Merge pull request #98 from cloudnativedaysjp/seaman/release_17271405… #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitOps for production | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| jobs: | |
| gitops: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Generate token | |
| id: generate_token | |
| uses: tibdex/github-app-token@v2 | |
| with: | |
| app_id: ${{ secrets.APP_ID }} | |
| private_key: ${{ secrets.PRIVATE_KEY }} | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ap-northeast-1 | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Checkout dreamkast-infra | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: cloudnativedaysjp/dreamkast-infra | |
| path: dreamkast-infra | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: Update Kubernetes resources | |
| working-directory: dreamkast-infra/manifests/app/dreamkast/overlays/production/main | |
| run: | | |
| kustomize edit set image dreamkast-weaver=${{ steps.login-ecr.outputs.registry }}/dreamkast-weaver:${{ github.sha }} | |
| - name: Commit files | |
| working-directory: dreamkast-infra/ | |
| run: | | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "GitHub Action" | |
| git status | |
| git add -A | |
| git commit -am "Bump docker tag (${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/commit/${GITHUB_SHA})" | |
| - name: Push changes | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ steps.generate_token.outputs.token }} | |
| repository: cloudnativedaysjp/dreamkast-infra | |
| directory: dreamkast-infra | |
| branch: production/weaver-main | |
| - name: Create and Merge Pull Request | |
| uses: "actions/github-script@v6" | |
| with: | |
| github-token: ${{ steps.generate_token.outputs.token }} | |
| script: | | |
| const pr = await github.rest.pulls.create({ | |
| owner: "cloudnativedaysjp", | |
| repo: "dreamkast-infra", | |
| title: "Automated PR (production/weaver-main)", | |
| body: "**this PR is automatically created & merged**", | |
| head: "production/weaver-main", | |
| base: "main" | |
| }); | |
| await github.rest.pulls.merge({ | |
| owner: "cloudnativedaysjp", | |
| repo: "dreamkast-infra", | |
| pull_number: pr.data.number, | |
| merge_method: "squash", | |
| }); | |
| gitops-ecs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| - name: Install jsonnet | |
| run: | | |
| go install github.com/google/go-jsonnet/cmd/jsonnet@latest | |
| go install github.com/google/go-jsonnet/cmd/jsonnetfmt@latest | |
| - name: Generate token | |
| id: generate_token | |
| uses: tibdex/github-app-token@v2 | |
| with: | |
| app_id: ${{ secrets.APP_ID }} | |
| private_key: ${{ secrets.PRIVATE_KEY }} | |
| - name: Checkout dreamkast-infra | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: cloudnativedaysjp/dreamkast-infra | |
| path: dreamkast-infra | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: get tag name | |
| id: get-tag-name | |
| run: echo "tag-name=${GITHUB_REF#refs/*/}" >> "$GITHUB_OUTPUT" | |
| - name: Update image-tags | |
| working-directory: dreamkast-infra/ecspresso/prod | |
| run: | | |
| cat << _EOL_ | jsonnet - > ./const.libsonnet.tmp | |
| local const = import './const.libsonnet'; | |
| const + { | |
| imageTags: const.imageTags + { | |
| dreamkast_weaver: "${{ steps.get-tag-name.outputs.tag-name }}", | |
| }, | |
| } | |
| _EOL_ | |
| mv const.libsonnet.tmp const.libsonnet | |
| jsonnetfmt -i const.libsonnet | |
| - name: Commit files | |
| id: commit_files | |
| continue-on-error: true | |
| working-directory: dreamkast-infra/ | |
| run: | | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "GitHub Action" | |
| git status | |
| git add -A | |
| git commit -am "Bump docker tag (${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/releases/tag/${{ steps.get-tag-name.outputs.tag-name }})" | |
| - name: Push changes | |
| if: steps.commit_files.outcome == 'success' | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ steps.generate_token.outputs.token }} | |
| repository: cloudnativedaysjp/dreamkast-infra | |
| directory: dreamkast-infra | |
| branch: gitops/production/weaver-main | |
| - name: Create and Merge Pull Request | |
| if: steps.commit_files.outcome == 'success' | |
| uses: "actions/github-script@v7" | |
| with: | |
| github-token: ${{ steps.generate_token.outputs.token }} | |
| script: | | |
| const pr = await github.rest.pulls.create({ | |
| owner: "cloudnativedaysjp", | |
| repo: "dreamkast-infra", | |
| title: "Automated PR (gitops/production/weaver-main)", | |
| body: "**this PR is automatically created & merged**", | |
| head: "gitops/production/weaver-main", | |
| base: "main" | |
| }); | |
| await github.rest.pulls.merge({ | |
| owner: "cloudnativedaysjp", | |
| repo: "dreamkast-infra", | |
| pull_number: pr.data.number, | |
| merge_method: "squash", | |
| }); |