Compare commits
4 Commits
v1.0.0
...
test/prism
| Author | SHA1 | Date | |
|---|---|---|---|
|
a6fe207162 | ||
| 2a7a286842 | |||
| af59783877 | |||
| 12089d0968 |
@@ -27,18 +27,23 @@ jobs:
|
||||
image: catthehacker/ubuntu:act-22.04
|
||||
|
||||
steps:
|
||||
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Import Secrets
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-rent-dev.com
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
cicd/data/docker password | REGISTRY_PASSWORD ;
|
||||
cicd/data/docker username | REGISTRY_USERNAME ;
|
||||
cicd/data/submodule token | SUBMODULE_TOKEN ;
|
||||
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
fetch-depth: 0
|
||||
token: ${{ env.SUBMODULE_TOKEN }}
|
||||
|
||||
- name: Set up Docker BuildX
|
||||
uses: docker/setup-buildx-action@v2
|
||||
@@ -68,7 +73,7 @@ jobs:
|
||||
|
||||
- name: Build Docker image
|
||||
run: |
|
||||
docker build -t ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }} .
|
||||
docker build -f ${{ inputs.DOCKERFILE_PATH }} -t ${{ inputs.REGISTRY }}/${{ inputs.USER_FOR_IMAGE_STORE }}/${{ inputs.APP_NAME }}:${{ env.VERSION }} .
|
||||
|
||||
- name: Push Docker image
|
||||
run: |
|
||||
|
||||
@@ -9,7 +9,7 @@ on:
|
||||
REGISTRY:
|
||||
required: true
|
||||
type: string
|
||||
default: registry.project-rent-dev.com
|
||||
default: registry.project-quest-dev.com
|
||||
PROD_NAMESPACE:
|
||||
required: true
|
||||
type: string
|
||||
@@ -42,6 +42,18 @@ on:
|
||||
required: true
|
||||
type: string
|
||||
description: Kubeconf secret path in vault for prod
|
||||
HELM_VERSION:
|
||||
type: string
|
||||
default: 3.17
|
||||
description: Last stable with our chart's
|
||||
ENABLE_CUSTOM_SET:
|
||||
type: string
|
||||
default: "false"
|
||||
description: Last stable with our chart's
|
||||
CUSTOM_HELM_SET:
|
||||
type: string
|
||||
default: ""
|
||||
description: Last stable with our chart's
|
||||
secrets:
|
||||
VAULT_TOKEN:
|
||||
required: true
|
||||
@@ -69,7 +81,7 @@ jobs:
|
||||
|
||||
- name: Export secrets for deploy
|
||||
run: |
|
||||
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
||||
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
|
||||
echo "NAMESPACE=${{ inputs.PROD_NAMESPACE }}" >> $GITHUB_ENV
|
||||
echo "VALUES_FILE=${{ inputs.PROD_VALUES_FILE }}" >> $GITHUB_ENV
|
||||
echo "KUBECONF=${{ inputs.PROD_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
|
||||
@@ -82,7 +94,7 @@ jobs:
|
||||
- name: Import config of k8s
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-rent-dev.com
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
${{ env.KUBECONF }} | KUBECONFIG;
|
||||
@@ -90,17 +102,38 @@ jobs:
|
||||
- name: Install helm
|
||||
uses: azure/setup-helm@v4.2.0
|
||||
with:
|
||||
version: latest
|
||||
version: ${{ inputs.HELM_VERSION }}
|
||||
|
||||
- name: Set up Kubectl
|
||||
uses: azure/k8s-set-context@v4
|
||||
with:
|
||||
kubeconfig: ${{ env.KUBECONFIG }}
|
||||
|
||||
- name: Set EXTRA_ARGS if ENABLE_CUSTOM_SET is true
|
||||
run: |
|
||||
if [ "${{ inputs.ENABLE_CUSTOM_SET }}" = "true" ]; then
|
||||
echo "CUSTOM_HELM_SET_TEMPLATE=${{ inputs.CUSTOM_HELM_SET }}" >> "$GITHUB_ENV"
|
||||
else
|
||||
echo "CUSTOM_HELM_SET_TEMPLATE=" >> "$GITHUB_ENV"
|
||||
fi
|
||||
|
||||
