Update changelog.md #240
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Production | |
| on: | |
| push: | |
| tags: | |
| - 'v[0-9]+.[0-9]+.[0-9]+' | |
| env: | |
| RELEASE_NAME: docs-portal | |
| GCP_PROJECT: rehive-services | |
| GKE_CLUSTER: production3 | |
| GKE_NAMESPACE: docs-portal | |
| GKE_LOCATION: europe-west4 | |
| GKE_BASTION: gke-production3-bastion | |
| GKE_BASTION_ZONE: europe-west4-a | |
| GKE_BASTION_PROXY_PORT: 8888 | |
| IMAGE: gcr.io/rehive-services/docs-portal | |
| HELM_VERSION: 3.6.3 | |
| HELM_VALUES_PATH: ./etc/helm/production/values.yaml | |
| HELM_CHART: rehive-service | |
| HELM_CHART_VERSION: 1.0.0 | |
| HELM_REPO_URL: https://rehive.github.io/charts | |
| HELM_REPO_NAME: rehive | |
| CLOUDBUILD_PATH: ./etc/docker/cloudbuild.yaml | |
| jobs: | |
| setup-build-publish-deploy: | |
| name: Setup, Build, Publish, and Deploy | |
| if: ${{ startsWith(github.ref, 'refs/tags/v') && !(contains(github.ref, 'rc') || contains(github.ref, 'alpha') || contains(github.ref, 'beta')) }} # only if version tag is created | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| with: | |
| submodules: recursive | |
| # Setup gcloud CLI | |
| - name: Set up Google Cloud CLI | |
| uses: google-github-actions/setup-gcloud@94337306dda8180d967a56932ceb4ddcf01edae7 | |
| with: | |
| service_account_key: ${{ secrets.GKE_SA_KEY }} | |
| project_id: ${{ env.GCP_PROJECT }} | |
| # Get the GKE credentials so we can deploy to the cluster | |
| - name: Set up GKE credentials | |
| uses: google-github-actions/get-gke-credentials@fb08709ba27618c31c09e014e1d8364b02e5042e | |
| with: | |
| cluster_name: ${{ env.GKE_CLUSTER }} | |
| location: ${{ env.GKE_LOCATION }} | |
| credentials: ${{ secrets.GKE_SA_KEY }} | |
| # Build and push image to Google Container Registry | |
| - name: Build and push container image | |
| run: |- | |
| gcloud builds submit \ | |
| --config ${{ env.CLOUDBUILD_PATH }} \ | |
| --substitutions _IMAGE=${{ env.IMAGE }},TAG_NAME=${{ github.ref_name }} \ | |
| --gcs-log-dir gs://${{ env.GCP_PROJECT }}-cloudbuild-logs/${{ env.IMAGE }}/${{ github.ref_name }}/ \ | |
| --quiet | |
| # Run proxy | |
| - name: Connect to Bastion Proxy | |
| run: |- | |
| gcloud compute start-iap-tunnel ${{ env.GKE_BASTION }} ${{ env.GKE_BASTION_PROXY_PORT }} \ | |
| --local-host-port=localhost:8123 \ | |
| --zone=${{ env.GKE_BASTION_ZONE }} \ | |
| --project=${{ env.GCP_PROJECT }} & | |
| # Set up helm | |
| # We are bypassing the helm repo add and helm repo update commands as they gave intermittent connectivity issues on gh-actions | |
| - name: Set up Helm | |
| run: |- | |
| curl -sfL https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz | tar -xz | |
| chmod u+x ./linux-amd64/helm | |
| curl -O $HELM_REPO_URL/$HELM_CHART-$HELM_CHART_VERSION.tgz | |
| # Deploy the Docker image to the GKE cluster | |
| - name: Deploy | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_minutes: 3 | |
| max_attempts: 3 | |
| command: |- | |
| HTTPS_PROXY=http://127.0.0.1:8123 ./linux-amd64/helm upgrade ${{ env.RELEASE_NAME }} \ | |
| --values ${{ env.HELM_VALUES_PATH }} \ | |
| --set image.tag=${{ github.ref_name }} \ | |
| ${{ env.HELM_CHART }}-${{ env.HELM_CHART_VERSION }}.tgz \ | |
| --namespace ${{ env.GKE_NAMESPACE }} | |