如何尝试用 GitHub Actions 项目编写容器应用？

├── .github│   ├── actions│   │   ├── deploy│   │   │   ├── deploy│   │   │   └── Dockerfile│   │   └── dryrun│   │       ├── Dockerfile│   │       └── dryrun│   └── main.workflow└── kubernetes    ├── digitalocean.yaml    ├── external-dns.yaml    ├── micro.yaml    ├── namespaces.yaml    ├── nginx.yaml    └── openvpn.yaml

## Workflow defines what we want to call a set of actions.## For every new push check if the changes can be applied to kubernetes ## using the action called: kubectl dryrunworkflow "after a push check if they apply to kubernetes" {  on = "push"  resolves = ["kubectl dryrun"]}## When a PR is merged trigger the action: kubectl deploy. To apply the new code to master.workflow "on merge to master deploy on kubernetes" {  on = "pull_request"  resolves = ["kubectl deploy"]}## This is the action that checks if the push can be applied to kubernetesaction "kubectl dryrun" {  uses = "./.github/actions/dryrun"  secrets = ["KUBECONFIG"]}## This is the action that applies the change to kubernetesaction "kubectl deploy" {  uses = "./.github/actions/deploy"  secrets = ["KUBECONFIG"]}

├── .github    ├── actions        └── dryrun            ├── Dockerfile            └── dryrun

FROM alpine:latest
## The action name displayed by GitHubLABEL "com.github.actions.name"="kubectl dryrun"## The description for the actionLABEL "com.github.actions.description"="Check the kubernetes change to apply."## https://developer.github.com/actions/creating-github-actions/creating-a-docker-container/#supported-feather-iconsLABEL "com.github.actions.icon"="check"## The color of the action iconLABEL "com.github.actions.color"="blue"
RUN     apk add --no-cache \        bash \        ca-certificates \        curl \        git \        jq
RUN curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/amd64/kubectl && \  chmod +x /usr/bin/kubectl && \  kubectl version --client
COPY dryrun /usr/bin/dryrunCMD ["dryrun"]

#!/bin/bash
main(){    echo ">>>> Action started"    # Decode the secret passed by the action and paste the config in a file.    echo $KUBECONFIG | base64 -d > ./kubeconfig.yaml    echo ">>>> kubeconfig created"    # Check if the kubernetes directory has change    diff=$(git diff --exit-code HEAD~1 HEAD ./kubernetes)    if [ $? -eq 1 ]; then        echo ">>>> Detected a change inside the kubernetes directory"        # Apply the changes with --dryrun just to validate them        kubectl apply --kubeconfig ./kubeconfig.yaml --dry-run -f ./kubernetes    else        echo ">>>> No changed detected inside the ./kubernetes folder. Nothing to do."    fi}
main "$@"

#!/bin/bash
main(){    # Decode the secret passed by the action and paste the config in a file.    echo $KUBECONFIG | base64 -d > ./kubeconfig.yaml     # Check if it is an event generated by the PR is a merge    merged=$(jq --raw-output .pull_request.merged "$GITHUB_EVENT_PATH")    # Retrieve the base branch for the PR because I would like to apply only PR merged to master    baseRef=$(jq --raw-output .pull_request.base.ref "$GITHUB_EVENT_PATH")
    if [[ "$merged" == "true" ]] && [[ "$baseRef" == "master" ]]; then        echo ">>>> PR merged into master. Shipping to k8s!"        kubectl apply --kubeconfig ./kubeconfig.yaml -f ./kubernetes    else        echo ">>>> Nothing to do here!"    fi}
main "$@"