Set up a CI server #14
Labels
No Label
bug
dev environment
docs
duplicate
enhancement
feature
idea
invalid
kredits-1
kredits-2
kredits-3
ops
question
security
ui/ux
wontfix
bug
design
dev environment
docs
duplicate
enhancement
feature
good first issue
idea
invalid
kredits-1
kredits-2
kredits-3
on hold
ops
question
release
major
release
minor
release
patch
security
ui/ux
wontfix
No Milestone
No Assignees
2 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: kosmos/gitea.kosmos.org#14
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
We already have configs for deploying Drone CI on GKE. That one works with Gitea out of the box, so I'd propose to set updrone.kosmos.org
and configure it so users ofgitea.kosmos.org
can use it for their repos.Update July 20, 2020: Since we're not using k18s anymore, I think we should now just run the normal Drone Docker setup on Centaurus or Draco.
I just looked into this again and found out that the current configs use the GKE/GCE load balancer service. Which costs ~$18.30/month per service for the first 5 forwarding rules (Gitea needs 3).
I find that a bit pricey to just throw up something that would actually not require more resources otherwise, because I think the cluster can still handle another Drone without adding nodes. And even then, the money should go towards adding nodes that actually do something worthwile, like running builds, imo.
Kubernetes has a thing called Ingress, which we haven't learned enough about yet, but it would allow us to run our own inbound lb/proxy using e.g. Nginx. We could then also use OpenResty for auto-TLS, like we already do at 5apps e.g..
@gregkare Have you checked out Ingress in the meantime, and if not, is it on your list somewhere?
I didn't realize the load balancers were so expensive. I have only read an introduction to Ingress so far (https://kubernetes.io/docs/concepts/services-networking/ingress/). It seems complex, but worth learning about.
The current state of the art for certs appears to be cert-manager (https://github.com/jetstack/cert-manager/blob/master/docs/tutorials/quick-start/index.rst)
It is on my list of things to learn more about
I'd prefer not to use Helm (and esp. not to give cluster admin privileges to its daemon), but other than that the tutorial is a great resource to get an overview of how the pieces work in combination. Nice find!
Just FYI: We have access to Digital Ocean's Kubernetes beta. Load balancers over there support Let's Encrypt out of the box and cost $10/month. 2GB nodes also cost $10/month. There's no additional charge for managing either of those with Kubernetes (same as GKE).
The Gitea OAuth provider has been merged. So now it can be implemented in Drone...
raucao referenced this issue from kosmos/chef2020-11-19 12:04:27 +00:00