42core-team · PaulicStudios · Jul 17, 2025 · Jul 17, 2025 · Jul 17, 2025 · Jul 17, 2025
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -11,7 +11,9 @@ env:
 
 jobs:
   build-and-push:
-    runs-on: self-hosted
+    runs-on:
+      - self-hosted
+      - x64
     permissions:
       contents: read
       packages: write
@@ -51,13 +53,24 @@ jobs:
           tags: ${{ steps.docker_tags.outputs.tags }}
 
   deploy:
-    runs-on: ubuntu-latest
+    runs-on:
+      - self-hosted
     needs: build-and-push
 
     steps:
       - name: Checkout repository
         uses: actions/checkout@v3
 
+      - name: Set up kubectl
+        uses: azure/setup-kubectl@v3
+        with:
+          version: 'latest'
+
+      - name: Set up kustomize
+        uses: imranismail/setup-kustomize@v2
+        with:
+          kustomize-version: '5.0.0'
+
       - name: Set up Kubeconfig
         env:
           KUBECONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }}
@@ -82,19 +95,37 @@ jobs:
           kubectl cluster-info
 
       - name: Deploy to Kubernetes
+        env:
+          BRANCH_NAME: ${{ github.ref_name }}
+          SHORT_SHA: ${{ github.sha }}
         run: |
-          if [ "${{ github.ref_name }}" = "main" ]; then
+          if [ "$BRANCH_NAME" = "main" ]; then
             OVERLAY=main
-          elif [ "${{ github.ref_name }}" = "dev" ]; then
+            IMAGE_TAG="main"
+          elif [ "$BRANCH_NAME" = "dev" ]; then
             OVERLAY=dev
+            IMAGE_TAG="dev"
           else
             echo "Branch is not main or dev, skipping deployment."
             exit 1
           fi
+
           cd k8s/overlays/$OVERLAY
-          if [ "$OVERLAY" = "main" ]; then
-            ENV_LABEL="main"
-          else
-            ENV_LABEL="dev"
-          fi
+
+          # Create a temporary kustomization that uses the exact image from this build
+          cp kustomization.yml kustomization.yml.bak
+
+          # Update the image tag to use the branch-specific tag
+          sed -i "s/newTag: .*/newTag: $IMAGE_TAG/" kustomization.yml
+
+          echo "Deploying to $OVERLAY environment..."
+          echo "Using image tag: $IMAGE_TAG"
+
+          # Build and apply
           kustomize build . | kubectl apply -f -
+
+          # Verify deployment
+          kubectl rollout status deployment/$(kubectl get deployment -n wiki-$OVERLAY -o name | head -1 | cut -d'/' -f2) -n wiki-$OVERLAY --timeout=300s
+
+          # Restore original kustomization
+          mv kustomization.yml.bak kustomization.yml
diff --git a/k8s/base/deployment.yml b/k8s/base/deployment.yml
@@ -2,18 +2,24 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: public-wiki
+  labels:
+    app.kubernetes.io/name: public-wiki
+    app.kubernetes.io/component: web
 spec:
-  replicas: 1 # default, will be overridden by overlays
+  replicas: 1
   selector:
     matchLabels:
-      app: public-wiki
+      app.kubernetes.io/name: public-wiki
+      app.kubernetes.io/component: web
   template:
     metadata:
       labels:
-        app: public-wiki
+        app.kubernetes.io/name: public-wiki
+        app.kubernetes.io/component: web
     spec:
       containers:
       - name: public-wiki
-        image: ghcr.io/42core-team/wiki:dev # will be replaced by overlays
+        image: ghcr.io/42core-team/wiki:latest
         ports:
         - containerPort: 3000
+          name: http
diff --git a/k8s/base/ingress.yml b/k8s/base/ingress.yml
@@ -2,17 +2,20 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: public-wiki-ingress
+  labels:
+    app.kubernetes.io/name: public-wiki
+    app.kubernetes.io/component: web
   annotations:
     nginx.ingress.kubernetes.io/ssl-redirect: "true"
     cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
   ingressClassName: nginx
   tls:
   - hosts:
-    - PLACEHOLDER_HOST # will be patched in overlays
-    secretName: PLACEHOLDER_TLS_SECRET # will be patched in overlays
+    - example.com
+    secretName: public-wiki-tls
   rules:
-  - host: PLACEHOLDER_HOST # will be patched in overlays
+  - host: example.com
     http:
       paths:
       - path: /
@@ -21,4 +24,4 @@ spec:
           service:
             name: public-wiki
             port:
-              number: 80
+              name: http
diff --git a/k8s/base/kustomization.yml b/k8s/base/kustomization.yml
@@ -1,7 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
 resources:
-  - namespace.yml
   - deployment.yml
   - service.yml
   - ingress.yml
 
