From d8435c752ebc025a4cfb1f2b7d720b971adefc5e Mon Sep 17 00:00:00 2001 From: christofluethi Date: Mon, 25 Aug 2025 10:56:18 +0200 Subject: [PATCH 1/6] build and deployment --- .github/workflows/build.yaml | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 4b948164..23c700d0 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,18 +29,23 @@ jobs: - name: Login to Quay.io Container Registry uses: docker/login-action@v3 with: - registry: registry.puzzle.ch - username: ${{ secrets.PUZZLE_REG_USERNAME }} - password: ${{ secrets.PUZZLE_REG_TOKEN }} - - - name: Build Puzzle Version - uses: docker/build-push-action@v6 - with: - context: . - file: ./Dockerfile - push: true - tags: | - registry.puzzle.ch/puzzle/quarkus-techlab:pr-${{ github.event.pull_request.number }} + registry: quay.io + username: ${{ secrets.QUAYIO_USERNAME }} + password: ${{ secrets.QUAYIO_TOKEN }} +# uses: docker/login-action@v3 +# with: +# registry: registry.puzzle.ch +# username: ${{ secrets.PUZZLE_REG_USERNAME }} +# password: ${{ secrets.PUZZLE_REG_TOKEN }} + +# - name: Build Puzzle Version +# uses: docker/build-push-action@v6 +# with: +# context: . +# file: ./Dockerfile +# push: true +# tags: | +# registry.puzzle.ch/puzzle/quarkus-techlab:pr-${{ github.event.pull_request.number }} - name: Build Mobi Version uses: docker/build-push-action@v6 @@ -51,7 +56,7 @@ jobs: TRAINING_HUGO_ENV=mobi push: true tags: | - registry.puzzle.ch/puzzle/quarkus-techlab:pr-${{ github.event.pull_request.number }}-mobi + quay.io/acend/quarkus-techlab:pr-${{ github.event.pull_request.number }}-mobi - name: 'Install Helm' uses: azure/setup-helm@v3 From 3f7e08eba58d5f9b9de879c480dba45daa27d167 Mon Sep 17 00:00:00 2001 From: christofluethi Date: Mon, 25 Aug 2025 11:14:50 +0200 Subject: [PATCH 2/6] build and deployment --- .github/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 23c700d0..e1f07173 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -56,7 +56,7 @@ jobs: TRAINING_HUGO_ENV=mobi push: true tags: | - quay.io/acend/quarkus-techlab:pr-${{ github.event.pull_request.number }}-mobi + quay.io/acend/quarkus-lab:pr-${{ github.event.pull_request.number }}-mobi - name: 'Install Helm' uses: azure/setup-helm@v3 From c3af7711f52b04dbca4f0e3f3495dad34554e0e1 Mon Sep 17 00:00:00 2001 From: christofluethi Date: Mon, 25 Aug 2025 11:24:17 +0200 Subject: [PATCH 3/6] build and deployment --- .github/workflows/build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index e1f07173..c7935bd3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -30,8 +30,8 @@ jobs: uses: docker/login-action@v3 with: registry: quay.io - username: ${{ secrets.QUAYIO_USERNAME }} - password: ${{ secrets.QUAYIO_TOKEN }} + username: ${{ secrets.QUAY_USER }} + password: ${{ secrets.QUAY_PW }} # uses: docker/login-action@v3 # with: # registry: registry.puzzle.ch From 8a779d14d916b9fd951713e403bbcf9b642432d3 Mon Sep 17 00:00:00 2001 From: christofluethi Date: Mon, 25 Aug 2025 11:36:59 +0200 Subject: [PATCH 4/6] build and deployment --- .github/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c7935bd3..c3d66de8 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -70,7 +70,7 @@ jobs: - name: Create KUBECONFIG env: - KUBE_CONFIG: '${{ secrets.KUBECONFIG_TEST_AV2 }}' + KUBE_CONFIG: '${{ secrets.KUBECONFIG_K8S_ACEND_TEST }}' run: | mkdir -p $HOME/.kube echo "$KUBE_CONFIG" > $HOME/.kube/config From 0efc1b435937eae4b81c624f6a21f76f5999d933 Mon Sep 17 00:00:00 2001 From: christofluethi Date: Mon, 25 Aug 2025 11:54:53 +0200 Subject: [PATCH 5/6] build and deployment --- .github/workflows/build.yaml | 72 +++++++++++++++---------------- .github/workflows/pr-cleanup.yaml | 32 +++++++------- .github/workflows/push-main.yaml | 47 ++++++++++---------- 3 files changed, 77 insertions(+), 74 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c3d66de8..1a3e8190 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -56,7 +56,7 @@ jobs: TRAINING_HUGO_ENV=mobi push: true tags: | - quay.io/acend/quarkus-lab:pr-${{ github.event.pull_request.number }}-mobi + quay.io/acend/quarkus-techlab:pr-${{ github.event.pull_request.number }}-mobi - name: 'Install Helm' uses: azure/setup-helm@v3 @@ -70,43 +70,43 @@ jobs: - name: Create KUBECONFIG env: - KUBE_CONFIG: '${{ secrets.KUBECONFIG_K8S_ACEND_TEST }}' + KUBE_CONFIG: '${{ secrets.KUBECONFIG_TEST_AV2 }}' run: | mkdir -p $HOME/.kube echo "$KUBE_CONFIG" > $HOME/.kube/config - - name: Deploy Helm Release - env: - TRAINING_HELM_RELEASE: 'pr-${{ github.event.pull_request.number }}' - TRAINING_NAMESPACE: 'pitc-cicd-quarkus-techlab-test' - TRAINING_VERSION: '${{ github.sha }}' - run: | - helm upgrade $TRAINING_HELM_RELEASE acend-training-chart --install --wait \ - --kubeconfig $HOME/.kube/config \ - --namespace=$TRAINING_NAMESPACE \ - --set=app.name=$HELM_RELEASE \ - --set=app.version=$TRAINING_VERSION \ - --repo=https://acend.github.io/helm-charts/ \ - --values=helm-chart/values.yaml --atomic - - - name: Redeploy Deployments - env: - TRAINING_HELM_RELEASE: 'pr-${{ github.event.pull_request.number }}' - TRAINING_NAMESPACE: 'pitc-cicd-quarkus-techlab-test' - run: | - kubectl rollout restart deployment/$TRAINING_HELM_RELEASE-quarkus-techlab-puzzle \ - --kubeconfig $HOME/.kube/config \ - --namespace $TRAINING_NAMESPACE - kubectl rollout restart deployment/$TRAINING_HELM_RELEASE-quarkus-techlab-mobi \ - --kubeconfig $HOME/.kube/config \ - --namespace $TRAINING_NAMESPACE - - - name: Comment PR Environments in PR - uses: marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - message: | - PR Environments: - * puzzle - * mobi +# - name: Deploy Helm Release +# env: +# TRAINING_HELM_RELEASE: 'pr-${{ github.event.pull_request.number }}' +# TRAINING_NAMESPACE: 'pitc-cicd-quarkus-techlab-test' +# TRAINING_VERSION: '${{ github.sha }}' +# run: | +# helm upgrade $TRAINING_HELM_RELEASE acend-training-chart --install --wait \ +# --kubeconfig $HOME/.kube/config \ +# --namespace=$TRAINING_NAMESPACE \ +# --set=app.name=$HELM_RELEASE \ +# --set=app.version=$TRAINING_VERSION \ +# --repo=https://acend.github.io/helm-charts/ \ +# --values=helm-chart/values.yaml --atomic +# +# - name: Redeploy Deployments +# env: +# TRAINING_HELM_RELEASE: 'pr-${{ github.event.pull_request.number }}' +# TRAINING_NAMESPACE: 'pitc-cicd-quarkus-techlab-test' +# run: | +# kubectl rollout restart deployment/$TRAINING_HELM_RELEASE-quarkus-techlab-puzzle \ +# --kubeconfig $HOME/.kube/config \ +# --namespace $TRAINING_NAMESPACE +# kubectl rollout restart deployment/$TRAINING_HELM_RELEASE-quarkus-techlab-mobi \ +# --kubeconfig $HOME/.kube/config \ +# --namespace $TRAINING_NAMESPACE +# +# - name: Comment PR Environments in PR +# uses: marocchino/sticky-pull-request-comment@v2 +# with: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# message: | +# PR Environments: +# * puzzle +# * mobi diff --git a/.github/workflows/pr-cleanup.yaml b/.github/workflows/pr-cleanup.yaml index c3684bc6..f9319953 100644 --- a/.github/workflows/pr-cleanup.yaml +++ b/.github/workflows/pr-cleanup.yaml @@ -29,19 +29,19 @@ jobs: mkdir -p $HOME/.kube echo "$KUBE_CONFIG" > $HOME/.kube/config - - name: Remove PR Environment Helm Release - env: - TRAINING_HELM_RELEASE: 'pr-${{ github.event.pull_request.number }}' - TRAINING_NAMESPACE: 'pitc-cicd-quarkus-techlab-test' - TRAINING_VERSION: '${{ github.sha }}' - run: | - helm uninstall $TRAINING_HELM_RELEASE --kubeconfig $HOME/.kube/config --namespace=$TRAINING_NAMESPACE - - - name: Delete Tags on Quay - id: delete_tags - env: - PR_NUMBER: '${{ github.event.pull_request.number }}' - QUAYIO_API_TOKEN: '${{ secrets.QUAYIO_API_TOKEN }}' - REPOSITORY: '${{ github.repository }}' - run: | - curl -X DELETE -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" https://quay.io/api/v1/repository/${REPOSITORY}/tag/pr-${PR_NUMBER}{,-mobi} +# - name: