From 1916a60349217801a40eb0f0c42b979e188feb49 Mon Sep 17 00:00:00 2001
From: Francesco Camuffo <dev@fmac.xyz>
Date: Fri, 11 Oct 2024 14:46:13 +0200
Subject: [PATCH] Add K8s deploy workflow
---
.github/workflows/k8s-deploy.yml | 82 ++++++++++++++++++++++++++++++++
1 file changed, 82 insertions(+)
create mode 100644 .github/workflows/k8s-deploy.yml
diff --git a/.github/workflows/k8s-deploy.yml b/.github/workflows/k8s-deploy.yml
new file mode 100644
index 0000000..58ff00a
--- /dev/null
+++ b/.github/workflows/k8s-deploy.yml
@@ -0,0 +1,82 @@
+name: Deploy to Kubernetes
+
+on:
+ push:
+ branches: ["development", "k8s-deploy"]
+ pull_request:
+ branches: ["development"]
+
+jobs:
+ deploy:
+ env:
+ BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+ REGISTRY: ghcr.io
+ IMAGE_NAME: ${{ github.repository }}
+ NAMESPACE: "gn-demo-${{ github.head_ref || github.ref_name }}"
+ KUBECONFIG: "${{ github.workspace }}/.kube/config"
+
+ runs-on: ubuntu-24.04
+
+ permissions:
+ contents: read
+ packages: write
+ attestations: write
+ id-token: write
+
+ steps:
+ - name: Branch safety check
+ run: '[ "${{ env.BRANCH_NAME }}" = "development" ] || [ "${{ env.BRANCH_NAME }}" = "stable" ]'
+
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - name: Log in to the Container registry
+ uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+ with:
+ registry: ${{ env.REGISTRY }}
+ username: ${{ github.actor }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+
+ # - name: Build and push Docker image
+ # id: push
+ # uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+ # with:
+ # context: .
+ # file: ./Dockerfile
+ # push: true
+ # tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BRANCH_NAME }}
+
+ - name: "Write to $KUBECONFIG"
+ run: |
+ mkdir -p '${{ github.workspace }}/.kube' \
+ && umask 177 \
+ && echo '${{ secrets.K8S_CONFIG }}' > "$KUBECONFIG"
+
+ - run: |
+ kubectl version \
+ && kubectl -n ${{ env.NAMESPACE }} get pods
+
+ - name: Checkout Helm chart repo
+ uses: actions/checkout@v4
+ with:
+ repository: geosolutions-it/geonode-k8s
+ path: geonode-k8s
+
+ - name: Read Helm values from secret
+ working-directory: ./geonode-k8s
+ run: |
+ # HACK: GitHub secrets are limited to 48 KB, so we compress the file.
+ # cat custom-values.yaml | gzip | base64 -w0
+ if [ "${{ env.BRANCH_NAME }}" = "development" ]; then
+ printf "%s" "${{ secrets.HELM_VALUES_DEVELOPMENT }}" | base64 -d | gunzip > custom-values.yaml
+ elif [ "${{ env.BRANCH_NAME }}" = "stable" ]; then
+ printf "%s" "${{ secrets.HELM_VALUES_STABLE }}" | base64 -d | gunzip > custom-values.yaml
+ fi
+
+ - name: Deploy to Kubernetes
+ working-directory: ./geonode-k8s
+ run: |
+ helm version \
+ && helm list -n ${{ env.NAMESPACE }} \
+ && helm dependency build \
+ && helm upgrade --cleanup-on-fail --install --namespace ${{ env.NAMESPACE }} --create-namespace --values custom-values.yaml gn-demo-${{ env.BRANCH_NAME }} charts/geonode