feat: implement full CI/CD pipeline with GitHub Actions and Flux

- Add GitHub Actions workflow to build and push Docker images to GHCR - Add Dockerfile for multi-stage builds - Update deployment to use GHCR images - Add GHCR authentication secrets - Configure Flux ImageRepository, ImagePolicy, and ImageUpdateAutomation - Remove init container approach in favor of proper Docker builds Auto-deploy flow: 1. Push to master triggers GitHub Actions 2. GitHub Actions builds image with commit hash tag 3. Image pushed to ghcr.io/unchainedio/manoon-headless 4. Flux ImageRepository detects new image 5. Flux ImageUpdateAutomation updates kustomization.yaml 6. Flux Kustomization applies new deployment 7. Kubernetes restarts pods with new image
2026-03-07 12:26:37 +02:00
parent 2c27fc65d0
commit 8f3bcebbf6
5 changed files with 140 additions and 176 deletions
--- a/k8s/deployment.yaml
+++ b/k8s/deployment.yaml
@@ -0,0 +1,72 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: storefront
+  namespace: manoonoils
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: storefront
+  template:
+    metadata:
+      labels:
+        app: storefront
+    spec:
+      imagePullSecrets:
+      - name: ghcr-auth
+      containers:
+      - name: storefront
+        image: ghcr.io/unchainedio/manoon-headless:main
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 3000
+        env:
+        - name: NODE_ENV
+          value: "production"
+        - name: PORT
+          value: "3000"
+        - name: HOSTNAME
+          value: "0.0.0.0"
+        - name: NEXT_PUBLIC_WOOCOMMERCE_URL
+          valueFrom:
+            secretKeyRef:
+              name: woocommerce-credentials
+              key: WOOCOMMERCE_URL
+        - name: NEXT_PUBLIC_WOOCOMMERCE_CONSUMER_KEY
+          valueFrom:
+            secretKeyRef:
+              name: woocommerce-credentials
+              key: WOOCOMMERCE_CONSUMER_KEY
+        - name: NEXT_PUBLIC_WOOCOMMERCE_CONSUMER_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: woocommerce-credentials
+              key: WOOCOMMERCE_CONSUMER_SECRET
+        - name: NEXT_PUBLIC_SITE_URL
+          value: "https://dev.manoonoils.com"
+        resources:
+          limits:
+            cpu: 500m
+            memory: 512Mi
+          requests:
+            cpu: 50m
+            memory: 128Mi
+        startupProbe:
+          httpGet:
+            path: /favicon.ico
+            port: 3000
+          periodSeconds: 10
+          failureThreshold: 30
+        livenessProbe:
+          httpGet:
+            path: /favicon.ico
+            port: 3000
+          periodSeconds: 30
+          failureThreshold: 3
+        readinessProbe:
+          httpGet:
+            path: /favicon.ico
+            port: 3000
+          periodSeconds: 5
+          failureThreshold: 3