Skip to content

Deploy

Deploy #8

Workflow file for this run

name: Deploy
on:
workflow_dispatch:
jobs:
deploy:
name: Deploy to Google Kubernetes Engine
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: 'Get Previous tag'
id: previoustag
uses: "WyriHaximus/github-action-get-previous-tag@v1"
with:
fallback: 1.0.0
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.SERVICE_ACCOUNT }}
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
with:
version: '>= 363.0.0'
- name: 'Use gcloud CLI'
run: 'gcloud info'
- name: Setup Terraform CLI
uses: hashicorp/setup-terraform@v2.0.2
- name: Terraform init
id: init
run: terraform init
working-directory: ./.terraform
- name: Terraform plan
id: plan
run: terraform plan -no-color -var "project=${{vars.PROJECT_ID}}"
continue-on-error: true
working-directory: ./.terraform
- uses: actions/github-script@v6
env:
PLAN: "terraform\n${{ steps.plan.outputs.stdout }}"
with:
script: |
const output = `#### Terraform Format and Style \`${{ steps.fmt.outcome }}\`
#### Terraform Initialization \`${{ steps.init.outcome }}\`
#### Terraform Validation \`${{ steps.validate.outcome }}\`
#### Terraform Plan \`${{ steps.plan.outcome }}\`
<details><summary>Show Plan</summary>
\`\`\`\n
${process.env.PLAN}
\`\`\`
</details>
*Created by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1
working-directory: ./.terraform
- name: Terraform Apply
if: github.ref == 'refs/heads/master'
run: |
terraform apply -auto-approve -var "project=${{vars.PROJECT_ID}}"
working-directory: ./.terraform
- name: Install kubectl
run: sudo snap install kubectl --classic
- name: Install helm
run: sudo snap install helm --classic
- name: Configure kubectl
run: |
gcloud components install gke-gcloud-auth-plugin --quiet
gcloud container clusters get-credentials ruettel-report --region europe-west6
- name: Deploy App
run: |
helm repo add spark-operator https://googlecloudplatform.github.io/spark-on-k8s-operator
helm repo add kong https://charts.konghq.com
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add fusionauth https://fusionauth.github.io/charts
helm repo add bitnami https://charts.bitnami.com/bitnami
helm install spark spark-operator/spark-operator --namespace spark-operator --create-namespace -f spark-operator-values.yaml
helm install mongodb bitnami/mongodb -f mongodb-values.yaml --set auth.usernames=${{secrets.MONGODB_USER}} --set auth.passwords=${{secrets.MONGODB_PW}} --set auth.rootPassword=${{secrets.MONGODB_ROOT_PW}} -n shared --create-namespace
helm install kong kong/ingress -n kong --create-namespace
helm install promstack prometheus-community/kube-prometheus-stack --namespace monitoring --version 52.1.0 -f values-monitoring.yaml
helm upgrade kong kong/ingress -n kong --set gateway.serviceMonitor.enabled=true --set gateway.serviceMonitor.labels.release=promstack
kubectl apply -f kong-prometheus-plugin.yaml
helm upgrade ruettel-chart ./ruettel-chart --set image.tag=${{ steps.previoustag.outputs.tag }} --set analysis.mongoConnectionUri=${{secrets.MONGODB_CONNECTION_URI}} --set nuxt.mongoConnectionUri=${{secrets.MONGODB_CONNECTION_URI}} --set nuxt.fusionAuthApiKey=${{secrets.FUSIONAUTH_API_KEY}} --set nuxt.access_token_signing_key_id_free=${{secrets.ACCESS_TOKEN_SIGNING_KEY_ID_FREE}} --set nuxt.access_token_signing_key_id_premium=${{secrets.ACCESS_TOKEN_SIGNING_KEY_ID_PREMIUM}} --set kong.premiumConsumerSecret=${{secrets.KONG_PREMIUM_CONSUMER_SECRET}} --set kong.freeConsumerSecret=${{secrets.KONG_FREE_CONSUMER_SECRET}}
helm install my-fusion fusionauth/fusionauth -f fa-values.yaml --set database.host=${{vars.GCLOUD_POSTGRES_HOST}} --set database.root.user=${{secrets.GCLOUD_POSTGRES_USER}} --set database.root.password=${{secrets.GCLOUD_POSTGRES_PW}} --set kickstart.data=${{secrets.FUSIONAUTH_KICKSTART}}
working-directory: ./.helm