add tls certif #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Kong API Gateway | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| deploy-kong: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| - name: Set Kubeconfig as Environment Variable | |
| run: | | |
| mkdir -p $HOME/.kube | |
| printf "%s" "${{ secrets.KUBE_CONFIG }}" | base64 --decode > $HOME/.kube/config | |
| export KUBECONFIG=$HOME/.kube/config | |
| chmod 600 $HOME/.kube/config | |
| echo "KUBECONFIG set." | |
| - name: Generate self-signed TLS certificate | |
| run: | | |
| openssl req -x509 -nodes -days 365 \ | |
| -newkey rsa:2048 \ | |
| -keyout key.pem \ | |
| -out cert.pem \ | |
| -subj "/CN=172.233.5.227" \ | |
| -addext "subjectAltName=IP:172.233.5.227" | |
| - name: Create Kubernetes TLS secret for Kong proxy | |
| run: | | |
| kubectl create namespace kong --dry-run=client -o yaml | kubectl apply -f - | |
| kubectl delete secret kong-proxy-tls -n kong --ignore-not-found | |
| kubectl create secret tls kong-proxy-tls \ | |
| --cert=cert.pem \ | |
| --key=key.pem \ | |
| -n kong | |
| - name: Add Kong Helm Repo | |
| run: | | |
| helm repo add kong https://charts.konghq.com | |
| helm repo update | |
| - name: Deploy Kong with Helm | |
| run: | | |
| helm upgrade --install kong kong/kong \ | |
| --namespace kong \ | |
| --create-namespace \ | |
| --values helm/values.yaml | |
| - name: Apply Kong Plugin and Ingress Resources | |
| run: | | |
| kubectl apply -f k8s/ |