Tellsanguis
d5d477b05c
All checks were successful
Update all deployment jobs to use Ubuntu 24.04 LTS template and LINSTOR storage backend for improved reliability.
161 lines
5.8 KiB
YAML
161 lines
5.8 KiB
YAML
name: CD - Deploy Infrastructure
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
workflow_dispatch: # Allow manual trigger
|
|
|
|
jobs:
|
|
# Run CI first
|
|
ci:
|
|
uses: ./.forgejo/workflows/ci.yml
|
|
secrets: inherit
|
|
|
|
# Deploy infrastructure in parallel
|
|
deploy-pve1:
|
|
name: Deploy on pve1
|
|
runs-on: self-hosted
|
|
needs: ci
|
|
continue-on-error: true
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Terraform Apply on pve1
|
|
run: |
|
|
cd terraform/pve1
|
|
cat > terraform.tfvars <<EOF
|
|
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
|
|
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
|
|
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
|
|
forgejo_token = "${{ secrets.FORGEJO_TOKEN }}"
|
|
forgejo_repo_url = "${{ secrets.FORGEJO_REPO_URL }}"
|
|
k3s_version = "v1.28.5+k3s1"
|
|
ubuntu_template = "ubuntu-2404-cloudinit"
|
|
storage_pool = "linstor_storage"
|
|
snippets_storage = "local"
|
|
k3s_network_bridge = "k3s"
|
|
k3s_gateway = "10.100.20.1"
|
|
k3s_dns = ["10.100.20.1", "1.1.1.1"]
|
|
k3s_server_1_config = { ip = "10.100.20.10/24", cores = 6, memory = 12288, disk_size = "100G" }
|
|
EOF
|
|
tofu init
|
|
tofu apply -auto-approve
|
|
|
|
deploy-pve2:
|
|
name: Deploy on pve2
|
|
runs-on: self-hosted
|
|
needs: ci
|
|
continue-on-error: true
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Terraform Apply on pve2
|
|
run: |
|
|
cd terraform/pve2
|
|
cat > terraform.tfvars <<EOF
|
|
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
|
|
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
|
|
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
|
|
forgejo_token = "${{ secrets.FORGEJO_TOKEN }}"
|
|
forgejo_repo_url = "${{ secrets.FORGEJO_REPO_URL }}"
|
|
k3s_version = "v1.28.5+k3s1"
|
|
ubuntu_template = "ubuntu-2404-cloudinit"
|
|
storage_pool = "linstor_storage"
|
|
snippets_storage = "local"
|
|
k3s_network_bridge = "k3s"
|
|
k3s_gateway = "10.100.20.1"
|
|
k3s_dns = ["10.100.20.1", "1.1.1.1"]
|
|
k3s_server_2_config = { ip = "10.100.20.20/24", cores = 6, memory = 12288, disk_size = "100G" }
|
|
EOF
|
|
tofu init
|
|
tofu apply -auto-approve
|
|
|
|
deploy-pve3:
|
|
name: Deploy on pve3
|
|
runs-on: self-hosted
|
|
needs: ci
|
|
continue-on-error: true
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Terraform Apply on pve3
|
|
run: |
|
|
cd terraform/pve3
|
|
cat > terraform.tfvars <<EOF
|
|
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
|
|
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
|
|
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
|
|
forgejo_token = "${{ secrets.FORGEJO_TOKEN }}"
|
|
forgejo_repo_url = "${{ secrets.FORGEJO_REPO_URL }}"
|
|
k3s_version = "v1.28.5+k3s1"
|
|
ubuntu_template = "ubuntu-2404-cloudinit"
|
|
storage_pool = "linstor_storage"
|
|
snippets_storage = "local"
|
|
k3s_network_bridge = "k3s"
|
|
k3s_gateway = "10.100.20.1"
|
|
k3s_dns = ["10.100.20.1", "1.1.1.1"]
|
|
etcd_witness_config = { ip = "10.100.20.30/24", cores = 2, memory = 2048, disk_size = "20G" }
|
|
EOF
|
|
tofu init
|
|
tofu apply -auto-approve
|
|
|
|
# Validate cluster after deployment
|
|
validate-cluster:
|
|
name: Validate K3s Cluster
|
|
runs-on: self-hosted
|
|
needs: [deploy-pve1, deploy-pve2, deploy-pve3]
|
|
if: |
|
|
always() &&
|
|
github.ref == 'refs/heads/main' &&
|
|
(
|
|
(needs.deploy-pve1.result == 'success' && needs.deploy-pve2.result == 'success') ||
|
|
(needs.deploy-pve1.result == 'success' && needs.deploy-pve3.result == 'success') ||
|
|
(needs.deploy-pve2.result == 'success' && needs.deploy-pve3.result == 'success')
|
|
)
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Wait for K3s cluster
|
|
run: |
|
|
echo "Waiting for K3s cluster to be ready..."
|
|
sleep 300 # Wait 5 minutes for ansible-pull to configure K3s
|
|
- name: Check cluster status (optional)
|
|
run: |
|
|
echo "Cluster validation completed"
|
|
continue-on-error: true
|
|
|
|
# Notify on completion
|
|
notify:
|
|
name: Deployment Notification
|
|
runs-on: self-hosted
|
|
needs: [deploy-pve1, deploy-pve2, deploy-pve3, validate-cluster]
|
|
if: always()
|
|
steps:
|
|
- name: Deployment Summary
|
|
run: |
|
|
echo "=== Deployment Summary ==="
|
|
echo "pve1 (k3s-server-1): ${{ needs.deploy-pve1.result }}"
|
|
echo "pve2 (k3s-server-2): ${{ needs.deploy-pve2.result }}"
|
|
echo "pve3 (etcd-witness): ${{ needs.deploy-pve3.result }}"
|
|
echo "Cluster validation: ${{ needs.validate-cluster.result }}"
|
|
echo ""
|
|
|
|
# Count successful deployments
|
|
success_count=0
|
|
[ "${{ needs.deploy-pve1.result }}" == "success" ] && ((success_count++))
|
|
[ "${{ needs.deploy-pve2.result }}" == "success" ] && ((success_count++))
|
|
[ "${{ needs.deploy-pve3.result }}" == "success" ] && ((success_count++))
|
|
|
|
echo "Nodes deployed: $success_count/3"
|
|
|
|
if [ $success_count -ge 2 ]; then
|
|
echo "SUCCESS: HA maintained - Quorum achieved ($success_count/3 nodes)"
|
|
exit 0
|
|
elif [ $success_count -eq 1 ]; then
|
|
echo "WARNING: Only 1 node deployed - No HA"
|
|
exit 1
|
|
else
|
|
echo "CRITICAL: No nodes deployed"
|
|
exit 1
|
|
fi
|