ci: update workflow for PostgreSQL + OpenSearch deployment

Replace ClickHouse credentials secret with postgres-credentials and opensearch-credentials secrets. Update deploy step to apply postgres.yaml and opensearch.yaml manifests instead of clickhouse.yaml, with appropriate rollout status checks for each StatefulSet. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-16 19:00:20 +01:00
parent a344be3a49
commit cea16b38ed
1 changed files with 20 additions and 7 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -161,10 +161,17 @@ jobs:
            --from-literal=CAMELEER_JWT_SECRET="${CAMELEER_JWT_SECRET}" \
            --dry-run=client -o yaml | kubectl apply -f -

-          kubectl create secret generic clickhouse-credentials \
+          kubectl create secret generic postgres-credentials \
            --namespace=cameleer \
-            --from-literal=CLICKHOUSE_USER="$CLICKHOUSE_USER" \
-            --from-literal=CLICKHOUSE_PASSWORD="$CLICKHOUSE_PASSWORD" \
+            --from-literal=POSTGRES_USER="$POSTGRES_USER" \
+            --from-literal=POSTGRES_PASSWORD="$POSTGRES_PASSWORD" \
+            --from-literal=POSTGRES_DB="${POSTGRES_DB:-cameleer}" \
+            --dry-run=client -o yaml | kubectl apply -f -
+
+          kubectl create secret generic opensearch-credentials \
+            --namespace=cameleer \
+            --from-literal=OPENSEARCH_USER="${OPENSEARCH_USER:-admin}" \
+            --from-literal=OPENSEARCH_PASSWORD="$OPENSEARCH_PASSWORD" \
            --dry-run=client -o yaml | kubectl apply -f -

          kubectl create secret generic authentik-credentials \
@@ -182,8 +189,11 @@ jobs:
            --from-literal=CAMELEER_OIDC_CLIENT_SECRET="${CAMELEER_OIDC_CLIENT_SECRET}" \
            --dry-run=client -o yaml | kubectl apply -f -

-          kubectl apply -f deploy/clickhouse.yaml
-          kubectl -n cameleer rollout status statefulset/clickhouse --timeout=120s
+          kubectl apply -f deploy/postgres.yaml
+          kubectl -n cameleer rollout status statefulset/postgres --timeout=120s
+
+          kubectl apply -f deploy/opensearch.yaml
+          kubectl -n cameleer rollout status statefulset/opensearch --timeout=180s

          kubectl apply -f deploy/authentik.yaml
          kubectl -n cameleer rollout status deployment/authentik-server --timeout=180s
@@ -203,8 +213,11 @@ jobs:
          CAMELEER_JWT_SECRET: ${{ secrets.CAMELEER_JWT_SECRET }}
          CAMELEER_UI_USER: ${{ secrets.CAMELEER_UI_USER }}
          CAMELEER_UI_PASSWORD: ${{ secrets.CAMELEER_UI_PASSWORD }}
-          CLICKHOUSE_USER: ${{ secrets.CLICKHOUSE_USER }}
-          CLICKHOUSE_PASSWORD: ${{ secrets.CLICKHOUSE_PASSWORD }}
+          POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
+          POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
+          POSTGRES_DB: ${{ secrets.POSTGRES_DB }}
+          OPENSEARCH_USER: ${{ secrets.OPENSEARCH_USER }}
+          OPENSEARCH_PASSWORD: ${{ secrets.OPENSEARCH_PASSWORD }}
          AUTHENTIK_PG_USER: ${{ secrets.AUTHENTIK_PG_USER }}
          AUTHENTIK_PG_PASSWORD: ${{ secrets.AUTHENTIK_PG_PASSWORD }}
          AUTHENTIK_SECRET_KEY: ${{ secrets.AUTHENTIK_SECRET_KEY }}