-
Notifications
You must be signed in to change notification settings - Fork 85
125 lines (105 loc) · 5.37 KB
/
deploy_testing_env.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Deploy To Testing Environment
on:
workflow_run:
workflows: ["Checks"]
branches-ignore:
- main
- develop
types:
- completed
env:
BRANCH_NAME: ${{ github.event.workflow_run.head_branch }}
API_DOMAIN: "core-api-issuer-node-k8s.privado.id"
UI_DOMAIN: "issuer-node-k8s.privado.id"
ISSUER_NODE_API_IMAGE: "privadoid/issuernode-api-testing"
ISSUER_NODE_UI_IMAGE: "privadoid/issuernode-ui-testing"
jobs:
deploy:
runs-on: "ubuntu-latest"
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ env.BRANCH_NAME }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
buildkitd-flags: --debug
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Get version
run: echo "::set-output name=VERSION::$(git rev-parse --short HEAD)"
id: version
- name: Build and push ui
uses: docker/build-push-action@v4
env:
IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
with:
context: ./ui
platforms: linux/amd64
push: true
tags: ${{ env.ISSUER_NODE_UI_IMAGE }}:${{ env.IMAGE_TAG }}
- name: Build and push amd64 image
uses: docker/build-push-action@v4
env:
IMAGE_TAG: ${{ steps.version.outputs.VERSION }}
with:
context: .
platforms: linux/amd64
push: true
tags: ${{ env.ISSUER_NODE_API_IMAGE }}:${{ env.IMAGE_TAG }}
- name: Extract URL from branches.txt
id: extract-url
run: |
# Search for the branch in the file
url=$(grep "^${{ env.BRANCH_NAME }}=" ./k8s/testing/branches.txt | cut -d'=' -f2)
echo "Extracted URL: $url"
echo "::set-output name=url::$url"
- name: kubectl configuration
run: |
echo "${{ secrets.KUBECONFIG }}" > kubeconfig
echo "KUBECONFIG=./kubeconfig" >> $GITHUB_ENV
- name: list contexts
run: |
kubectl config get-contexts
- name: change context
run: |
kubectl config use-context k3s
- name: check cluster info
run: kubectl cluster-info
- name: Check if helm chart exists
id: helm_check
run: |
result=$(helm list --namespace "${{ steps.extract-url.outputs.url }}" -q | grep "^${{ steps.extract-url.outputs.url }}$" || echo 'not_found')
echo "result=$result" >> $GITHUB_OUTPUT
- name: "Print Result - Helm Check"
run: echo "${{ steps.helm_check.outputs.result }}"
- name: "Apply custom resources"
run: |
cp ./k8s/testing/*.* ./k8s/helm/templates/
mv ./k8s/helm/templates/values.yaml ./k8s/helm/values.yaml
rm ./k8s/helm/templates/vault-configmap.yaml
rm ./k8s/helm/templates/vault-deployment.yaml
rm ./k8s/helm/templates/vault-pv.yaml
rm ./k8s/helm/templates/vault-service.yaml
rm ./k8s/helm/templates/redis-deployment.yaml
rm ./k8s/helm/templates/branches.txt
- name: "Deploy helm chart"
uses: WyriHaximus/[email protected]
with:
exec: helm install "${{ steps.extract-url.outputs.url }}" --create-namespace ./k8s/helm --wait --atomic --timeout 5m --namespace="${{ steps.extract-url.outputs.url }}" --values=./k8s/helm/values.yaml --set apidomain="${{ env.API_DOMAIN }}" --set uidomain="${{ env.UI_DOMAIN }}" --set privateKey=${{ secrets.ISSUER_NODE_TESTING_PRIVATE_KEY }} --set ingressEnabled="true" --set vaultpwd="foo" --set issuerUiInsecure=true --set issuerResolverFile="${{ secrets.ISSUER_NODE_TESTING_ISSUER_RESOLVER_FILE }}" --set issuernode_repository_image="${{ env.ISSUER_NODE_API_IMAGE }}" --set issuernode_repository_tag="${{ steps.version.outputs.VERSION }}" --set issuernode_ui_repository_image="${{ env.ISSUER_NODE_UI_IMAGE }}" --set issuernode_ui_repository_tag="${{ steps.version.outputs.VERSION }}"
kubeconfig: "${{ secrets.KUBECONFIG }}"
overrule_existing_kubeconfig: "true"
if: steps.helm_check.outputs.result == 'not_found' && steps.extract-url.outputs.url != ''
- name: "Update helm chart"
uses: WyriHaximus/[email protected]
with:
exec: helm upgrade "${{ steps.extract-url.outputs.url }}" ./k8s/helm/ --wait --atomic --timeout 5m --namespace="${{ steps.extract-url.outputs.url }}" --values=./k8s/helm/values.yaml --set apidomain="${{ env.API_DOMAIN }}" --set uidomain="${{ env.UI_DOMAIN }}" --set privateKey=${{ secrets.ISSUER_NODE_TESTING_PRIVATE_KEY }} --set ingressEnabled="true" --set vaultpwd="foo" --set issuerUiInsecure=true --set issuerResolverFile="${{ secrets.ISSUER_NODE_TESTING_ISSUER_RESOLVER_FILE }}" --set issuernode_repository_image="${{ env.ISSUER_NODE_API_IMAGE }}" --set issuernode_repository_tag="${{ steps.version.outputs.VERSION }}" --set issuernode_ui_repository_image="${{ env.ISSUER_NODE_UI_IMAGE }}" --set issuernode_ui_repository_tag="${{ steps.version.outputs.VERSION }}"
kubeconfig: "${{ secrets.KUBECONFIG }}"
overrule_existing_kubeconfig: "true"
if: steps.helm_check.outputs.result != 'not_found' && steps.extract-url.outputs.url != ''