Merge pull request #31 from wireapp/WPB-12152 #116
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Staging Deployment | |
on: | |
push: | |
branches: | |
- staging | |
env: | |
# set docker image for the service - i.e. "wire-bot/poll" | |
DOCKER_IMAGE: wire-bot/legal-hold | |
# name of the service in the Dagobah - the value for label name, i.e. "polls" | |
SERVICE_NAME: legal-hold | |
jobs: | |
publish: | |
name: Deploy to staging | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v2 | |
# use latest tag as release version in the docker container | |
- name: Set Release Version | |
run: echo "RELEASE_VERSION=${GITHUB_SHA}" >> $GITHUB_ENV | |
# extract metadata for labels https://github.com/crazy-max/ghaction-docker-meta | |
- name: Docker meta | |
id: docker_meta | |
uses: crazy-max/ghaction-docker-meta@v1 | |
with: | |
images: eu.gcr.io/${{ env.DOCKER_IMAGE }} | |
# setup docker actions https://github.com/docker/build-push-action | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
# login to GCR repo | |
- name: Login to DockerHub | |
uses: docker/login-action@v1 | |
with: | |
registry: eu.gcr.io | |
username: _json_key | |
password: ${{ secrets.GCR_ACCESS_JSON }} | |
- name: Build and push | |
id: docker_build | |
uses: docker/build-push-action@v2 | |
with: | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
labels: ${{ steps.docker_meta.outputs.labels }} | |
push: true | |
build-args: | | |
release_version=${{ env.RELEASE_VERSION }} | |
- name: Enable auth plugin | |
run: | | |
echo "USE_GKE_GCLOUD_AUTH_PLUGIN=True" >> $GITHUB_ENV | |
# Auth to GKE | |
- name: Authenticate to GKE | |
uses: google-github-actions/auth@v1 | |
with: | |
project_id: wire-bot | |
credentials_json: ${{ secrets.GKE_SA_KEY }} | |
service_account: [email protected] | |
# Setup gcloud CLI | |
- name: Set up Cloud SDK | |
uses: google-github-actions/setup-gcloud@v1 | |
# Prepare components | |
- name: Prepare gcloud components | |
run: | | |
gcloud components install gke-gcloud-auth-plugin | |
gcloud components update | |
gcloud --quiet auth configure-docker | |
# Get the GKE credentials so we can deploy to the cluster | |
- name: Obtain k8s credentials | |
env: | |
GKE_CLUSTER: dagobah | |
GKE_ZONE: europe-west1-c | |
run: | | |
gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE" | |
# K8s is set up, deploy the app | |
- name: Deploy the Service | |
env: | |
SERVICE: ${{ env.SERVICE_NAME }} | |
run: | | |
kubectl delete pod -l app=$SERVICE -n staging | |
kubectl describe pod -l app=$SERVICE -n staging | |
# Send webhook to Wire using Slack Bot | |
- name: Webhook to Wire | |
uses: 8398a7/action-slack@v2 | |
with: | |
status: ${{ job.status }} | |
author_name: ${{ env.SERVICE_NAME }} staging pipeline | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.WEBHOOK_CI }} | |
# Send message only if previous step failed | |
if: always() | |