- name: Install envsubst
|
||||
run: |
|
||||
sudo apt-get update && sudo apt-get install -y gettext
|
||||
|
||||
- name: Render and export EXTRA_ARGS
|
||||
run: |
|
||||
if [ -n "$CUSTOM_HELM_SET_TEMPLATE" ]; then
|
||||
export EXTRA_ARGS=$(echo "$CUSTOM_HELM_SET_TEMPLATE" | envsubst)
|
||||
else
|
||||
export EXTRA_ARGS=""
|
||||
fi
|
||||
echo "EXTRA_ARGS=$EXTRA_ARGS" >> "$GITHUB_ENV"
|
||||
|
||||
- name: Install chart
|
||||
run: |
|
||||
helm upgrade --install --cleanup-on-fail --atomic --timeout 2m --wait ${{ inputs.APP_NAME }} ./chart \
|
||||
--namespace ${{ env.NAMESPACE }} \
|
||||
--set image.repository=${{ inputs.REGISTRY }}/${{ inputs.REGISTRY_USER }}/${{ inputs.APP_NAME }} \
|
||||
--set image.tag=${{ env.VERSION }} \
|
||||
-f ${{ env.VALUES_FILE }}
|
||||
-f ${{ env.VALUES_FILE }} ${{ env.EXTRA_ARGS }}
|
||||
@@ -6,10 +6,18 @@ on:
|
||||
required: true
|
||||
type: string
|
||||
description: Prisma db url secret path in vault for prod
|
||||
PROD_PRISMA_SECRET_DB_DIRECT_PATH:
|
||||
required: true
|
||||
type: string
|
||||
description: Prisma db url secret path in vault for prod
|
||||
DEV_PRISMA_SECRET_DB_PATH:
|
||||
required: true
|
||||
type: string
|
||||
description: Prisma db url secret path in vault for dev
|
||||
DEV_PRISMA_SECRET_DB_DIRECT_PATH:
|
||||
required: true
|
||||
type: string
|
||||
description: Prisma db url_direct secret path in vault for dev
|
||||
secrets:
|
||||
VAULT_TOKEN:
|
||||
required: true
|
||||
@@ -22,8 +30,20 @@ jobs:
|
||||
image: catthehacker/ubuntu:act-22.04
|
||||
steps:
|
||||
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v3
|
||||
- name: Import Common Secrets
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
cicd/data/submodule token | SUBMODULE_TOKEN ;
|
||||
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
fetch-depth: 0
|
||||
token: ${{ env.SUBMODULE_TOKEN }}
|
||||
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@v3
|
||||
@@ -33,21 +53,25 @@ jobs:
|
||||
|
||||
- name: Export secrets for prisma
|
||||
run: |
|
||||
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
||||
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
|
||||
echo "PRISMA_DB_SECRET_PATH=${{ inputs.PROD_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
|
||||
echo "PRISMA_DB_DIRECT_SECRET_PATH=${{ inputs.PROD_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
|
||||
else
|
||||
echo "PRISMA_DB_SECRET_PATH=${{ inputs.DEV_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
|
||||
echo "PRISMA_DB_DIRECT_SECRET_PATH=${{ inputs.DEV_PRISMA_SECRET_DB_PATH }}" >> $GITHUB_ENV
|
||||
fi
|
||||
|
||||
- name: Import prisma db url
|
||||
uses: hashicorp/vault-action@v2
|
||||
with:
|
||||
url: https://vault.project-rent-dev.com
|
||||
url: https://vault.project-quest-dev.com
|
||||
token: ${{ secrets.VAULT_TOKEN }}
|
||||
secrets: |
|
||||
${{ env.PRISMA_DB_SECRET_PATH }} | PRISMA_DB_URL;
|
||||
${{ env.PRISMA_DB_DIRECT_SECRET_PATH }} | PRISMA_DB_DIRECT_URL;
|
||||
|
||||
- name: Apply all pending migrations to the database
|
||||
run: npx prisma migrate deploy
|
||||
env:
|
||||
DATABASE_URL: ${{ env.PRISMA_DB_URL }}
|
||||
DATABASE_URL: ${{ env.PRISMA_DB_URL }}
|
||||
DIRECT_DATABASE_URL: ${{ env.PRISMA_DB_DIRECT_URL }}
|
||||
|
||||
Reference in New Issue
Block a user