Skip to content

Update core-resources.md #238

Update core-resources.md

Update core-resources.md #238

name: Deploy to Production
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
env:
RELEASE_NAME: docs-portal
GCP_PROJECT: rehive-services
GKE_CLUSTER: production3
GKE_NAMESPACE: docs-portal
GKE_LOCATION: europe-west4
GKE_BASTION: gke-production3-bastion
GKE_BASTION_ZONE: europe-west4-a
GKE_BASTION_PROXY_PORT: 8888
IMAGE: gcr.io/rehive-services/docs-portal
HELM_VERSION: 3.6.3
HELM_VALUES_PATH: ./etc/helm/production/values.yaml
HELM_CHART: rehive-service
HELM_CHART_VERSION: 1.0.0
HELM_REPO_URL: https://rehive.github.io/charts
HELM_REPO_NAME: rehive
CLOUDBUILD_PATH: ./etc/docker/cloudbuild.yaml
jobs:
setup-build-publish-deploy:
name: Setup, Build, Publish, and Deploy
if: ${{ startsWith(github.ref, 'refs/tags/v') && !(contains(github.ref, 'rc') || contains(github.ref, 'alpha') || contains(github.ref, 'beta')) }} # only if version tag is created
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout@v2
with:
submodules: recursive
# Setup gcloud CLI
- name: Set up Google Cloud CLI
uses: google-github-actions/setup-gcloud@94337306dda8180d967a56932ceb4ddcf01edae7
with:
service_account_key: ${{ secrets.GKE_SA_KEY }}
project_id: ${{ env.GCP_PROJECT }}
# Get the GKE credentials so we can deploy to the cluster
- name: Set up GKE credentials
uses: google-github-actions/get-gke-credentials@fb08709ba27618c31c09e014e1d8364b02e5042e
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GKE_LOCATION }}
credentials: ${{ secrets.GKE_SA_KEY }}
# Build and push image to Google Container Registry
- name: Build and push container image
run: |-
gcloud builds submit \
--config ${{ env.CLOUDBUILD_PATH }} \
--substitutions _IMAGE=${{ env.IMAGE }},TAG_NAME=${{ github.ref_name }} \
--gcs-log-dir gs://${{ env.GCP_PROJECT }}-cloudbuild-logs/${{ env.IMAGE }}/${{ github.ref_name }}/ \
--quiet
# Run proxy
- name: Connect to Bastion Proxy
run: |-
gcloud compute start-iap-tunnel ${{ env.GKE_BASTION }} ${{ env.GKE_BASTION_PROXY_PORT }} \
--local-host-port=localhost:8123 \
--zone=${{ env.GKE_BASTION_ZONE }} \
--project=${{ env.GCP_PROJECT }} &
# Set up helm
# We are bypassing the helm repo add and helm repo update commands as they gave intermittent connectivity issues on gh-actions
- name: Set up Helm
run: |-
curl -sfL https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz | tar -xz
chmod u+x ./linux-amd64/helm
curl -O $HELM_REPO_URL/$HELM_CHART-$HELM_CHART_VERSION.tgz
# Deploy the Docker image to the GKE cluster
- name: Deploy
uses: nick-fields/retry@v2
with:
timeout_minutes: 3
max_attempts: 3
command: |-
HTTPS_PROXY=http://127.0.0.1:8123 ./linux-amd64/helm upgrade ${{ env.RELEASE_NAME }} \
--values ${{ env.HELM_VALUES_PATH }} \
--set image.tag=${{ github.ref_name }} \
${{ env.HELM_CHART }}-${{ env.HELM_CHART_VERSION }}.tgz \
--namespace ${{ env.GKE_NAMESPACE }}