feat(ci): add GitOps pipeline with Gitea Actions and ArgoCD
- Add Gitea Actions workflow for building and pushing Docker images - Configure ArgoCD Application for auto-sync deployment - Update Helm values to use Gitea container registry - Add setup documentation for GitOps configuration Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Thomas Richter
104
argocd/SETUP.md
Normal file
104
argocd/SETUP.md
Normal file
@@ -0,0 +1,104 @@
|
||||
# ArgoCD GitOps Setup for TaskPlaner
|
||||
|
||||
This guide sets up automatic deployment of TaskPlaner using GitOps with ArgoCD and Gitea.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes cluster access
|
||||
- Gitea instance with Packages (Container Registry) enabled
|
||||
- Gitea Actions runner configured
|
||||
|
||||
## 1. Install ArgoCD
|
||||
|
||||
```bash
|
||||
kubectl create namespace argocd
|
||||
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
|
||||
```
|
||||
|
||||
Wait for ArgoCD to be ready:
|
||||
```bash
|
||||
kubectl wait --for=condition=available deployment/argocd-server -n argocd --timeout=300s
|
||||
```
|
||||
|
||||
## 2. Configure Gitea Registry Secrets
|
||||
|
||||
### For Gitea Actions (push access)
|
||||
|
||||
In Gitea repository settings, add these secrets:
|
||||
- `REGISTRY_USERNAME`: Your Gitea username
|
||||
- `REGISTRY_PASSWORD`: A Gitea access token with `write:package` scope
|
||||
|
||||
### For Kubernetes (pull access)
|
||||
|
||||
Create an image pull secret:
|
||||
```bash
|
||||
kubectl create secret docker-registry gitea-registry-secret \
|
||||
--docker-server=git.kube2.tricnet.de \
|
||||
--docker-username=YOUR_USERNAME \
|
||||
--docker-password=YOUR_ACCESS_TOKEN \
|
||||
-n default
|
||||
```
|
||||
|
||||
## 3. Configure ArgoCD Repository Access
|
||||
|
||||
Add the Gitea repository to ArgoCD:
|
||||
```bash
|
||||
# Get ArgoCD admin password
|
||||
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
|
||||
|
||||
# Port forward to access ArgoCD UI
|
||||
kubectl port-forward svc/argocd-server -n argocd 8080:443
|
||||
|
||||
# Or use CLI
|
||||
argocd login localhost:8080 --insecure
|
||||
argocd repo add https://git.kube2.tricnet.de/tho/taskplaner.git \
|
||||
--username YOUR_USERNAME \
|
||||
--password YOUR_ACCESS_TOKEN
|
||||
```
|
||||
|
||||
## 4. Deploy the ArgoCD Application
|
||||
|
||||
```bash
|
||||
kubectl apply -f argocd/application.yaml
|
||||
```
|
||||
|
||||
Note: Edit `application.yaml` first to remove the example Secret or replace `REPLACE_WITH_BASE64_ENCODED_USERNAME_COLON_PASSWORD` with actual credentials.
|
||||
|
||||
## 5. Verify Deployment
|
||||
|
||||
```bash
|
||||
# Check ArgoCD application status
|
||||
kubectl get applications -n argocd
|
||||
|
||||
# Watch sync status
|
||||
argocd app get taskplaner
|
||||
|
||||
# Check pods
|
||||
kubectl get pods -l app.kubernetes.io/name=taskplaner
|
||||
```
|
||||
|
||||
## Workflow
|
||||
|
||||
1. Push code to `master` branch
|
||||
2. Gitea Actions builds Docker image and pushes to registry
|
||||
3. Workflow updates `helm/taskplaner/values.yaml` with new image tag
|
||||
4. ArgoCD detects change and auto-syncs deployment
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Image Pull Errors
|
||||
```bash
|
||||
kubectl describe pod -l app.kubernetes.io/name=taskplaner
|
||||
```
|
||||
Check if the image pull secret is correctly configured.
|
||||
|
||||
### ArgoCD Sync Issues
|
||||
```bash
|
||||
argocd app sync taskplaner --force
|
||||
argocd app logs taskplaner
|
||||
```
|
||||
|
||||
### Actions Runner Issues
|
||||
```bash
|
||||
kubectl logs -n gitea -l app=act-runner -c runner
|
||||
```
|
||||
Reference in New Issue
Block a user