-
Notifications
You must be signed in to change notification settings - Fork 1
113 lines (96 loc) · 3.82 KB
/
cd-staging.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when a release is created
#
# To configure this workflow:
#
# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc.
#
# 2. Set up secrets in your workspace: GKE_PROJECT with the name of the project and GKE_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs).
#
# 3. Change the values for the GKE_ZONE, GKE_CLUSTER, IMAGE, and DEPLOYMENT_NAME environment variables (below).
#
# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke
name: Build and deploy to staging
on:
push:
branches:
- master
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
GKE_CLUSTER: kipr
GKE_ZONE: us-central1-a
IMAGE: kipr/database
concurrency: ${{ github.workflow }}
jobs:
build-publish:
name: Build and publish
runs-on: ubuntu-latest
outputs:
image_version: ${{ steps.image_tag.outputs.IMAGE_TAG }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
submodules: true
lfs: true
- name: Pull LFS
run: git lfs pull
# Calculate image tag name from commit hash
- name: Set image tag output
id: image_tag
run: |-
echo "::set-output name=IMAGE_TAG::${GITHUB_SHA::8}"
# Setup gcloud CLI
- name: Set up gcloud CLI
uses: google-github-actions/setup-gcloud@v0.2.1
with:
service_account_key: ${{ secrets.GCR_SA_KEY }}
project_id: ${{ secrets.GKE_PROJECT }}
# Ensure there isn't already a Docker image for this version
- name: Ensure Docker image does not exist
run: |-
NUM_IMAGES=$(gcloud container images list-tags gcr.io/kipr-321905/kipr/database --filter="tags:${{ steps.image_tag.outputs.IMAGE_TAG }}" --format=json | jq '. | length')
if (( NUM_IMAGES > 0 )); then exit 1; fi
# Configure Docker to use the gcloud command-line tool as a credential helper for authentication
- name: Configure Docker with gcloud
run: |-
gcloud --quiet auth configure-docker
# Build the Docker image
- name: Build Docker image
run: |-
docker build \
--tag "gcr.io/$PROJECT_ID/$IMAGE:${{ steps.image_tag.outputs.IMAGE_TAG }}" \
.
# Push the Docker image to Google Container Registry
- name: Publish Docker image to GCR
run: |-
docker push "gcr.io/$PROJECT_ID/$IMAGE:${{ steps.image_tag.outputs.IMAGE_TAG }}"
deploy-to-staging:
name: Deploy to staging
runs-on: ubuntu-latest
needs: build-publish
steps:
- name: Checkout deployment repo
uses: actions/checkout@v2
with:
repository: 'kipr/kipr-yamls'
ssh-key: ${{ secrets.KIPR_YAMLS_REPO_KEY }}
# Get the GKE credentials so we can deploy to the cluster
- name: Get GKE credentials
uses: google-github-actions/get-gke-credentials@v0.2.1
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GKE_ZONE }}
credentials: ${{ secrets.GCR_SA_KEY }}
- name: Deploy to GKE
run: |-
helm upgrade \
--install \
--namespace prerelease \
--values ./database/values.prerelease.yaml \
--set imageVersion=${{ needs.build-publish.outputs.image_version }} \
--set secrets.serviceAccountKeyString=$FIRESTORE_SERVICE_ACCOUNT \
--set redisHost=redis-master.prerelease.svc.cluster.local \
database-prerelease ./database
shell: bash
env:
FIRESTORE_SERVICE_ACCOUNT: ${{ secrets.FIRESTORE_SERVICE_ACCOUNT }}