From 7df69f23cf520b0d171e7223f1fe4f1cb7487750 Mon Sep 17 00:00:00 2001 From: yy <56745951+lingdie@users.noreply.github.com> Date: Mon, 10 Jul 2023 18:07:24 +0800 Subject: [PATCH] feat: add latest cluster image and update deploy docs. (#3484) * update sealos cloud deploy docs. * fix tls gen and add latest cluster image. --- .github/workflows/cloud.yml | 6 ++++ .github/workflows/controllers.yml | 34 ++++++++++++++----- .github/workflows/frontend.yml | 26 +++++++++++--- deploy/cloud/README.md | 15 ++++---- deploy/cloud/scripts/init.sh | 2 +- .../terminal/deploy/images/shim/imagelist | 1 - 6 files changed, 62 insertions(+), 22 deletions(-) delete mode 100644 frontend/providers/terminal/deploy/images/shim/imagelist diff --git a/.github/workflows/cloud.yml b/.github/workflows/cloud.yml index eb57b64088f..696285b5a71 100644 --- a/.github/workflows/cloud.yml +++ b/.github/workflows/cloud.yml @@ -3,6 +3,10 @@ name: Build Cloud Cluster image on: release: types: [ published ] + workflow_run: + workflows: [ "Build Controllers image", "Build Frontend Image" ] + types: + - completed workflow_dispatch: inputs: push_image: @@ -95,7 +99,9 @@ jobs: sed -i "s#latest#${BuildFromTag}#g" etc/sealos/desktop-config.yaml sudo bash init.sh sudo sealos build -t ${{ steps.prepare.outputs.repo }}:${{ steps.prepare.outputs.tag_name }} -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.repo }}:latest -f Kubefile sudo sealos push ${{ steps.prepare.outputs.repo }}:${{ steps.prepare.outputs.tag_name }} + sudo sealos push ${{ steps.prepare.outputs.repo }}:latest # todo: build multi-arch images diff --git a/.github/workflows/controllers.yml b/.github/workflows/controllers.yml index bfd744c97d1..78d992e5a06 100644 --- a/.github/workflows/controllers.yml +++ b/.github/workflows/controllers.yml @@ -210,10 +210,12 @@ jobs: - name: Prepare id: prepare run: | - bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}" "${{ inputs.push_image_tag }}" + tag_name=$(bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}" "${{ inputs.push_image_tag }}") echo old_docker_repo=ghcr.io/labring/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT echo new_docker_repo=ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT echo cluster_repo=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT + echo cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:${tag_name} >> $GITHUB_OUTPUT + echo latest_cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:latest >> $GITHUB_OUTPUT - name: Download sealos uses: actions/download-artifact@v3 @@ -240,22 +242,38 @@ jobs: - name: Build ${{ matrix.module.name }}-controller cluster image working-directory: controllers/${{ matrix.module.path }}/deploy run: | - CLUSTER_IMAGE_NAME=${{ steps.prepare.outputs.cluster_repo }}:${{ steps.prepare.outputs.tag_name }} - sudo sealos build -t ${CLUSTER_IMAGE_NAME}-amd64 --platform linux/amd64 -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-amd64 --platform linux/amd64 -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-amd64 --platform linux/amd64 -f Kubefile # delete old registry cache sudo rm -rf registry - sudo sealos build -t ${CLUSTER_IMAGE_NAME}-arm64 --platform linux/arm64 -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-arm64 --platform linux/arm64 -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-arm64 --platform linux/arm64 -f Kubefile - name: Manifest Cluster Images # if push to master, then patch images to ghcr.io run: | - CLUSTER_IMAGE_NAME=${{ steps.prepare.outputs.cluster_repo }}:${{ steps.prepare.outputs.tag_name }} sudo sealos images - bash docker/patch/manifest-cluster-images.sh $CLUSTER_IMAGE_NAME + bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.cluster_image }} + bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.latest_cluster_image }} env: OWNER: ${{ github.repository_owner }} - - name: Renew issue and Sync Images + - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.cluster_image }} + uses: labring/gh-rebot@v0.0.6 + if: ${{ github.repository_owner == env.DEFAULT_OWNER }} + with: + version: v0.0.8-rc1 + env: + GH_TOKEN: "${{ secrets.GH_PAT }}" + SEALOS_TYPE: "issue_renew" + SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos" + SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md" + SEALOS_ISSUE_LABEL: "dayly-report" + SEALOS_ISSUE_TYPE: "day" + SEALOS_ISSUE_REPO: "labring-actions/cluster-image" + SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.cluster_image }}" + + - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.latest_cluster_image }} uses: labring/gh-rebot@v0.0.6 if: ${{ github.repository_owner == env.DEFAULT_OWNER }} with: @@ -268,4 +286,4 @@ jobs: SEALOS_ISSUE_LABEL: "dayly-report" SEALOS_ISSUE_TYPE: "day" SEALOS_ISSUE_REPO: "labring-actions/cluster-image" - SEALOS_COMMENT_BODY: "/imagesync ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:${{ steps.prepare.outputs.tag_name }}" + SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.latest_cluster_image }}" diff --git a/.github/workflows/frontend.yml b/.github/workflows/frontend.yml index 543a2e45440..7d262c178fa 100644 --- a/.github/workflows/frontend.yml +++ b/.github/workflows/frontend.yml @@ -164,6 +164,7 @@ jobs: echo new_docker_image=ghcr.io/${{ github.repository_owner }}/sealos-${{ env.MODULE_NAME }}-frontend:${tag_name} >> $GITHUB_OUTPUT echo cluster_repo=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend >> $GITHUB_OUTPUT echo cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend:${tag_name} >> $GITHUB_OUTPUT + echo latest_cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend:latest >> $GITHUB_OUTPUT - name: Download sealos uses: actions/download-artifact@v3 @@ -185,19 +186,21 @@ jobs: run: | sudo sed -i "s;${{ steps.prepare.outputs.old_docker_image }};${{ steps.prepare.outputs.new_docker_image }};" manifests/* sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-amd64 --platform linux/amd64 -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-amd64 --platform linux/amd64 -f Kubefile # delete old registry cache sudo rm -rf registry sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-arm64 --platform linux/arm64 -f Kubefile + sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-arm64 --platform linux/arm64 -f Kubefile - name: Manifest Cluster Images run: | - CLUSTER_IMAGE_NAME=${{ steps.prepare.outputs.cluster_image }} sudo sealos images - bash docker/patch/manifest-cluster-images.sh $CLUSTER_IMAGE_NAME + bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.cluster_image }} + bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.latest_cluster_image }} env: OWNER: ${{ github.repository_owner }} - - name: Renew issue and Sync Images + - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.cluster_image }} uses: labring/gh-rebot@v0.0.6 if: ${{ github.repository_owner == env.DEFAULT_OWNER }} with: @@ -210,4 +213,19 @@ jobs: SEALOS_ISSUE_LABEL: "dayly-report" SEALOS_ISSUE_TYPE: "day" SEALOS_ISSUE_REPO: "labring-actions/cluster-image" - SEALOS_COMMENT_BODY: "/imagesync ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend:${{ steps.prepare.outputs.tag_name }}" + SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.cluster_image }}" + + - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.latest_cluster_image }} + uses: labring/gh-rebot@v0.0.6 + if: ${{ github.repository_owner == env.DEFAULT_OWNER }} + with: + version: v0.0.8-rc1 + env: + GH_TOKEN: "${{ secrets.GH_PAT }}" + SEALOS_TYPE: "issue_renew" + SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos" + SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md" + SEALOS_ISSUE_LABEL: "dayly-report" + SEALOS_ISSUE_TYPE: "day" + SEALOS_ISSUE_REPO: "labring-actions/cluster-image" + SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.latest_cluster_image }}" diff --git a/deploy/cloud/README.md b/deploy/cloud/README.md index 993f8e73830..cea2dd50df2 100644 --- a/deploy/cloud/README.md +++ b/deploy/cloud/README.md @@ -22,11 +22,10 @@ Here is one way to get a TLS cert by using acme.sh with alidns. acme.sh --issue --dns dns_ali -d "127.0.0.1.nip.io" -d "*.127.0.0.1.nip.io" ``` - 4. base64 encode your cert and key, and save the output which will be used in the next step ```shell - base64 -w 0 ~/.acme.sh/${}/fullchain.cer - base64 -w 0 ~/.acme.sh/${}/${}.key + base64 -w 0 ~/.acme.sh/${}/fullchain.cer + base64 -w 0 ~/.acme.sh/${}/${}.key ``` Other dns api please read: https://github.com/acmesh-official/acme.sh/wiki/dnsapi @@ -34,7 +33,7 @@ Other dns api please read: https://github.com/acmesh-official/acme.sh/wiki/dnsap #### Using self-signed cert We provide a self-signed cert for you to test by default if you didn't provide a cert. You can replace it with your own cert. -### Kubernetes cluster +### Kubernetes Setup Please read sealos doc to create a kubernetes cluster: https://sealos.io/en/docs/lifecycle-management/quick-start/installation ```shell @@ -54,7 +53,7 @@ sealos apply -f Clusterfile Note: if you want to change pod cidr, please edit the `Clusterfile` before run `sealos apply` -### Ingress-nginx +### Ingress-nginx setup We use ingress-nginx to expose our services. You can install ingress-nginx by using sealos: Create `ingress-nginx-config.yaml` file @@ -83,9 +82,10 @@ Install ingress-nginx and switch to NodePort mode sealos run docker.io/labring/ingress-nginx:v1.5.1 --config-file ingress-nginx-config.yaml ``` -### Save your cert file to a sealos config file +## run sealos cloud cluster image -You can skip this step if you use the self-signed cert that we provide by default. +### Generate TLS config file +You can skip this step if you use the self-signed cert that we provide by default. Please make sure `spec.match` is the same as the image you want to run and the registry name such as ghcr.io/docker.io can @@ -105,7 +105,6 @@ spec: tls.key: ``` -## run sealos cloud cluster image ```shell sealos run docker.io/labring/sealos-cloud:latest\ --env cloudDomain="127.0.0.1.nip.io"\ diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh index e151e81b2fd..5d0dec7eccc 100644 --- a/deploy/cloud/scripts/init.sh +++ b/deploy/cloud/scripts/init.sh @@ -19,7 +19,7 @@ function mock_tls { fi mkdir -p etc/tls - openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout etc/tls/tls.key -out etc/tls/tls.crt -subj "/CN=$1" -addext "subjectAltName=DNS:*.$1" > /dev/null + openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout etc/tls/tls.key -out etc/tls/tls.crt -subj "/CN=$1" -addext "subjectAltName=DNS:$1,DNS:*.$1" >/dev/null 2>&1 sed -i -e "s;$tlsCrtPlaceholder;$(base64 -w 0 etc/tls/tls.crt);" -e "s;$tlsKeyPlaceholder;$(base64 -w 0 etc/tls/tls.key);" manifests/tls-secret.yaml } diff --git a/frontend/providers/terminal/deploy/images/shim/imagelist b/frontend/providers/terminal/deploy/images/shim/imagelist deleted file mode 100644 index faaf53793fd..00000000000 --- a/frontend/providers/terminal/deploy/images/shim/imagelist +++ /dev/null @@ -1 +0,0 @@ -docker.io/labring/docker-terminal:1.20.4-6 \ No newline at end of file