_server_1_storage_pool
iothread = true
}
ipconfig0 = "ip=${var.k3s_server_1_config.ip},gw=${var.k3s_gateway}"

6
terraform/pve1/variables.tf
View file

@ -53,6 +53,12 @@ variable "storage_pool" {
type = string
}
variable "k3s_server_1_storage_pool" {
description = "Storage pool for k3s-server-1 disk (linstor_storage for HA)"
type = string
default = "linstor_storage"
}
variable "snippets_storage" {
description = "Proxmox storage for cloud-init snippets"
type = string

27
terraform/pve2/main.tf
View file

@ -4,7 +4,7 @@ terraform {
required_providers {
proxmox = {
source = "telmate/proxmox"
version = "~> 2.9"
version = "3.0.2-rc05"
}
local = {
source = "hashicorp/local"
@ -20,32 +20,37 @@ provider "proxmox" {
pm_tls_insecure = var.proxmox_tls_insecure
}
# K3s Server VM on pve2
# K3s Server VM on elitedesk
resource "proxmox_vm_qemu" "k3s_server_2" {
name = "k3s-server-2"
target_node = "pve2"
target_node = "elitedesk"
clone = var.ubuntu_template
full_clone = true
cores = var.k3s_server_2_config.cores
sockets = 1
memory = var.k3s_server_2_config.memory
agent = 1
cpu {
cores = var.k3s_server_2_config.cores
sockets = 1
}
memory = var.k3s_server_2_config.memory
agent = 1
boot = "order=scsi0"
scsihw = "virtio-scsi-single"
onboot = true
network {
id = 0
model = "virtio"
bridge = var.k3s_network_bridge
}
disk {
slot = 0
slot = "scsi0"
size = var.k3s_server_2_config.disk_size
type = "scsi"
storage = var.storage_pool
iothread = 1
type = "disk"
storage = var.k3s_server_2_storage_pool
iothread = true
}
ipconfig0 = "ip=${var.k3s_server_2_config.ip},gw=${var.k3s_gateway}"

6
terraform/pve2/variables.tf
View file

@ -53,6 +53,12 @@ variable "storage_pool" {
type = string
}
variable "k3s_server_2_storage_pool" {
description = "Storage pool for k3s-server-2 disk (linstor_storage for HA)"
type = string
default = "linstor_storage"
}
variable "snippets_storage" {
description = "Proxmox storage for cloud-init snippets"
type = string

27
terraform/pve3/main.tf
View file

@ -4,7 +4,7 @@ terraform {
required_providers {
proxmox = {
source = "telmate/proxmox"
version = "~> 2.9"
version = "3.0.2-rc05"
}
local = {
source = "hashicorp/local"
@ -20,32 +20,37 @@ provider "proxmox" {
pm_tls_insecure = var.proxmox_tls_insecure
}
# etcd Witness VM on pve3
# etcd Witness VM on thinkpad
resource "proxmox_vm_qemu" "etcd_witness" {
name = "etcd-witness"
target_node = "pve3"
target_node = "thinkpad"
clone = var.ubuntu_template
full_clone = true
cores = var.etcd_witness_config.cores
sockets = 1
memory = var.etcd_witness_config.memory
agent = 1
cpu {
cores = var.etcd_witness_config.cores
sockets = 1
}
memory = var.etcd_witness_config.memory
agent = 1
boot = "order=scsi0"
scsihw = "virtio-scsi-single"
onboot = true
network {
id = 0
model = "virtio"
bridge = var.k3s_network_bridge
}
disk {
slot = 0
slot = "scsi0"
size = var.etcd_witness_config.disk_size
type = "scsi"
storage = var.storage_pool
iothread = 1
type = "disk"
storage = var.etcd_witness_storage_pool
iothread = true
}
ipconfig0 = "ip=${var.etcd_witness_config.ip},gw=${var.k3s_gateway}"

6
terraform/pve3/variables.tf
View file

@ -53,6 +53,12 @@ variable "storage_pool" {
type = string
}
variable "etcd_witness_storage_pool" {
description = "Proxmox storage pool for etcd witness VM disk (thinkpad uses local storage)"
type = string
default = "local-lvm"
}
variable "snippets_storage" {
description = "Proxmox storage for cloud-init snippets"
type = string