-
Notifications
You must be signed in to change notification settings - Fork 528
Commit
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,51 +1,52 @@ | ||
name: Deploy to Civo Demo | ||
|
||
on: | ||
workflow_run: | ||
workflows: ['Build and Publish Docker Images Demo'] | ||
branches: [develop, temp] | ||
types: | ||
- completed | ||
workflow_run: | ||
workflows: ['Build and Publish Docker Images Demo'] | ||
branches: [develop, temp] | ||
types: | ||
- completed | ||
|
||
jobs: | ||
deploy-demo: | ||
runs-on: ubuntu-latest | ||
|
||
environment: demo | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Create kubeconfig | ||
run: | | ||
mkdir ${HOME}/.kube | ||
echo ${{ secrets.CIVO_KUBECONFIG }} | base64 --decode > ${HOME}/.kube/config | ||
- name: Generate TLS Secrets for DemoCIVO and APIDemoCIVO | ||
run: | | ||
rm -f ${HOME}/ingress.api.crt ${HOME}/ingress.api.key ${HOME}/ingress.webapp.crt ${HOME}/ingress.webapp.key | ||
echo ${{ secrets.INGRESS_API_CERT }} | base64 --decode > ${HOME}/ingress.api.crt | ||
echo ${{ secrets.INGRESS_API_CERT_KEY }} | base64 --decode > ${HOME}/ingress.api.key | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT }} | base64 --decode > ${HOME}/ingress.webapp.crt | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT_KEY }} | base64 --decode > ${HOME}/ingress.webapp.key | ||
kubectl create secret tls apidemocivo.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.api.crt --key=${HOME}/ingress.api.key -o yaml | kubectl apply -f - | ||
kubectl create secret tls democivo.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.webapp.crt --key=${HOME}/ingress.webapp.key -o yaml | kubectl apply -f - | ||
- name: Apply k8s manifests changes in Civo k8s cluster (if any) | ||
run: | | ||
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.civo.demo.yaml | kubectl --context ever apply -f - | ||
env: | ||
# below we are using GitHub secrets for both frontend and backend | ||
DB_NAME: 'gauzy_demo' | ||
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | ||
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | ||
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | ||
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | ||
|
||
# we need this step because for now we just use :latest tag | ||
# note: for production we will use different strategy later | ||
- name: Restart Pods to pick up :latest tag version | ||
run: | | ||
kubectl --context ever rollout restart deployment/gauzy-demo-api | ||
kubectl --context ever rollout restart deployment/gauzy-demo-webapp | ||
deploy-demo: | ||
runs-on: ubuntu-latest | ||
|
||
environment: demo | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Create kubeconfig | ||
run: | | ||
mkdir ${HOME}/.kube | ||
echo ${{ secrets.CIVO_KUBECONFIG }} | base64 --decode > ${HOME}/.kube/config | ||
- name: Generate TLS Secrets for DemoCIVO and APIDemoCIVO | ||
run: | | ||
rm -f ${HOME}/ingress.api.crt ${HOME}/ingress.api.key ${HOME}/ingress.webapp.crt ${HOME}/ingress.webapp.key | ||
echo ${{ secrets.INGRESS_API_CERT }} | base64 --decode > ${HOME}/ingress.api.crt | ||
echo ${{ secrets.INGRESS_API_CERT_KEY }} | base64 --decode > ${HOME}/ingress.api.key | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT }} | base64 --decode > ${HOME}/ingress.webapp.crt | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT_KEY }} | base64 --decode > ${HOME}/ingress.webapp.key | ||
kubectl create secret tls apidemocivo.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.api.crt --key=${HOME}/ingress.api.key -o yaml | kubectl apply -f - | ||
kubectl create secret tls democivo.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.webapp.crt --key=${HOME}/ingress.webapp.key -o yaml | kubectl apply -f - | ||
- name: Apply k8s manifests changes in Civo k8s cluster (if any) | ||
run: | | ||
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.civo.demo.yaml | kubectl --context ever apply -f - | ||
env: | ||
# below we are using GitHub secrets for both frontend and backend | ||
DB_NAME: 'gauzy_demo' | ||
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | ||
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | ||
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | ||
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | ||
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' | ||
Check warning on line 45 in .github/workflows/deploy-civo-demo.yml GitHub Actions / Cspell
