pin skyportal to 18a80de3d65480822578a49a65f5bd597c56e0ad #767
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Docker image, push to gcr.io, deploy to staging | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| PROJECT_ID: ${{ secrets.GKE_PROJECT }} | |
| GKE_CLUSTER: fritz-staging | |
| GKE_ZONE: us-west2-a | |
| IMAGE: fritz | |
| jobs: | |
| build-publish-deploy: | |
| name: Setup, Build, Publish | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 45 | |
| steps: | |
| - uses: actions/cache@v2 | |
| with: | |
| path: | | |
| ~/.cache | |
| ~/.local | |
| ~/.npm | |
| key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }} | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| fetch-depth: 0 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.10' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - id: 'auth' | |
| uses: 'google-github-actions/auth@v0' | |
| with: | |
| credentials_json: ${{ secrets.GKE_SA_KEY }} | |
| - name: Setup gcloud cli | |
| uses: google-github-actions/setup-gcloud@v1 | |
| with: | |
| version: "369.0.0" | |
| project_id: ${{ secrets.GKE_PROJECT }} | |
| # Configure Docker to use the gcloud command-line tool as a credential | |
| # helper for authentication | |
| - name: Set up docker credentials | |
| run: |- | |
| gcloud --quiet auth configure-docker | |
| # Get the GKE credentials so we can deploy to the cluster | |
| # - name: Get Google Kubernetes Engine credentials | |
| # run: |- | |
| # gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE" | |
| - name: Get Google Kubernetes Engine credentials | |
| uses: 'google-github-actions/get-gke-credentials@v1' | |
| with: | |
| cluster_name: fritz-staging | |
| location: us-west2-a | |
| # # Will use this, once the official Docker action introduces caching | |
| # - name: Build and push image | |
| # uses: docker/build-push-action@v1 | |
| # with: | |
| # registry: gcr.io | |
| # repository: $PROJECT_ID/$IMAGE | |
| # tags: $GITHUB_SHA | |
| - name: Build | |
| run: |- | |
| cp fritz.defaults.yaml fritz.yaml | |
| ./fritz build \ | |
| --no-kowalski \ | |
| --skyportal-tag="gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" | |
| # Push the Docker image to Google Container Registry | |
| - name: Publish | |
| run: |- | |
| docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: "fritz-marshal/fritz-deploy" | |
| path: "fritz-deploy" | |
| ssh-key: ${{ secrets.CI_FRITZ_DEPLOY_DEPLOY_KEY }} | |
| - name: Set up SOPS | |
| run: |- | |
| SOPS_VER=3.5.0 | |
| CACHED_DOWNLOAD_DIR=~/.local/downloads | |
| FILENAME=sops-v${SOPS_VER}.linux | |
| SOPS_BINARY=~/.local/bin/sops | |
| if [[ ! -f ${CACHED_DOWNLOAD_DIR=}/${FILENAME} ]]; then | |
| wget https://github.com/mozilla/sops/releases/download/v${SOPS_VER}/${FILENAME} --quiet --directory-prefix=${CACHED_DOWNLOAD_DIR} --no-clobber | |
| fi | |
| mkdir -p ~/.local/bin | |
| cp ${CACHED_DOWNLOAD_DIR}/${FILENAME} ${SOPS_BINARY} | |
| chmod u+x ${SOPS_BINARY} | |
| ${SOPS_BINARY} --version | |
| - name: Deploy | |
| run: |- | |
| cd fritz-deploy | |
| export PATH=$PATH:~/.local/bin | |
| ./deploy.py --staging --tag=$GITHUB_SHA |