-
-
Notifications
You must be signed in to change notification settings - Fork 14
155 lines (142 loc) · 5.01 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
env:
DOCKER_REGISTRY: ghcr.io
DOCKER_SCAN_SUGGEST: false
name: Deploy
on:
workflow_dispatch:
inputs:
environment:
description: Select the environment
type: environment
redeploy_databases:
default: false
description: Redeploy databases? (non-production envs)
required: true
type: boolean
jobs:
build-backend-docker-image:
environment: ${{ inputs.environment }}
name: Build backend docker image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Log in to the container registry
uses: docker/login-action@v2
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up docker buildx
uses: docker/setup-buildx-action@v2
- name: Extract metadata for docker
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}/backend
tags: |
type=raw,value=${{ vars.DOCKER_IMAGE_TAG }}
- name: Build and push docker image
uses: docker/build-push-action@v4
with:
cache-from: type=gha
cache-to: type=gha,mode=max
context: backend
labels: ${{ steps.meta.outputs.labels }}
push: true
tags: ${{ steps.meta.outputs.tags }}
build-frontend-docker-image:
environment: ${{ inputs.environment }}
name: Build frontend docker image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Log in to the container registry
uses: docker/login-action@v2
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up docker buildx
uses: docker/setup-buildx-action@v2
- name: Extract metadata for docker
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}/frontend
tags: |
type=raw,value=${{ vars.DOCKER_IMAGE_TAG }}
- name: Build and push docker image
uses: docker/build-push-action@v4
with:
build-args: |
BASE_URL=${{ vars.FRONTEND_BASE_URL }}
GOOGLE_CLIENT_ID=${{ vars.GOOGLE_CLIENT_ID }}
HOSTED=true
REST_API_BASE_URL=${{ vars.REST_API_BASE_URL }}
ROBOTS_TXT_ALLOW=${{ vars.ROBOTS_TXT_ALLOW }}
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_DSN=${{ secrets.SENTRY_DSN }}
SENTRY_ENVIRONMENT=${{ inputs.environment }}
SENTRY_ORG=${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT=${{ secrets.SENTRY_PROJECT }}
STRIPE_PUBLISHABLE_KEY=${{ vars.STRIPE_PUBLISHABLE_KEY }}
cache-from: type=gha
cache-to: type=gha,mode=max
context: frontend
labels: ${{ steps.meta.outputs.labels }}
push: true
tags: ${{ steps.meta.outputs.tags }}
tag:
name: Tag
needs:
- update-deployments
runs-on: ubuntu-latest
steps:
- name: Advance the environment tag
uses: actions/github-script@v6
with:
script: |
try {
await github.rest.git.deleteRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: "tags/${{ inputs.environment }}",
});
} catch (e) {
console.log("The ${{ inputs.environment }} tag doesn't exist yet: " + e);
}
await github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: "refs/tags/${{ inputs.environment }}",
sha: context.sha,
});
update-deployments:
environment: ${{ inputs.environment }}
name: Update deployments
needs:
- build-backend-docker-image
- build-frontend-docker-image
runs-on: ubuntu-latest
steps:
- if: inputs.environment == 'staging' && inputs.redeploy_databases == true
name: Redeploy databases
uses: th0th/[email protected]
with:
base_url: "${{ secrets.KUBERNETES_BASE_URL }}"
bearer_token: "${{ secrets.KUBERNETES_BEARER_TOKEN}}"
debug: "true"
deployments: "${{ secrets.KUBERNETES_DATABASE_DEPLOYMENTS }}"
ignore_tls_errors: "true"
namespace: "${{ secrets.KUBERNETES_NAMESPACE }}"
- name: Update kubernetes workloads
uses: th0th/[email protected]
with:
base_url: "${{ secrets.KUBERNETES_BASE_URL }}"
bearer_token: "${{ secrets.KUBERNETES_BEARER_TOKEN}}"
debug: "true"
deployments: "${{ secrets.KUBERNETES_DEPLOYMENTS }}"
ignore_tls_errors: "true"
namespace: "${{ secrets.KUBERNETES_NAMESPACE }}"