Remove PR Environment Helm Release +# env: +# TRAINING_HELM_RELEASE: 'pr-${{ github.event.pull_request.number }}' +# TRAINING_NAMESPACE: 'pitc-cicd-quarkus-techlab-test' +# TRAINING_VERSION: '${{ github.sha }}' +# run: | +# helm uninstall $TRAINING_HELM_RELEASE --kubeconfig $HOME/.kube/config --namespace=$TRAINING_NAMESPACE +# +# - name: Delete Tags on Quay +# id: delete_tags +# env: +# PR_NUMBER: '${{ github.event.pull_request.number }}' +# QUAYIO_API_TOKEN: '${{ secrets.QUAYIO_API_TOKEN }}' +# REPOSITORY: '${{ github.repository }}' +# run: | +# curl -X DELETE -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" https://quay.io/api/v1/repository/${REPOSITORY}/tag/pr-${PR_NUMBER}{,-mobi} diff --git a/.github/workflows/push-main.yaml b/.github/workflows/push-main.yaml index 259738e5..0af3da75 100644 --- a/.github/workflows/push-main.yaml +++ b/.github/workflows/push-main.yaml @@ -32,9 +32,12 @@ jobs: - name: Login to Quay.io Container Registry uses: docker/login-action@v3 with: - registry: registry.puzzle.ch - username: ${{ secrets.PUZZLE_REG_USERNAME }} - password: ${{ secrets.PUZZLE_REG_TOKEN }} + registry: quay.io + username: ${{ secrets.QUAY_USER }} + password: ${{ secrets.QUAY_PW }} +# registry: registry.puzzle.ch +# username: ${{ secrets.PUZZLE_REG_USERNAME }} +# password: ${{ secrets.PUZZLE_REG_TOKEN }} - name: Build Puzzle Version uses: docker/build-push-action@v5 @@ -43,24 +46,24 @@ jobs: file: ./Dockerfile push: true tags: | - registry.puzzle.ch/puzzle/quarkus-techlab:latest - - - name: Run vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - image-ref: 'registry.puzzle.ch/puzzle/quarkus-techlab:latest' - format: 'table' - output: 'trivy-results.txt' - exit-code: '0' - ignore-unfixed: true - vuln-type: 'os' - severity: 'CRITICAL,HIGH' - - - name: Archive vulnerability scan results - uses: actions/upload-artifact@v4 - with: - name: trivy-results-main - path: trivy-results.txt + quay.io/acend/quarkus-techlab:latest + +# - name: Run vulnerability scanner +# uses: aquasecurity/trivy-action@master +# with: +# image-ref: 'registry.puzzle.ch/puzzle/quarkus-techlab:latest' +# format: 'table' +# output: 'trivy-results.txt' +# exit-code: '0' +# ignore-unfixed: true +# vuln-type: 'os' +# severity: 'CRITICAL,HIGH' + +# - name: Archive vulnerability scan results +# uses: actions/upload-artifact@v4 +# with: +# name: trivy-results-main +# path: trivy-results.txt - name: Build Mobi Version uses: docker/build-push-action@v5 @@ -71,7 +74,7 @@ jobs: TRAINING_HUGO_ENV=mobi push: true tags: | - registry.puzzle.ch/puzzle/quarkus-techlab:latest-mobi + quay.io/acend/quarkus-techlab:latest-mobi - name: 'Install Helm' uses: azure/setup-helm@v3 From f5995192a89194bc842aeaf48a671ef692d1df11 Mon Sep 17 00:00:00 2001 From: christofluethi Date: Mon, 25 Aug 2025 11:56:51 +0200 Subject: [PATCH 6/6] build and deployment --- helm-chart/values-acend.yaml | 2 +- helm-chart/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helm-chart/values-acend.yaml b/helm-chart/values-acend.yaml index 34f23849..502f09ba 100644 --- a/helm-chart/values-acend.yaml +++ b/helm-chart/values-acend.yaml @@ -5,7 +5,7 @@ acendTraining: name: mobi replicaCount: 1 image: - repository: registry.puzzle.ch/puzzle/quarkus-techlab + repository: quay.io/acend/quarkus-techlab pullPolicy: Always tag: "" tagsuffix: "-mobi" diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index 4371bc20..4ba9c6ce 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -5,7 +5,7 @@ acendTraining: name: puzzle replicaCount: 1 image: - repository: registry.puzzle.ch/puzzle/quarkus-techlab + repository: quay.io/acend/quarkus-techlab pullPolicy: Always tag: "" tagsuffix: "" @@ -22,7 +22,7 @@ acendTraining: name: mobi replicaCount: 1 image: - repository: registry.puzzle.ch/puzzle/quarkus-techlab + repository: quay.io/acend/quarkus-techlab pullPolicy: Always tag: "" tagsuffix: "-mobi"