From 363f71d4a644b7aba01b82dad788dcc7fbd0ab8e Mon Sep 17 00:00:00 2001 From: Mayne0213 Date: Sun, 28 Dec 2025 17:08:24 +0900 Subject: [PATCH] REFACTOR(config): use gitea kubeconfig - Remove local kubeconfig detection logic - Use KUBECONFIG secret from Gitea - Decode base64-encoded kubeconfig - Simplify setup and improve security --- .gitea/workflows/build.yml | 29 ++++++++++------------------- 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index d34f48b..fcff3a5 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -36,33 +36,24 @@ jobs: kubectl version --client - name: Setup kubeconfig + env: + KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }} run: | mkdir -p $HOME/.kube - # Check if K3s config exists locally - if [ -f /etc/rancher/k3s/k3s.yaml ]; then - sudo cat /etc/rancher/k3s/k3s.yaml > $HOME/.kube/config - else - # If not, try to get it from master node - echo "K3s config not found locally, checking runner location..." - hostname - pwd - whoami - - # Try to copy from master node via sudo (if runner has access) - if sudo test -f /etc/rancher/k3s/k3s.yaml; then - sudo cp /etc/rancher/k3s/k3s.yaml $HOME/.kube/config - sudo chown $(whoami):$(whoami) $HOME/.kube/config - else - echo "❌ ERROR: Cannot find kubeconfig. Please configure KUBECONFIG secret." - exit 1 - fi + if [ -z "$KUBECONFIG_CONTENT" ]; then + echo "❌ ERROR: KUBECONFIG secret is not set." + echo "Please add kubeconfig to Gitea Secrets with name 'KUBECONFIG'" + exit 1 fi + # Decode and save kubeconfig + echo "$KUBECONFIG_CONTENT" | base64 -d > $HOME/.kube/config chmod 600 $HOME/.kube/config # Test connection - kubectl get nodes || sudo kubectl get nodes + echo "Testing Kubernetes connection..." + kubectl get nodes -o wide - name: Lowercase repository name id: lowercase