Dev/talos-cluster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Initial commit, empty from template.

Browse Source
This commit is contained in:
Laur IVAN
2026-01-27 23:27:14 +01:00
commit f77a808d74
133 changed files with 4479 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
.github/workflows/e2e.yaml vendored Normal file
View File

@@ -0,0 +1,71 @@
---
name: "e2e"
on:
workflow_dispatch:
pull_request:
branches: ["main"]
paths-ignore:
- kubernetes/**
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
jobs:
configure:
if: ${{ github.repository == 'onedr0p/cluster-template' }}
name: configure
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
config-files:
- public
- private
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup mise
uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
with:
cache: false
- name: Run init task
run: task init
- name: Prepare files
run: |
cp ./.github/tests/${{ matrix.config-files }}.yaml cluster.yaml
cp ./.github/tests/nodes.yaml nodes.yaml
echo '{"AccountTag":"fake","TunnelSecret":"fake","TunnelID":"fake"}' > cloudflare-tunnel.json
touch kubeconfig
- name: Run configure task
run: task configure --yes
- name: Run generate talconfig task
run: |
FILENAME=talos/talsecret.sops.yaml
talhelper gensecret | sops --filename-override $FILENAME --encrypt /dev/stdin > $FILENAME
task talos:generate-config
- name: Run flux-local test
uses: docker://ghcr.io/allenporter/flux-local:v8.1.0@sha256:37c3c4309a351830b04f93c323adfcb0e28c368001818cd819cbce3e08828261
with:
args: test --enable-helm --all-namespaces --path /github/workspace/kubernetes/flux/cluster -v
- name: Dry run bootstrap talos task
run: task bootstrap:talos --dry
- name: Dry run bootstrap apps task
run: task bootstrap:apps --dry
- name: Run reset task
run: task template:reset --yes
- name: Run cleanup task
run: task template:tidy --yes

121
.github/workflows/flux-local.yaml vendored Normal file
View File

@@ -0,0 +1,121 @@
---
name: "Flux Local"
on:
pull_request:
branches: ["main"]
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
jobs:
pre-job:
name: Flux Local Pre-Job
runs-on: ubuntu-latest
outputs:
any_changed: ${{ steps.changed-files.outputs.any_changed }}
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Get Changed Files
id: changed-files
uses: tj-actions/changed-files@e0021407031f5be11a464abee9a0776171c79891 # v47.0.1
with:
files: kubernetes/**
test:
name: Flux Local Test
needs: pre-job
runs-on: ubuntu-latest
if: ${{ needs.pre-job.outputs.any_changed == 'true' }}
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Run flux-local test
uses: docker://ghcr.io/allenporter/flux-local:v8.1.0
with:
args: test --enable-helm --all-namespaces --path /github/workspace/kubernetes/flux/cluster -v
diff:
name: Flux Local Diff
needs: pre-job
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
strategy:
matrix:
resources: ["helmrelease", "kustomization"]
max-parallel: 4
fail-fast: false
if: ${{ needs.pre-job.outputs.any_changed == 'true' }}
steps:
- name: Checkout Pull Request Branch
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
path: pull
- name: Checkout Default Branch
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: "${{ github.event.repository.default_branch }}"
path: default
- name: Run flux-local diff
uses: docker://ghcr.io/allenporter/flux-local:v8.1.0
with:
args: >-
diff ${{ matrix.resources }}
--unified 6
--path /github/workspace/pull/kubernetes/flux/cluster
--path-orig /github/workspace/default/kubernetes/flux/cluster
--strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart"
--limit-bytes 10000
--all-namespaces
--sources "flux-system"
--output-file diff.patch
- name: Generate Diff
id: diff
run: |
cat diff.patch;
{
echo 'diff<<EOF'
cat diff.patch
echo EOF
} >> "$GITHUB_OUTPUT";
{
echo "### Diff"
echo '```diff'
cat diff.patch
echo '```'
} >> "$GITHUB_STEP_SUMMARY"
- name: Add Comment
if: ${{ steps.diff.outputs.diff != '' }}
continue-on-error: true
uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
with:
message-id: "${{ github.event.pull_request.number }}/kubernetes/${{ matrix.resources }}"
message-failure: Diff was not successful
message: |
```diff
${{ steps.diff.outputs.diff }}
```
flux-local-status:
name: Flux Local Success
needs: ["test", "diff"]
runs-on: ubuntu-latest
if: ${{ always() }}
steps:
- name: Any jobs failed?
if: ${{ contains(needs.*.result, 'failure') }}
run: exit 1
- name: All jobs passed or skipped?
if: ${{ !(contains(needs.*.result, 'failure')) }}
run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"

25
.github/workflows/label-sync.yaml vendored Normal file
View File

@@ -0,0 +1,25 @@
---
name: "Label Sync"
on:
workflow_dispatch:
push:
branches: ["main"]
paths: [".github/labels.yaml"]
jobs:
label-sync:
name: Label Sync
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Sync Labels
uses: EndBug/label-sync@52074158190acb45f3077f9099fea818aa43f97a # v2.3.3
with:
config-file: .github/labels.yaml
delete-other-labels: true

21
.github/workflows/labeler.yaml vendored Normal file
View File

@@ -0,0 +1,21 @@
---
name: "Labeler"
on:
workflow_dispatch:
pull_request_target:
branches: ["main"]
jobs:
labeler:
name: Labeler
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
issues: write
steps:
- name: Labeler
uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1
with:
configuration-path: .github/labeler.yaml

56
.github/workflows/release.yaml vendored Normal file
View File

@@ -0,0 +1,56 @@
---
name: "Release"
on:
workflow_dispatch:
schedule:
- cron: "0 0 1 * *" # 1st of every month at midnight
jobs:
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Get Previous Release Tag and Determine Next Tag
id: determine-next-tag
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
result-encoding: string
script: |
const { data: releases } = await github.rest.repos.listReleases({
owner: context.repo.owner,
repo: context.repo.repo,
per_page: 1,
});
let previousTag = "0.0.0"; // Default if no previous release exists
if (releases.length > 0) {
previousTag = releases[0].tag_name;
}
const [previousMajor, previousMinor, previousPatch] = previousTag.split('.').map(Number);
const currentYear = new Date().getFullYear();
const currentMonth = new Date().getMonth() + 1; // Months are 0-indexed in JavaScript
const nextMajorMinor = `${currentYear}.${currentMonth}`;
let nextPatch;
if (`${previousMajor}.${previousMinor}` === nextMajorMinor) {
console.log("Month release already exists for the year. Incrementing patch number by 1.");
nextPatch = previousPatch + 1;
} else {
console.log("Month release does not exist for the year. Starting with patch number 0.");
nextPatch = 0;
}
return `${nextMajorMinor}.${nextPatch}`;
- name: Create Release
uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
with:
generateReleaseNotes: true
tag: "${{ steps.determine-next-tag.outputs.result }}"
token: "${{ secrets.GITHUB_TOKEN }}"