Skip to content
deploy-k8s

mavalosn send deploy EKS πŸš€ #163

Sign in to view logs

mavalosn send deploy EKS πŸš€

mavalosn send deploy EKS πŸš€ #163

Workflow file for this run

.github/workflows/deploy-k8s.yml at 2d61210
name: deploy-k8s
run-name: ${{ github.actor }} send deploy EKS πŸš€
on:
pull_request:
types: [opened, reopened, synchronize, edited, closed]
#schedule:
# - cron: '30 2 * * *' # every day at midnight
workflow_dispatch:
workflow_call:
env:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
AWS_URL: ${{ secrets.AWS_URL }}
pull_req_id: ${{github.event.pull_request.number}}
DATE: $(date -d '-1 day' '+%Y-%m-%d'|sed 's/-//g')
CURRENT_DATE: $(date '+%Y-%m-%d %H:%M:%S'|sed 's/-//g')
CI_PACKAGE_BRANCH: ${{github.event.pull_request.head.ref || 'next' }}
CI_PROJECT: ${{github.event.pull_request.head.repo.name || 'processmaker' }}
CI_PR_BODY: ${{ github.event_name == 'schedule' && 'No ci tags needed here' || github.event.pull_request.body }}
IMAGE_TAG: $(echo "$CI_PROJECT-$CI_PACKAGE_BRANCH" | sed "s;/;-;g")
DEPLOY: ${{ secrets.DEPLOY }}
GH_USER: ${{ secrets.GH_USER }}
GH_EMAIL: ${{ secrets.GH_EMAIL }}
GITHUB_COMMENT: ${{ secrets.GH_COMMENT }}
DOM_EKS: ${{ secrets.DOM_EKS }}
GITHUB_TOKEN: ${{ secrets.GIT_TOKEN }}
BUILD_BASE: ${{ (contains(github.event.pull_request.body, 'ci:build-base') || github.event_name == 'schedule') && '1' || '0' }}
BASE_IMAGE: ${{ secrets.REGISTRY_HOST }}/processmaker/processmaker:base
K8S_BRANCH: bugfix/FOUR-12410
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
imageEKS:
name: build-docker-image-EKS
if: github.event.action != 'closed'
runs-on: ${{ vars.RUNNER }}
steps:
- name: Set image name
run: |
RESOLVED_IMAGE_TAG=${{ env.IMAGE_TAG }}
echo "IMAGE=${{ secrets.REGISTRY_HOST }}/processmaker/enterprise:$RESOLVED_IMAGE_TAG" >> $GITHUB_ENV
- name: Clone repo K8S
run: |
# TODO: Change branch when pm4 k8s distribution is released
echo "IMAGE: ${{ env.IMAGE }}"
git clone --depth 1 -b "$K8S_BRANCH" "https://[email protected]/ProcessMaker/pm4-k8s-distribution.git" pm4-k8s-distribution
- name: Generate image EKS
run: |
cd pm4-k8s-distribution/images
branch=$CI_PACKAGE_BRANCH tag=${{env.IMAGE_TAG}} bash build.k8s-cicd.sh
echo "VERSION=${{ env.IMAGE_TAG }}" >> $GITHUB_ENV
- name: List Images
run: |
docker images
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: processmaker/enterprise:${{ env.VERSION }}
format: 'table'
exit-code: '0'
ignore-unfixed: false
vuln-type: 'os,library'
scanners: 'vuln,secret'
severity: 'MEDIUM,HIGH,CRITICAL'
env:
TRIVY_TIMEOUT: 30m
- name: Login to Harbor
uses: docker/login-action@v2
with:
registry: ${{ secrets.REGISTRY_HOST }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Push Enterprise Image to Harbor
run: |
docker tag processmaker/enterprise:${{env.IMAGE_TAG}} ${{ secrets.REGISTRY_HOST }}/processmaker/enterprise:${{env.IMAGE_TAG}}
docker push ${{ secrets.REGISTRY_HOST }}/processmaker/enterprise:${{env.IMAGE_TAG}}
deployEKS:
name: build-deploy-EKS
if: contains(github.event.pull_request.body, 'ci:deploy')
needs: imageEKS
runs-on: self-hosted
steps:
- name: Clone private repository
run: |
git clone --depth 1 -b eng "https://[email protected]/ProcessMaker/argocd.git" argocd
- name: CreateDB
run: |
cd argocd
deploy=$(echo -n ${{env.IMAGE_TAG}} | md5sum | head -c 10)
sed -i "s/{{instance}}/ci-$deploy/" template-db.yaml
kubectl get namespace ci-processmaker-ns-pm4
namespace=$(kubectl get namespace $deploy-ns-pm4|grep $deploy|awk '{print $1}')
kubectl apply -f template-db.yaml
- name: Install pm4-tools
run: |
git clone --depth 1 -b "$K8S_BRANCH" "https://[email protected]/ProcessMaker/pm4-k8s-distribution.git" pm4-k8s-distribution
cd pm4-k8s-distribution/images/pm4-tools
composer install --no-interaction
cd ..
- name: Deploy instance EKS
run: |
cd argocd
deploy=$(echo -n ${{env.IMAGE_TAG}} | md5sum | head -c 10)
current_datetime=$(echo -n ${{env.CURRENT_DATE}} | md5sum | head -c 10)
echo "NAMESPACE : ci-$deploy-ns-pm4"
if ! kubectl get namespace/ci-$deploy-ns-pm4 ; then
echo "Creating Deploy :: $deploy"
sed -i "s/{{instance}}/ci-$deploy/" template-instance.yaml
sed -i "s/{{image}}/${{env.IMAGE_TAG}}/" template-instance.yaml
cat template-instance.yaml
helm repo add processmaker ${{ secrets.HELM_REPO }} --username ${{ secrets.HELM_USERNAME }} --password ${{ secrets.HELM_PASSWORD }} && helm repo update && helm install --timeout 40m -f template-instance.yaml ci-$deploy processmaker/enterprise --version 2.1.0
else
echo "Bouncing Instance ";
sed -i "s/{{instance}}/ci-$deploy/g" template-bounce.yaml
sed -i "s/{{current_datetime}}/$current_datetime/g" template-bounce.yaml
kubectl apply -f template-bounce.yaml
fi
export INSTANCE_URL=https://ci-$deploy$DOM_EKS
echo "INSTANCE_URL=${INSTANCE_URL}" >> "$GITHUB_ENV"
../pm4-k8s-distribution/images/pm4-tools/pm wait-for-instance-ready
- name: Comment Instance
run: |
echo "Instance URL: '${INSTANCE_URL}'"
bash argocd/gh_comment.sh "$CI_PROJECT" "$pull_req_id"
deleteEKS:
name: Delete Instance
if: github.event.action == 'closed'
runs-on: self-hosted
steps:
- name: Delete instance EKS
run: |
deploy=$(echo -n $IMAGE_TAG | md5sum | head -c 10)
echo "Deleting Instace :: ci-$deploy"
helm delete ci-$deploy
kubectl delete namespace ci-$deploy-ns-pm4