ci: 统一 k8s manifest 为 apps/*/k8s/all.yaml

- 三个 app 的 5 个独立 yaml 合成单文件 all.yaml，多 doc 内显式排序，apply 不再受目录字母序影响（这是 piano-sheet run #49 NotFound 的根因） - simpleasm/cube workflow 补 Initialize K8s resources 步骤，跟 piano-sheet 对齐；今后 manifest 改动 CI 自动 apply - cube 的 _registry-ingress.yaml 不再需要前缀绕排序，去掉 _
2026-05-05 10:38:38 +01:00
parent 1cf53316df
commit 1e04655003
18 changed files with 160 additions and 141 deletions
@@ -45,8 +45,12 @@ jobs:
          docker build -f "apps/$APP/Dockerfile" -t "$IMAGE:${{ steps.tag.outputs.sha }}" .
          docker push "$IMAGE:${{ steps.tag.outputs.sha }}"
      - name: Initialize K8s resources
        run: |
          kubectl apply -f apps/cube/k8s/all.yaml
          kubectl apply -f apps/cube/k8s/registry-ingress.yaml
      - name: Roll out to k3s
        # runner 是 gnoc 用户 host shell 模式，直接用 ~/.kube/config（已配好），无需 secret
        run: |
          kubectl -n "cube-$APP" set image "deploy/$APP" "$APP=$IMAGE:${{ steps.tag.outputs.sha }}"
          kubectl -n "cube-$APP" rollout status "deploy/$APP" --timeout=120s
@@ -48,7 +48,7 @@ jobs:
      - name: Initialize K8s resources
        run: |
-          kubectl apply -f apps/piano-sheet/k8s/
+          kubectl apply -f apps/piano-sheet/k8s/all.yaml
      - name: Roll out to k3s
        run: |
@@ -45,6 +45,10 @@ jobs:
          docker build -f "apps/$APP/Dockerfile" -t "$IMAGE:${{ steps.tag.outputs.sha }}" .
          docker push "$IMAGE:${{ steps.tag.outputs.sha }}"
      - name: Initialize K8s resources
        run: |
          kubectl apply -f apps/simpleasm/k8s/all.yaml
      - name: Roll out to k3s
        run: |
          kubectl -n "cube-$APP" set image "deploy/$APP" "$APP=$IMAGE:${{ steps.tag.outputs.sha }}"
@@ -1,3 +1,8 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: cube-cube
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -44,3 +49,35 @@ spec:
            limits:
              cpu: 200m
              memory: 64Mi
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: cube
  namespace: cube-cube
 spec:
  selector:
    app: cube
  ports:
    - name: http
      port: 80
      targetPort: 8080
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: cube
  namespace: cube-cube
 spec:
  ingressClassName: traefik
  rules:
    - host: cube.famzheng.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: cube
                port:
                  number: 80
@@ -1,18 +0,0 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: cube
  namespace: cube-cube
 spec:
  ingressClassName: traefik
  rules:
    - host: cube.famzheng.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: cube
                port:
                  number: 80
@@ -1,4 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: cube-cube
@@ -1,12 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: cube
  namespace: cube-cube
 spec:
  selector:
    app: cube
  ports:
    - name: http
      port: 80
      targetPort: 8080
@@ -1,3 +1,22 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: cube-piano
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: piano-sheet-data
  namespace: cube-piano
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      # 图片直存 sqlite，留出宽裕空间
      storage: 10Gi
  # storageClassName 留空 → 走 k3s 默认 local-path（hostPath，单节点足够）
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -56,3 +75,47 @@ spec:
        - name: data
          persistentVolumeClaim:
            claimName: piano-sheet-data
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: piano-sheet
  namespace: cube-piano
 spec:
  selector:
    app: piano-sheet
  ports:
    - name: http
      port: 80
      targetPort: 8080
 ---
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: bodylimit
  namespace: cube-piano
 spec:
  buffering:
    maxRequestBodyBytes: 700000000
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: piano-sheet
  namespace: cube-piano
  annotations:
    # 上传整组图片可能 ~600MB，调高 traefik 默认上限
    traefik.ingress.kubernetes.io/router.middlewares: cube-piano-bodylimit@kubernetescrd
 spec:
  ingressClassName: traefik
  rules:
    - host: piano.famzheng.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: piano-sheet
                port:
                  number: 80
@@ -1,30 +0,0 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: piano-sheet
  namespace: cube-piano
  annotations:
    # 上传整组图片可能 ~600MB，调高 traefik 默认上限
    traefik.ingress.kubernetes.io/router.middlewares: cube-piano-bodylimit@kubernetescrd
 spec:
  ingressClassName: traefik
  rules:
    - host: piano.famzheng.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: piano-sheet
                port:
                  number: 80
 ---
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: bodylimit
  namespace: cube-piano
 spec:
  buffering:
    maxRequestBodyBytes: 700000000
@@ -1,4 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: cube-piano
@@ -1,13 +0,0 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: piano-sheet-data
  namespace: cube-piano
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      # 图片直存 sqlite，留出宽裕空间
      storage: 10Gi
  # storageClassName 留空 → 走 k3s 默认 local-path（hostPath，单节点足够）
@@ -1,12 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: piano-sheet
  namespace: cube-piano
 spec:
  selector:
    app: piano-sheet
  ports:
    - name: http
      port: 80
      targetPort: 8080
@@ -1,3 +1,21 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: cube-simpleasm
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: simpleasm-data
  namespace: cube-simpleasm
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
  # storageClassName 留空 → 走 k3s 默认 local-path（hostPath，单节点足够）
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -56,3 +74,35 @@ spec:
        - name: data
          persistentVolumeClaim:
            claimName: simpleasm-data
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: simpleasm
  namespace: cube-simpleasm
 spec:
  selector:
    app: simpleasm
  ports:
    - name: http
      port: 80
      targetPort: 8080
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: simpleasm
  namespace: cube-simpleasm
 spec:
  ingressClassName: traefik
  rules:
    - host: asm.famzheng.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: simpleasm
                port:
                  number: 80
@@ -1,18 +0,0 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: simpleasm
  namespace: cube-simpleasm
 spec:
  ingressClassName: traefik
  rules:
    - host: asm.famzheng.me
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: simpleasm
                port:
                  number: 80
@@ -1,4 +0,0 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: cube-simpleasm
@@ -1,12 +0,0 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: simpleasm-data
  namespace: cube-simpleasm
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
  # storageClassName 留空 → 走 k3s 默认 local-path（hostPath，单节点足够）
@@ -1,12 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: simpleasm
  namespace: cube-simpleasm
 spec:
  selector:
    app: simpleasm
  ports:
    - name: http
      port: 80
      targetPort: 8080