-namespace: wiki
+labels:
+  - pairs:
+      app.kubernetes.io/part-of: public-wiki
diff --git a/k8s/base/service.yml b/k8s/base/service.yml
@@ -2,10 +2,16 @@ apiVersion: v1
 kind: Service
 metadata:
   name: public-wiki
+  labels:
+    app.kubernetes.io/name: public-wiki
+    app.kubernetes.io/component: web
 spec:
+  type: ClusterIP
   selector:
-    app: public-wiki
+    app.kubernetes.io/name: public-wiki
+    app.kubernetes.io/component: web
   ports:
-    - protocol: TCP
-      port: 80
-      targetPort: 3000
+    - port: 80
+      targetPort: http
+      protocol: TCP
+      name: http
diff --git a/k8s/overlays/dev/kustomization.yml b/k8s/overlays/dev/kustomization.yml
@@ -1,24 +1,29 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: wiki-dev
+
 namePrefix: dev-
-namespace: wiki
+nameSuffix: -dev
+
 labels:
   - pairs:
-      app: public-wiki
-      env: dev
+      app.kubernetes.io/environment: dev
+      app.kubernetes.io/instance: dev
 
 resources:
+  - namespace.yml
   - ../../base
 
+replicas:
+  - name: public-wiki
+    count: 1
+
+images:
+  - name: ghcr.io/42core-team/wiki
+    newTag: dev
+
 patches:
-  - target:
-      kind: Deployment
-      name: public-wiki
-    patch: |-
-      - op: replace
-        path: /spec/replicas
-        value: 1
-      - op: replace
-        path: /spec/template/spec/containers/0/image
-        value: ghcr.io/42core-team/wiki:dev
   - target:
       kind: Ingress
       name: public-wiki-ingress

diff --git a/k8s/overlays/dev/namespace.yml b/k8s/overlays/dev/namespace.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: wiki-dev
+  labels:
+    app.kubernetes.io/name: public-wiki
+    app.kubernetes.io/environment: dev
diff --git a/k8s/overlays/main/kustomization.yml b/k8s/overlays/main/kustomization.yml
@@ -1,22 +1,29 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: wiki-main
+
 namePrefix: main-
-namespace: wiki
+nameSuffix: -main
+
 labels:
   - pairs:
-      app: public-wiki
-      env: main
+      app.kubernetes.io/environment: main
+      app.kubernetes.io/instance: main
+
 resources:
+  - namespace.yml
   - ../../base
+
+replicas:
+  - name: public-wiki
+    count: 3
+
+images:
+  - name: ghcr.io/42core-team/wiki
+    newTag: main
+
 patches:
-  - target:
-      kind: Deployment
-      name: public-wiki
-    patch: |-
-      - op: replace
-        path: /spec/replicas
-        value: 3
-      - op: replace
-        path: /spec/template/spec/containers/0/image
-        value: ghcr.io/42core-team/wiki:main
   - target:
       kind: Ingress
       name: public-wiki-ingress

diff --git a/k8s/overlays/main/namespace.yml b/k8s/overlays/main/namespace.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: wiki-main
+  labels:
+    app.kubernetes.io/name: public-wiki
+    app.kubernetes.io/environment: main