Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| ab540e0f8b | |||
| d1e70af74d | |||
| 342558e3e6 | |||
| b76f572c0f | |||
| e949536edb | |||
| b83d151aba | |||
| 39e5090b6e | |||
| 4334d096f6 | |||
| e8e9785094 | |||
| e18a13a781 | |||
| 2907874026 | |||
| f2e1c2198c | |||
| 2a7a286842 | |||
| af59783877 | |||
| 12089d0968 |
@@ -27,18 +27,23 @@ jobs:
|
||||
image: catthehacker/ubuntu:act-22.04
|
||||
|
||||
steps:
|
||||
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Import Secrets
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-rent-dev.com
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
cicd/data/docker password | REGISTRY_PASSWORD ;
|
||||
cicd/data/docker username | REGISTRY_USERNAME ;
|
||||
cicd/data/submodule token | SUBMODULE_TOKEN ;
|
||||
cicd/data/submodule npm_token | NPM_TOKEN ;
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
fetch-depth: 0
|
||||
token: ${{ env.SUBMODULE_TOKEN }}
|
||||
|
||||
- name: Set up Docker BuildX
|
||||
uses: docker/setup-buildx-action@v2
|
||||
@@ -68,8 +73,12 @@ jobs:
|
||||
|
||||
- name: Build Docker image
|
||||
run: |
|
||||
docker build -t ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }} .
|
||||
|
||||
docker build \
|
||||
--build-arg SUBMODULE_TOKEN=${{ env.NPM_TOKEN }} \
|
||||
-f ${{ inputs.DOCKERFILE_PATH }} \
|
||||
-t ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }} \
|
||||
.
|
||||
|
||||
- name: Push Docker image
|
||||
run: |
|
||||
docker push ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }}
|
||||
|
||||
@@ -9,7 +9,7 @@ on:
|
||||
REGISTRY:
|
||||
required: true
|
||||
type: string
|
||||
default: registry.project-rent-dev.com
|
||||
default: registry.project-quest-dev.com
|
||||
PROD_NAMESPACE:
|
||||
required: true
|
||||
type: string
|
||||
@@ -42,6 +42,18 @@ on:
|
||||
required: true
|
||||
type: string
|
||||
description: Kubeconf secret path in vault for prod
|
||||
HELM_VERSION:
|
||||
type: string
|
||||
default: 3.17
|
||||
description: Last stable with our chart's
|
||||
ENABLE_CUSTOM_SET:
|
||||
type: string
|
||||
default: "false"
|
||||
description: Last stable with our chart's
|
||||
CUSTOM_HELM_SET:
|
||||
type: string
|
||||
default: ""
|
||||
description: Last stable with our chart's
|
||||
secrets:
|
||||
VAULT_TOKEN:
|
||||
required: true
|
||||
@@ -69,7 +81,7 @@ jobs:
|
||||
|
||||
- name: Export secrets for deploy
|
||||
run: |
|
||||
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
||||
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
|
||||
echo "NAMESPACE=${{ inputs.PROD_NAMESPACE }}" >> $GITHUB_ENV
|
||||
echo "VALUES_FILE=${{ inputs.PROD_VALUES_FILE }}" >> $GITHUB_ENV
|
||||
echo "KUBECONF=${{ inputs.PROD_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
|
||||
@@ -82,7 +94,7 @@ jobs:
|
||||
- name: Import config of k8s
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-rent-dev.com
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
${{ env.KUBECONF }} | KUBECONFIG;
|
||||
@@ -90,17 +102,38 @@ jobs:
|
||||
- name: Install helm
|
||||
uses: azure/setup-helm@v4.2.0
|
||||
with:
|
||||
version: latest
|
||||
version: ${{ inputs.HELM_VERSION }}
|
||||
|
||||
- name: Set up Kubectl
|
||||
uses: azure/k8s-set-context@v4
|
||||
with:
|
||||
kubeconfig: ${{ env.KUBECONFIG }}
|
||||
|
||||
- name: Set EXTRA_ARGS if ENABLE_CUSTOM_SET is true
|
||||
run: |
|
||||
if [ "${{ inputs.ENABLE_CUSTOM_SET }}" = "true" ]; then
|
||||
echo "CUSTOM_HELM_SET_TEMPLATE=${{ inputs.CUSTOM_HELM_SET }}" >> "$GITHUB_ENV"
|
||||
else
|
||||
echo "CUSTOM_HELM_SET_TEMPLATE=" >> "$GITHUB_ENV"
|
||||
fi
|
||||
|
||||
- name: Install envsubst
|
||||
run: |
|
||||
sudo apt-get update && sudo apt-get install -y gettext
|
||||
|
||||
- name: Render and export EXTRA_ARGS
|
||||
run: |
|
||||
if [ -n "$CUSTOM_HELM_SET_TEMPLATE" ]; then
|
||||
export EXTRA_ARGS=$(echo "$CUSTOM_HELM_SET_TEMPLATE" | envsubst)
|
||||
else
|
||||
export EXTRA_ARGS=""
|
||||
fi
|
||||
echo "EXTRA_ARGS=$EXTRA_ARGS" >> "$GITHUB_ENV"
|
||||
|
||||
- name: Install chart
|
||||
run: |
|
||||
helm upgrade --install --cleanup-on-fail --atomic --timeout 2m --wait ${{ inputs.APP_NAME }} ./chart \
|
||||
--namespace ${{ env.NAMESPACE }} \
|
||||
--set image.repository=${{ inputs.REGISTRY }}/${{ inputs.REGISTRY_USER }}/${{ inputs.APP_NAME }} \
|
||||
--set image.tag=${{ env.VERSION }} \
|
||||
-f ${{ env.VALUES_FILE }}
|
||||
-f ${{ env.VALUES_FILE }} ${{ env.EXTRA_ARGS }}
|
||||
@@ -22,18 +22,32 @@ jobs:
|
||||
image: catthehacker/ubuntu:act-22.04
|
||||
steps:
|
||||
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Import Common Secrets
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
cicd/data/submodule token | SUBMODULE_TOKEN ;
|
||||
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
fetch-depth: 0
|
||||
token: ${{ env.SUBMODULE_TOKEN }}
|
||||
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: 20
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm install
|
||||
|
||||
- name: Export secrets for prisma
|
||||
run: |
|
||||
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
||||
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
|
||||
echo "PRISMA_DB_SECRET_PATH=${{ inputs.PROD_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
|
||||
else
|
||||
echo "PRISMA_DB_SECRET_PATH=${{ inputs.DEV_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
|
||||
@@ -42,7 +56,7 @@ jobs:
|
||||
- name: Import prisma db url
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-rent-dev.com
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
${{ env.PRISMA_DB_SECRET_PATH }} | PRISMA_DB_URL;
|
||||
|
||||
Reference in New Issue
Block a user