Add initial code

szymonrychu · Jun 13, 2022 · 4792450 · 4792450
1 parent 05e24e2
commit 4792450
Show file tree

Hide file tree

Showing 16 changed files with 916 additions and 0 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,92 @@
+name: main
+
+on:
+  push:
+    branches:
+      - master
+      - '**'
+
+env:
+  GIT_SHA: ${{ github.sha }}
+  GIT_REF: ${{ github.ref }}
+  CONTAINER_NAME: code-server-oauth2
+  CHART_NAME: code-server-oauth2
+  CHART_GIT_BRANCH: master
+  CHART_REPOSITORY: szymonrychu/charts
+  BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
+  BOT_EMAIL: "szymon.rychu@gmail.com"
+  BOT_USERNAME: "szymonrychu"
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+  CONTAINER_REGISTRY: szymonrychu
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Parse versions in commit and setup debs
+        run: |
+          export LATEST_REPO_TAG=$(git tag -l --sort=-v:refname "[0-9]*" | head -n1)
+          if [ -z "${LATEST_REPO_TAG}" ]; then
+            export LATEST_REPO_TAG="0.0.1"
+          fi
+          export SHORT_SHA=$(echo ${GIT_SHA:0:7})
+
+          export APP_VERSION=${LATEST_REPO_TAG}-${SHORT_SHA}
+          export CHART_VERSION=${LATEST_REPO_TAG}-$(git show -s --format=%ct HEAD)-${SHORT_SHA}
+          export CONTAINER_VERSION=${GIT_SHA:0:7}
+
+          echo "APP_VERSION=${APP_VERSION}" >> $GITHUB_ENV
+          echo "CHART_VERSION=${CHART_VERSION}" >> $GITHUB_ENV
+          echo "CONTAINER_VERSION=${CONTAINER_VERSION}" >> $GITHUB_ENV
+          echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_ENV
+          echo "LATEST_REPO_TAG=${LATEST_REPO_TAG}" >> $GITHUB_ENV
+
+          sudo wget https://github.com/mikefarah/yq/releases/download/3.4.0/yq_linux_amd64 -O /usr/bin/yq
+          sudo chmod +x /usr/bin/yq
+
+          curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
+
+      - name: Update metadata files
+        run: |
+          set -e
+          cd chart
+          yq w -i ${CHART_NAME}/Chart.yaml version ${CHART_VERSION}
+          yq w -i ${CHART_NAME}/Chart.yaml appVersion ${CONTAINER_VERSION}
+
+      - name: Build, tag, and push panel image to DockerHub
+        run: |
+          set -e
+
+          echo "${DOCKERHUB_PASSWORD}" | docker login -u ${DOCKERHUB_USERNAME} --password-stdin
+          
+          docker build -t ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${CONTAINER_VERSION} .
+          docker push ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${CONTAINER_VERSION}
+
+      - name: Package and push helm chart
+        run: |
+          set -e
+
+          cd chart
+
+          CHART_PWD=$(pwd)
+
+          helm dep update ${CHART_NAME}
+          helm package -u ${CHART_NAME}
+
+          git clone https://x-access-token:${BOT_TOKEN}@github.com/${CHART_REPOSITORY}.git /tmp/repo
+          cd /tmp/repo
+          git checkout ${CHART_GIT_BRANCH}
+
+          mv ${CHART_PWD}/${CHART_NAME}-${CHART_VERSION}.tgz ./
+          helm repo index .
+
+          git config --global user.email "${BOT_EMAIL}"
+          git config --global user.name "${BOT_USERNAME}"
+          git add -A
+          git commit -m "Add ${CHART_NAME} ${CHART_VERSION}"
+          git push origin ${CHART_GIT_BRANCH}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,96 @@
+name: release
+
+on:
+  push:
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+'
+
+env:
+  GIT_SHA: ${{ github.sha }}
+  GIT_REF: ${{ github.ref }}
+  CONTAINER_NAME: code-server-oauth2
+  CHART_NAME: code-server-oauth2
+  CHART_GIT_BRANCH: master
+  CHART_REPOSITORY: szymonrychu/charts
+  BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
+  BOT_EMAIL: "szymon.rychu@gmail.com"
+  BOT_USERNAME: "szymonrychu"
+  DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+  CONTAINER_REGISTRY: szymonrychu
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Parse versions in commit and setup debs
+      run: |
+        export LATEST_REPO_TAG=$(git tag -l --sort=-v:refname "[0-9]*" | head -n1)
+
+        export SHORT_SHA=$(echo ${GIT_SHA:0:7})
+
+        echo "APP_VERSION=${LATEST_REPO_TAG}" >> $GITHUB_ENV
+        echo "CHART_VERSION=${LATEST_REPO_TAG}" >> $GITHUB_ENV
+        echo "CONTAINER_VERSION=${LATEST_REPO_TAG}" >> $GITHUB_ENV
+        echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_ENV
+        echo "LATEST_REPO_TAG=${LATEST_REPO_TAG}" >> $GITHUB_ENV
+
+        echo $SHORT_SHA
+        echo $LATEST_REPO_TAG
+
+        sudo wget https://github.com/mikefarah/yq/releases/download/3.4.0/yq_linux_amd64 -O /usr/bin/yq
+        sudo chmod +x /usr/bin/yq
+
+        curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
+
+    - name: Update metadata files
+      run: |
+        set -e
+        cd chart
+        yq w -i ${CHART_NAME}/Chart.yaml version ${CHART_VERSION}
+        yq w -i ${CHART_NAME}/Chart.yaml appVersion ${CONTAINER_VERSION}
+
+    - name: Build, tag, and push panel image to Amazon ECR
+      run: |
+        set -e
+        
+        echo "${DOCKERHUB_PASSWORD}" | docker login -u ${DOCKERHUB_USERNAME} --password-stdin
+
