feat(ci): add GitOps pipeline with Gitea Actions and ArgoCD

- Add Gitea Actions workflow for building and pushing Docker images - Configure ArgoCD Application for auto-sync deployment - Update Helm values to use Gitea container registry - Add setup documentation for GitOps configuration Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-02 00:05:45 +01:00
parent b205fedde6
commit 51b4b34c19
4 changed files with 233 additions and 4 deletions
--- a/argocd/application.yaml
+++ b/argocd/application.yaml
@@ -0,0 +1,61 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: taskplaner
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://git.kube2.tricnet.de/tho/taskplaner.git
+    targetRevision: HEAD
+    path: helm/taskplaner
+    helm:
+      valueFiles:
+        - values.yaml
+      parameters:
+        - name: image.repository
+          value: git.kube2.tricnet.de/tho/taskplaner
+        - name: ingress.enabled
+          value: "true"
+        - name: ingress.className
+          value: traefik
+        - name: ingress.hosts[0].host
+          value: task.kube2.tricnet.de
+        - name: ingress.hosts[0].paths[0].path
+          value: /
+        - name: ingress.hosts[0].paths[0].pathType
+          value: Prefix
+        - name: ingress.tls[0].secretName
+          value: taskplaner-tls
+        - name: ingress.tls[0].hosts[0]
+          value: task.kube2.tricnet.de
+        - name: ingress.annotations.cert-manager\.io/cluster-issuer
+          value: letsencrypt-prod
+        - name: config.origin
+          value: https://task.kube2.tricnet.de
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+---
+# Secret for Gitea Container Registry access
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gitea-registry-secret
+  namespace: default
+type: kubernetes.io/dockerconfigjson
+stringData:
+  .dockerconfigjson: |
+    {
+      "auths": {
+        "git.kube2.tricnet.de": {
+          "auth": "REPLACE_WITH_BASE64_ENCODED_USERNAME_COLON_PASSWORD"
+        }
+      }
+    }