Fix/update hostname pattern

.github/workflows/fluxnow-deploy.yml

@@ -0,0 +1,78 @@
+name: 🚀 Build and Push Image
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch: null
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |-
+            type=sha,prefix=sha-
+            type=ref,event=branch
+            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
+      - name: Build and push Docker image
+        id: build
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+      - name: Update Kubernetes manifests
+        if: github.ref == 'refs/heads/main'
+        run: >-
+          set -euo pipefail
+
+
+          # Use the short SHA as the tag (matching the meta tags)
+
+          TAG="sha-${GITHUB_SHA::7}"
+
+
+          echo "Updating image tag to $TAG in deploy/k8s/app.yaml"
+
+
+          # Update the image tag in app.yaml
+
+          # Matches 'image: ghcr.io/undefined/undefined:...' or similar
+
+          sed -i "s|image: ghcr.io/undefined/undefined:.*|image:
+          ghcr.io/undefined/undefined:$TAG|g" deploy/k8s/app.yaml
+
+
+          git config --global user.name "fluxnow-bot"
+
+          git config --global user.email "bot@fluxnow.dev"
+
+
+          if ! git diff --quiet deploy/k8s/app.yaml; then
+            git add deploy/k8s/app.yaml
+            git commit -m "🚀 deploy: update image to $TAG [skip ci]"
+            git push
+            echo "✅ Manifest updated and pushed"
+          else
+            echo "⏭️ No changes to manifest (tag already exists)"
+          fi

deploy/k8s/app.yaml

@@ -0,0 +1,98 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: node-express-boilerplate
+  namespace: dmisiuk-node-express-boilerplate
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: node-express-boilerplate
+  template:
+    metadata:
+      labels:
+        app: node-express-boilerplate
+    spec:
+      imagePullSecrets:
+        - name: ghcr-creds
+      containers:
+        - name: node-express-boilerplate
+          image: ghcr.io/dmisiuk/node-express-boilerplate:latest
+          ports:
+            - containerPort: 3000
+          env:
+            - name: PORT
+              value: "3000"
+            - name: HTTP_HOST
+              value: 0.0.0.0
+            - name: NODE_ENV
+              value: production
+          resources:
+            requests:
+              cpu: 125m
+              memory: 256Mi
+            limits:
+              cpu: 250m
+              memory: 512Mi
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: node-express-boilerplate
+  namespace: dmisiuk-node-express-boilerplate
+spec:
+  selector:
+    app: node-express-boilerplate
+  ports:
+    - port: 80
+      targetPort: 3000
+  type: ClusterIP
+
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: node-express-boilerplate
+  namespace: dmisiuk-node-express-boilerplate
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  rules:
+    - host: dmisiuk-node-express-boilerplate.openfab.dev
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: node-express-boilerplate
+                port:
+                  number: 80
+
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: node-express-boilerplate-secrets
+  namespace: dmisiuk-node-express-boilerplate
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: openbao-store
+    kind: ClusterSecretStore
+  target:
+    name: node-express-boilerplate-secrets
+    creationPolicy: Owner
+  data: []
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ghcr-creds
+  namespace: dmisiuk-node-express-boilerplate
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: eyAiYXV0aHMiOiB7IH0gfQ==

fluxnow.yaml

@@ -0,0 +1,13 @@
+version: v1
+kind: Service
+metadata:
+  name: demo-api
+spec:
+  runtime: node
+  port: 3000 # or whatever port the app uses
+  env:
+    - name: NODE_ENV
+      value: 'production'
+  secrets: []
+  build:
+    dockerfile: Dockerfile