Deploy to Civo Demo #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to Civo Demo | |
on: | |
workflow_run: | |
workflows: ['Build and Publish Docker Images Demo'] | |
branches: [develop, temp] | |
types: | |
- completed | |
jobs: | |
deploy-demo: | |
runs-on: ubuntu-latest | |
environment: demo | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Create kubeconfig | |
run: | | |
mkdir ${HOME}/.kube | |
echo ${{ secrets.CIVO_KUBECONFIG }} | base64 --decode > ${HOME}/.kube/config | |
- name: Generate TLS Secrets for DemoCIVO and APIDemoCIVO | |
run: | | |
rm -f ${HOME}/ingress.api.crt ${HOME}/ingress.api.key ${HOME}/ingress.webapp.crt ${HOME}/ingress.webapp.key | |
echo ${{ secrets.INGRESS_API_CERT }} | base64 --decode > ${HOME}/ingress.api.crt | |
echo ${{ secrets.INGRESS_API_CERT_KEY }} | base64 --decode > ${HOME}/ingress.api.key | |
echo ${{ secrets.INGRESS_WEBAPP_CERT }} | base64 --decode > ${HOME}/ingress.webapp.crt | |
echo ${{ secrets.INGRESS_WEBAPP_CERT_KEY }} | base64 --decode > ${HOME}/ingress.webapp.key | |
kubectl create secret tls apidemocivo.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.api.crt --key=${HOME}/ingress.api.key -o yaml | kubectl apply -f - | |
kubectl create secret tls democivo.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.webapp.crt --key=${HOME}/ingress.webapp.key -o yaml | kubectl apply -f - | |
- name: Apply k8s manifests changes in Civo k8s cluster (if any) | |
run: | | |
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.civo.demo.yaml | kubectl --context ever apply -f - | |
env: | |
# below we are using GitHub secrets for both frontend and backend | |
DB_NAME: 'gauzy_demo' | |
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | |
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | |
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | |
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | |
# we need this step because for now we just use :latest tag | |
# note: for production we will use different strategy later | |
- name: Restart Pods to pick up :latest tag version | |
run: | | |
kubectl --context ever rollout restart deployment/gauzy-demo-api | |
kubectl --context ever rollout restart deployment/gauzy-demo-webapp |