Restructure yaml, add CI/CD pipelines

.woodpecker/build.yaml

@@ -0,0 +1,74 @@
+when:
+  - branch: master
+    event: [push, pull_request]
+
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      # TODO: extend this to use an image that has our root certificate baked in
+      skip-verify: true
+
+steps:
+  pleroma:
+    image: woodpeckerci/plugin-kaniko
+    settings:
+      registry: cr.forge.lan
+      repo: darkdork.dev/pleroma
+      context: pleroma
+      tags:
+      - ${CI_COMMIT_SHA}
+      - prod
+      cache: true
+      skip-tls-verify: true
+      username:
+        from_secret:
+          docker_registry_username
+      password:
+        from_secret:
+          docker_registry_password
+    when:
+      event: [pull_request, push]
+    depends_on: []
+  privoxy:
+    image: woodpecker-ci/plugin-kaniko
+    settings:
+      registry: cr.forge.lan
+      repo: darkdork.dev/privoxy
+      context: privoxy
+      tags:
+      - ${CI_COMMIT_SHA}
+      - prod
+      cache: true
+      skip-tls-verify: true
+      username:
+        from_secret:
+          docker_registry_username
+      password:
+        from_secret:
+          docker_registry_password
+    when:
+      event: [pull_request, push]
+    depends_on: []
+  tor:
+    image: woodpecker-ci/plugin-kaniko
+    settings:
+      registry: cr.forge.lan
+      repo: darkdork.dev/tor
+      context: privoxy
+      tags:
+      - ${CI_COMMIT_SHA}
+      - prod
+      cache: true
+      skip-tls-verify: true
+      username:
+        from_secret:
+          docker_registry_username
+      password:
+        from_secret:
+          docker_registry_password
+    when:
+      event: [pull_request, push]
+    depends_on: []

.woodpecker/deploy.yaml

@@ -0,0 +1,89 @@
+when:
+  - branch: master
+    event: [push, pull_request]
+
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      # TODO: extend this to use an image that has our root certificate baked in
+      skip-verify: true
+
+steps:
+  darkdork.dev:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - kubectl apply -Rf manifests/darkdork.dev
+  postgres:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - kubectl apply -Rf manifests/postgres
+  minio:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - kubectl apply -Rf manifests/minio
+  tor:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - kubectl apply -Rf manifests/tor
+      - envsubst < manifests/tor/deployment.yaml.template | kubectl apply -f -
+  privoxy:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - kubectl apply -Rf manifests/privoxy
+      - envsubst < manifests/privoxy/deployment.yaml.template | kubectl apply -f -
+  pleroma:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - kubectl -Rf manifests/pleroma
+      - envsubst < manifests/pleroma/deployment.yaml.template | kubectl apply -f -

.woodpecker/pleroma.yaml

@@ -0,0 +1,45 @@
+when:
+  - branch: master
+    event: [push, pull_request]
+
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+    settings:
+      recursive: true
+      # TODO: extend this to use an image that has our root certificate baked in
+      skip-verify: true
+
+steps:
+  publish:
+    image: woodpeckerci/plugin-kaniko
+    settings:
+      registry: cr.forge.lan
+      repo: darkdork.dev/pleroma
+      context: pleroma
+      tags:
+      - ${CI_COMMIT_SHA}
+      - prod
+      cache: true
+      skip-tls-verify: true
+      username:
+        from_secret:
+          docker_registry_username
+      password:
+        from_secret:
+          docker_registry_password
+    when:
+      event: [pull_request, push]
+  deploy:
+    image: cr.forge.lan/alk8s/alk8s:latest
+    pull: true
+    environment:
+        KUBECONFIG_BASE64:
+          from_secret: kubeconfig_base64
+        CI_COMMIT_SHA: ${CI_COMMIT_SHA}
+    commands:
+      - mkdir -p ~/.kube
+      - echo $KUBECONFIG_BASE64 | base64 -d > ~/.kube/config
+      - pwd
+      - envsubst < manifests/pleroma/deployment.template.yaml | kubectl apply -f -