aula-11: ArgoCD + GitLab Runner para GitOps CI/CD

- ArgoCD via Helm com recursos mínimos (~1Gi)
- GitLab Runner com executor Kubernetes
- Exemplo node-bugado com Dockerfile e .gitlab-ci.yml
- Manifests K8s para repositório GitOps
- README.md da aula-03 (liveness + readiness probes)

aula-11/node-bugado/.gitlab-ci.yml

@@ -0,0 +1,116 @@
+# =============================================================================
+# GitLab CI/CD Pipeline - node-bugado
+# =============================================================================
+#
+# Pipeline GitOps:
+#   1. Build: Constrói imagem Docker e faz push para GitLab Registry
+#   2. Deploy: Atualiza manifests no repo GitOps (ArgoCD faz sync)
+#
+# Variáveis necessárias (Settings → CI/CD → Variables):
+#   - GITOPS_REPO: URL do repositório GitOps (ex: git@git.kube.quest:user/gitops-demo.git)
+#   - DEPLOY_KEY: Chave SSH privada para push no repo GitOps
+#
+# =============================================================================
+
+stages:
+  - build
+  - deploy
+
+variables:
+  # Registry do GitLab
+  REGISTRY: ${CI_REGISTRY}
+  IMAGE_NAME: ${CI_REGISTRY_IMAGE}
+  # Para usar registry externo, descomente:
+  # REGISTRY: registry.kube.quest
+  # IMAGE_NAME: ${REGISTRY}/${CI_PROJECT_PATH}
+
+# =============================================================================
+# BUILD - Construir e publicar imagem Docker
+# =============================================================================
+build:
+  stage: build
+  image: docker:24
+  services:
+    - docker:24-dind
+  variables:
+    DOCKER_TLS_CERTDIR: "/certs"
+  before_script:
+    - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
+  script:
+    - echo "Building ${IMAGE_NAME}:${CI_COMMIT_SHA}"
+    - docker build -t ${IMAGE_NAME}:${CI_COMMIT_SHA} .
+    - docker tag ${IMAGE_NAME}:${CI_COMMIT_SHA} ${IMAGE_NAME}:latest
+    - docker push ${IMAGE_NAME}:${CI_COMMIT_SHA}
+    - docker push ${IMAGE_NAME}:latest
+  only:
+    - main
+    - master
+  tags:
+    - kubernetes
+    - docker
+
+# =============================================================================
+# DEPLOY - Atualizar manifests no repositório GitOps
+# =============================================================================
+deploy:
+  stage: deploy
+  image: alpine:latest
+  before_script:
+    - apk add --no-cache git openssh-client
+    # Configurar SSH para o repo GitOps
+    - mkdir -p ~/.ssh
+    - echo "${DEPLOY_KEY}" | tr -d '\r' > ~/.ssh/id_ed25519
+    - chmod 600 ~/.ssh/id_ed25519
+    - ssh-keyscan -t ed25519 $(echo ${GITOPS_REPO} | sed 's/.*@\([^:]*\).*/\1/') >> ~/.ssh/known_hosts 2>/dev/null || true
+    # Configurar git
+    - git config --global user.email "ci@gitlab.local"
+    - git config --global user.name "GitLab CI"
+  script:
+    - echo "Updating GitOps repo with image ${IMAGE_NAME}:${CI_COMMIT_SHA}"
+    # Clonar repo GitOps
+    - git clone ${GITOPS_REPO} gitops
+    - cd gitops
+    # Atualizar tag da imagem no deployment
+    - |
+      if [ -f apps/node-bugado/deployment.yaml ]; then
+        sed -i "s|image:.*node-bugado.*|image: ${IMAGE_NAME}:${CI_COMMIT_SHA}|g" apps/node-bugado/deployment.yaml
+        git add apps/node-bugado/deployment.yaml
+        git commit -m "Deploy node-bugado ${CI_COMMIT_SHA:0:8}
+
+        Pipeline: ${CI_PIPELINE_URL}
+        Commit: ${CI_COMMIT_SHA}
+        Author: ${CI_COMMIT_AUTHOR}"
+        git push
+        echo "GitOps repo updated successfully"
+      else
+        echo "WARNING: apps/node-bugado/deployment.yaml not found"
+        echo "Please create the GitOps structure first"
+        exit 1
+      fi
+  only:
+    - main
+    - master
+  tags:
+    - kubernetes
+  when: on_success
+  needs:
+    - build
+
+# =============================================================================
+# NOTAS
+# =============================================================================
+#
+# Para configurar as variáveis:
+#
+# 1. GITOPS_REPO:
+#    - Vá em Settings → CI/CD → Variables
+#    - Adicione: GITOPS_REPO = git@git.kube.quest:usuario/gitops-demo.git
+#
+# 2. DEPLOY_KEY:
+#    - Gere uma chave: ssh-keygen -t ed25519 -f deploy-key -N ''
+#    - Adicione a chave PÚBLICA no repo GitOps: Settings → Repository → Deploy Keys
+#    - Marque "Grant write permissions to this key"
+#    - Adicione a chave PRIVADA como variável: DEPLOY_KEY = <conteúdo de deploy-key>
+#    - Marque como "Protected" e "Masked"
+#
+# =============================================================================