Check warning on line 45 in .github/workflows/deploy-civo-demo.yml GitHub Actions / Cspell
Check warning on line 45 in .github/workflows/deploy-civo-demo.yml GitHub Actions / Cspell
|
||
|
||
# we need this step because for now we just use :latest tag | ||
# note: for production we will use different strategy later | ||
- name: Restart Pods to pick up :latest tag version | ||
run: | | ||
kubectl --context ever rollout restart deployment/gauzy-demo-api | ||
kubectl --context ever rollout restart deployment/gauzy-demo-webapp |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,51 +1,52 @@ | ||
name: Deploy to CoreWeave Demo | ||
|
||
on: | ||
workflow_run: | ||
workflows: ['Build and Publish Docker Images Demo'] | ||
branches: [develop, temp] | ||
types: | ||
- completed | ||
workflow_run: | ||
workflows: ['Build and Publish Docker Images Demo'] | ||
branches: [develop, temp] | ||
types: | ||
- completed | ||
|
||
jobs: | ||
deploy-demo: | ||
runs-on: ubuntu-latest | ||
|
||
environment: demo | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Create kubeconfig | ||
run: | | ||
mkdir ${HOME}/.kube | ||
echo ${{ secrets.CW_KUBECONFIG }} | base64 --decode > ${HOME}/.kube/config | ||
- name: Generate TLS Secrets for DemoCW and APIDemoCW | ||
run: | | ||
rm -f ${HOME}/ingress.api.crt ${HOME}/ingress.api.key ${HOME}/ingress.webapp.crt ${HOME}/ingress.webapp.key | ||
echo ${{ secrets.INGRESS_API_CERT }} | base64 --decode > ${HOME}/ingress.api.crt | ||
echo ${{ secrets.INGRESS_API_CERT_KEY }} | base64 --decode > ${HOME}/ingress.api.key | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT }} | base64 --decode > ${HOME}/ingress.webapp.crt | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT_KEY }} | base64 --decode > ${HOME}/ingress.webapp.key | ||
kubectl create secret tls apidemocw.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.api.crt --key=${HOME}/ingress.api.key -o yaml | kubectl apply -f - | ||
kubectl create secret tls democw.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.webapp.crt --key=${HOME}/ingress.webapp.key -o yaml | kubectl apply -f - | ||
- name: Apply k8s manifests changes in CoreWeave k8s cluster (if any) | ||
run: | | ||
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.cw.demo.yaml | kubectl --context coreweave apply -f - | ||
env: | ||
# below we are using GitHub secrets for both frontend and backend | ||
DB_NAME: 'gauzy_demo' | ||
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | ||
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | ||
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | ||
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | ||
|
||
# we need this step because for now we just use :latest tag | ||
# note: for production we will use different strategy later | ||
- name: Restart Pods to pick up :latest tag version | ||
run: | | ||
kubectl --context coreweave rollout restart deployment/gauzy-demo-api | ||
kubectl --context coreweave rollout restart deployment/gauzy-demo-webapp | ||
deploy-demo: | ||
runs-on: ubuntu-latest | ||
|
||
environment: demo | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Create kubeconfig | ||
run: | | ||
mkdir ${HOME}/.kube | ||
echo ${{ secrets.CW_KUBECONFIG }} | base64 --decode > ${HOME}/.kube/config | ||
- name: Generate TLS Secrets for DemoCW and APIDemoCW | ||
run: | | ||
rm -f ${HOME}/ingress.api.crt ${HOME}/ingress.api.key ${HOME}/ingress.webapp.crt ${HOME}/ingress.webapp.key | ||
echo ${{ secrets.INGRESS_API_CERT }} | base64 --decode > ${HOME}/ingress.api.crt | ||
echo ${{ secrets.INGRESS_API_CERT_KEY }} | base64 --decode > ${HOME}/ingress.api.key | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT }} | base64 --decode > ${HOME}/ingress.webapp.crt | ||
echo ${{ secrets.INGRESS_WEBAPP_CERT_KEY }} | base64 --decode > ${HOME}/ingress.webapp.key | ||
kubectl create secret tls apidemocw.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.api.crt --key=${HOME}/ingress.api.key -o yaml | kubectl apply -f - | ||
kubectl create secret tls democw.gauzy.co-tls --save-config --dry-run=client --cert=${HOME}/ingress.webapp.crt --key=${HOME}/ingress.webapp.key -o yaml | kubectl apply -f - | ||
- name: Apply k8s manifests changes in CoreWeave k8s cluster (if any) | ||
run: | | ||
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.cw.demo.yaml | kubectl --context coreweave apply -f - | ||
env: | ||
# below we are using GitHub secrets for both frontend and backend | ||
DB_NAME: 'gauzy_demo' | ||
