feat(k8s): CoreDNS GitOps 架構 (ADR-026)

問題: DNS 配置沒有版本控制，手動修改易遺失架構: - k8s/k3s-system/coredns-custom.yaml: HelmChartConfig - CD workflow: k3s-system 路徑偵測 + 自動 apply - ADR-026: CoreDNS GitOps 管控架構 DNS 上游: - 使用 8.8.8.8 + 1.1.1.1 - 禁止 /etc/resolv.conf (systemd-resolved) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-26 18:43:28 +08:00
parent 7847e00b1b
commit 0a9d94d82b
4 changed files with 287 additions and 5 deletions
--- a/.github/workflows/cd.yaml
+++ b/.github/workflows/cd.yaml
@@ -111,6 +111,7 @@ jobs:
    outputs:
      api: ${{ inputs.force_deploy == true && 'true' || steps.filter.outputs.api }}
      web: ${{ inputs.force_deploy == true && 'true' || steps.filter.outputs.web }}
+      k3s-system: ${{ steps.filter.outputs.k3s-system }}
    steps:
      # 2026-03-26: 清理暫存目錄 (temp + pages)
      - name: "Clean Runner temp"
@@ -135,6 +136,8 @@ jobs:
              - 'packages/**'
              - 'package.json'
              - 'pnpm-lock.yaml'
+            k3s-system:
+              - 'k8s/k3s-system/**'

  # ==================== 並行建構 API ====================
  build-api:
@@ -280,6 +283,15 @@ jobs:

          kubectl apply -k .

+      # 2026-03-26: CoreDNS GitOps 同步 (ADR-026)
+      - name: Sync CoreDNS Config
+        if: needs.detect-changes.outputs.k3s-system == 'true'
+        run: |
+          echo "📦 同步 CoreDNS 配置到 K3s..."
+          # HelmChartConfig 是 K8s 資源，直接 apply
+          kubectl apply -f k8s/k3s-system/coredns-custom.yaml
+          echo "✅ CoreDNS 配置已同步"
+
      - name: Wait for rollout
        run: |
          kubectl rollout status deployment/awoooi-web -n awoooi-prod --timeout=300s || true