+        docker pull ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${GIT_SHA:0:7}
+        docker tag ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${GIT_SHA:0:7} ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${LATEST_REPO_TAG}
+        docker push ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${LATEST_REPO_TAG}
+
+        docker tag ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${GIT_SHA:0:7} ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:latest
+        docker push ${CONTAINER_REGISTRY}/${CONTAINER_NAME}:${LATEST_REPO_TAG}
+
+    - name: Package and push helm chart
+      run: |
+        set -e
+
+        cd chart
+
+        CHART_PWD=$(pwd)
+
+        helm dep update ${CHART_NAME}
+        helm package -u ${CHART_NAME}
+
+        git clone https://x-access-token:${BOT_TOKEN}@github.com/${CHART_REPOSITORY}.git /tmp/repo
+        cd /tmp/repo
+        git checkout ${CHART_GIT_BRANCH}
+
+        mv ${CHART_PWD}/${CHART_NAME}-${CHART_VERSION}.tgz ./
+        helm repo index .
+
+        git config --global user.email "${BOT_EMAIL}"
+        git config --global user.name "${BOT_USERNAME}"
+        git add -A
+        git commit -m "Release ${CHART_NAME} ${CHART_VERSION}"
+        git push origin ${CHART_GIT_BRANCH}
+
+    - name: Create GH Release
+      uses: notlmn/release-with-changelog@v3
+      with:
+        token: ${{ secrets.BOT_TOKEN }}
+        template: '{commits}'
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,27 @@
+
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+bin
+testbin/*
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Kubernetes Generated files - skip generated files, except for vendored files
+
+!vendor/**/zz_generated.*
+
+# editor and IDE paraphernalia
+.idea
+*.swp
+*.swo
+*~
+
+.vscode
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,54 @@
+FROM lscr.io/linuxserver/code-server:4.4.0-ls124
+
+USER root
+
+RUN set -ex;\
+    apt-get update;\
+    apt-get install -y --no-install-recommends \
+        wget git vim curl jq gnupg zsh sed unzip
+
+RUN set -ex;\
+    adduser abc sudo;\
+    echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
+RUN set -ex;\
+    wget -qO /usr/local/bin/kubectl "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl";\
+    chmod +x /usr/local/bin/kubectl;\
+    wget -qO /usr/local/bin/stern https://github.com/wercker/stern/releases/download/1.11.0/stern_linux_amd64;\
+    chmod +x /usr/local/bin/stern;\
+    curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash;\
+    (helm plugin install https://github.com/databus23/helm-diff || helm plugin update diff);\
+    (helm plugin install https://github.com/futuresimple/helm-secrets || helm plugin update secrets);\
+    curl -s https://api.github.com/repos/roboll/helmfile/releases/latest |  jq -r '.assets[] | .browser_download_url' | grep 'linux_amd64' | xargs wget -qO /usr/local/bin/helmfile;\
+    chmod +x /usr/local/bin/helmfile;\
+    wget -qO /tmp/terraform.zip https://releases.hashicorp.com/terraform/1.2.2/terraform_1.2.2_linux_amd64.zip;\
+    unzip /tmp/terraform.zip;\
+    rm /tmp/terraform.zip;\
+    mv terraform /usr/local/bin/terraform;\
+    git clone --depth 1 https://github.com/ahmetb/kubectx /opt/kubectx;\
+    ln -s /opt/kubectx/kubectx /usr/local/bin/kubectx;\
+    ln -s /opt/kubectx/kubens /usr/local/bin/kubens;\
+    chown -R abc /config
+
+USER abc
+
+RUN set -xe;\
+    sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)";\
+    mkdir -p /config/.oh-my-zsh/completions;\
+    ln -s /opt/kubectx/completion/_kubectx.zsh /config/.oh-my-zsh/completions/_kubectx.zsh;\
+    ln -s /opt/kubectx/completion/_kubens.zsh /config/.oh-my-zsh/completions/_kubens.zsh;\
+    echo 'source <(helm completion zsh)' >> /config/.zshrc;\
+    wget -qO /config/.oh-my-zsh/completions/_helmfile.zsh https://raw.githubusercontent.com/roboll/helmfile/master/autocomplete/helmfile_zsh_autocomplete;\
+    echo 'source <(stern --completion=zsh)' >> /config/.zshrc
+
+
+USER root
+
+# ENTRYPOINT [ "/bin/bash" ]
+
+# CMD [ "-c", "HOME='/config' /app/code-server/bin/code-server --bind-addr=0.0.0.0:8443 --user-data-dir=/config/.config/data --extensions-dir=/config/.config/extensions --disable-telemetry --auth=${AUTH:-none} --proxy-domain=${PROXY_DOMAIN} /config"]
+
+
+
+
+# RUN unset NB_USER
diff --git a/chart/code-server-oauth2/.helmignore b/chart/code-server-oauth2/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/chart/code-server-oauth2/Chart.yaml b/chart/code-server-oauth2/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: code-server-oauth2
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.0.1
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.0.1"
diff --git a/chart/code-server-oauth2/templates/NOTES.txt b/chart/code-server-oauth2/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "code-server-oauth2.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "code-server-oauth2.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "code-server-oauth2.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "code-server-oauth2.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}