Shoulder.dev Logo Shoulder.dev

Continuous Delivery with FluxCD and GitHub

Scenario: A developer wants to implement continuous delivery using FluxCD and GitHub. In this example, we will demonstrate how to use FluxCD’s GitOps workflow to automatically deploy changes from a GitHub repository.

First, let’s understand the FluxCD ecosystem. FluxCD is an open-source continuous delivery solution for Kubernetes. It provides GitOps for both applications and infrastructure, enabling automatic reconciliation of desired state with the actual state in your Kubernetes clusters. FluxCD integrates with various Git providers, container registries, and CI workflow providers.

To get started, let’s assume we have a GitHub repository named my-app-repo containing our application code. We will use GitHub Actions to automate the build, test, and deployment process.

  1. Create a GitHub Action Workflow

Create a new file named .github/workflows/ci.yml in the root directory of your my-app-repo repository. This file will define the GitHub Actions workflow.

name: CI
on:
push:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Go
uses: actions/setup-go@v1
with:
go-version: '1.17'
- name: Install Dependencies
run: go get -d .
- name: Build
run: go build .
- name: Test
run: go test .
- name: Deploy
uses: actions/deploy-kubernetes@v2
with:
kube-context: my-kube-context
namespace: my-namespace
manifest: ./manifests/app.yaml

This workflow is triggered whenever there is a push to the main branch. It builds the application using Go, runs tests, and then deploys the application to the Kubernetes cluster using the actions/deploy-kubernetes action.

  1. Create a Kubernetes Manifest

Create a new directory named manifests in the root directory of your my-app-repo repository. Inside this directory, create a new file named app.yaml that defines the Kubernetes manifest for your application.

apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: my-registry/my-app:latest
ports:
- containerPort: 8080
  1. Initialize FluxCD

To initialize FluxCD, you need to create a flux directory in the root of your repository and add the necessary configuration files.

mkdir flux
cat > flux/config.yaml <<EOF
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: Source
metadata:
name: my-app-repo
namespace: my-namespace
source:
git:
url: https://github.com/username/my-app-repo.git
branch: main
directory:
path: manifests
EOF

This configuration file tells FluxCD to watch the my-app-repo GitHub repository for changes and apply any changes found in the manifests directory.

  1. Install FluxCD

To install FluxCD, you can use the official Helm chart. Add the following to your values.yaml file in the flux directory.

global:
git:
sshKey: |
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----

install:
helm:
chart: fluxcd/flux
version: latest
values:
global:
git:
sshKey: ${{ .values.global.git.sshKey }}
kubernetes:
iamRole: iam-role
namespace: my-namespace

Replace the sshKey value with the contents of your SSH private key.

  1. Apply the Configuration

Apply the configuration using the following command.

flux create --source git --path flux --branch main --url https://github.com/username/my-app-repo.git

This command initializes FluxCD and applies the configuration from the flux directory.

Now, whenever you push changes to the main branch of your my-app-repo repository, FluxCD will automatically detect the changes, apply them to your Kubernetes cluster, and create a Git commit with the changes.

Tests:

To verify the answer, you can check the following:

  1. Check if the GitHub Actions workflow runs correctly by checking the GitHub Actions logs.
  2. Check if the application is deployed correctly by checking the Kubernetes cluster.
  3. Check if the Git commit is created by FluxCD by checking the GitHub repository.
  4. Check if the application is updated whenever there is a new push to the main branch.
  5. Check if the application is rolled back correctly whenever there is a failure in the GitHub Actions workflow.