-
-
Notifications
You must be signed in to change notification settings - Fork 14
165 lines (148 loc) · 4.95 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
env:
DOCKER_REGISTRY: ghcr.io
DOCKER_SCAN_SUGGEST: false
name: Deploy
on:
workflow_dispatch:
inputs:
environment:
description: Select the environment
type: environment
rolloutRestartStatefulSets:
default: false
description: Restart stateful sets
required: true
type: boolean
jobs:
build-backend-docker-image:
environment: ${{ inputs.environment }}
name: Build backend docker image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Log in to the container registry
uses: docker/login-action@v3
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up docker buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata for docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}/backend
tags: |
type=raw,value=${{ vars.DOCKER_IMAGE_TAG }}
- name: Build and push docker image
uses: docker/build-push-action@v5
with:
cache-from: type=gha
cache-to: type=gha,mode=max
context: backend
labels: ${{ steps.meta.outputs.labels }}
push: true
tags: ${{ steps.meta.outputs.tags }}
build-frontend-docker-image:
environment: ${{ inputs.environment }}
name: Build frontend docker image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Log in to the container registry
uses: docker/login-action@v3
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up docker buildx
uses: docker/setup-buildx-action@v3
- id: meta
name: Extract metadata for docker
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}/frontend
tags: |
type=raw,value=${{ vars.DOCKER_IMAGE_TAG }}
- name: Build and push docker image
uses: docker/build-push-action@v5
with:
cache-from: type=gha
cache-to: type=gha,mode=max
context: frontend
labels: ${{ steps.meta.outputs.labels }}
push: true
tags: ${{ steps.meta.outputs.tags }}
install-helm-chart-and-run-updates:
environment: ${{ inputs.environment }}
name: Install helm chart
needs:
- build-backend-docker-image
- build-frontend-docker-image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup kube tools
uses: yokawasa/[email protected]
with:
setup-tools: |
helm
kubectl
- name: Create kube config
run: |
mkdir ${HOME}/.kube
echo "${{ secrets.KUBE_CONFIG }}" | base64 -d > ${HOME}/.kube/config
chmod 400 ${HOME}/.kube/config
- name: Install helm chart
run: |
helm upgrade poeticmetric chart \
--install \
--namespace ${{ vars.KUBERNETES_NAMESPACE }} \
--set clickhouse.password="${{ secrets.CLICKHOUSE_PASSWORD }}" \
--set clickhouse.user="${{ secrets.CLICKHOUSE_USER }}" \
--set ghcrAuth="${{ secrets.GHCR_AUTH }}" \
--set poeticmetric.smtp.password="${{ secrets.SMTP_PASSWORD }}" \
--set poeticmetric.smtp.user="${{ secrets.SMTP_USER }}" \
--set postgres.password="${{ secrets.POSTGRES_PASSWORD }}" \
--set postgres.user="${{ secrets.POSTGRES_USER }}" \
--set redis.password="${{ secrets.REDIS_PASSWORD }}" \
--values etc/${{ inputs.environment }}/values.yaml
- name: Rollout restart workloads
run: |
kubectl rollout restart deployment \
--namespace ${{ vars.KUBERNETES_NAMESPACE }} \
--selector='restart-on-deploy=true'
- if: inputs.environment != 'production' && inputs.rolloutRestartStatefulSets == true
name: Rollout restart stateful sets
run: |
kubectl rollout restart statefulset \
--namespace ${{ vars.KUBERNETES_NAMESPACE }} \
tag:
name: Tag
needs:
- install-helm-chart-and-run-updates
runs-on: ubuntu-latest
steps:
- name: Advance the environment tag
uses: actions/github-script@v7
with:
script: |
try {
await github.rest.git.deleteRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: "tags/${{ inputs.environment }}",
});
} catch (e) {
console.log("The ${{ inputs.environment }} tag doesn't exist yet: " + e);
}
await github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: "refs/tags/${{ inputs.environment }}",
sha: context.sha,
});