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | ||
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | ||
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | ||
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | ||
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' | ||
Check warning on line 45 in .github/workflows/deploy-cw-demo.yml GitHub Actions / Cspell
Check warning on line 45 in .github/workflows/deploy-cw-demo.yml GitHub Actions / Cspell
Check warning on line 45 in .github/workflows/deploy-cw-demo.yml GitHub Actions / Cspell
|
||
|
||
# we need this step because for now we just use :latest tag | ||
# note: for production we will use different strategy later | ||
- name: Restart Pods to pick up :latest tag version | ||
run: | | ||
kubectl --context coreweave rollout restart deployment/gauzy-demo-api | ||
kubectl --context coreweave rollout restart deployment/gauzy-demo-webapp |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,48 +1,48 @@ | ||
name: Deploy to DigitalOcean Demo | ||
|
||
on: | ||
workflow_run: | ||
workflows: ['Build and Publish Docker Images Demo'] | ||
branches: [develop, temp] | ||
types: | ||
- completed | ||
workflow_run: | ||
workflows: ['Build and Publish Docker Images Demo'] | ||
branches: [develop, temp] | ||
types: | ||
- completed | ||
|
||
jobs: | ||
deploy-demo: | ||
runs-on: ubuntu-latest | ||
|
||
environment: demo | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Install doctl | ||
uses: digitalocean/action-doctl@v2 | ||
with: | ||
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | ||
|
||
- name: Log in to DigitalOcean Container Registry with short-lived credentials | ||
run: doctl registry login --expiry-seconds 600 | ||
|
||
- name: Save DigitalOcean kubeconfig with short-lived credentials | ||
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy | ||
|
||
- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any) | ||
run: | | ||
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.demo.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f - | ||
env: | ||
# below we are using GitHub secrets for both frontend and backend | ||
DB_NAME: 'gauzy_demo' | ||
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | ||
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | ||
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | ||
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | ||
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' | ||
|
||
# we need this step because for now we just use :latest tag | ||
# note: for production we will use different strategy later | ||
- name: Restart Pods to pick up :latest tag version | ||
run: | | ||
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/gauzy-demo-api | ||
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/gauzy-demo-webapp | ||
deploy-demo: | ||
runs-on: ubuntu-latest | ||
|
||
environment: demo | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Install doctl | ||
uses: digitalocean/action-doctl@v2 | ||
with: | ||
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | ||
|
||
- name: Log in to DigitalOcean Container Registry with short-lived credentials | ||
run: doctl registry login --expiry-seconds 600 | ||
|
||
- name: Save DigitalOcean kubeconfig with short-lived credentials | ||
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy | ||
|
||
- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any) | ||
run: | | ||
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.demo.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f - | ||
env: | ||
# below we are using GitHub secrets for both frontend and backend | ||
DB_NAME: 'gauzy_demo' | ||
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | ||
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | ||
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | ||
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | ||
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' | ||
Check warning on line 41 in .github/workflows/deploy-do-demo.yml GitHub Actions / Cspell
|
||
|
||
# we need this step because for now we just use :latest tag | ||
# note: for production we will use different strategy later | ||
- name: Restart Pods to pick up :latest tag version | ||
run: | | ||
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/gauzy-demo-api | ||
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/gauzy-demo-webapp |