deploy #200

Workflow file for this run

	name: deploy
	on:
	workflow_dispatch:
	workflow_run:
	workflows: [test]
	types: [completed]

	env:
	DOCKER_REGISTRY_URL: harbor-core.registry.svc

	jobs:
	build:
	name: Build application image
	runs-on: arc-runner-set
	if: ${{ github.event.workflow_run.conclusion == 'success' \|\| github.event_name == 'workflow_dispatch' }}
	outputs:
	branch: ${{ steps.branch.outputs.name }}
	steps:
	- uses: actions/checkout@v4
	- name: Extract branch name
	id: branch
	run: \|
	TMP_PULL_HEAD_REF="${{ github.head_ref }}"
	TMP_GITHUB_REF="${GITHUB_REF#refs/heads/}"
	GIT_BRANCH=""
	if [ "${TMP_PULL_HEAD_REF}" != "" ]
	then
	GIT_BRANCH="${TMP_PULL_HEAD_REF}"
	else
	GIT_BRANCH="${TMP_GITHUB_REF}"
	fi

	if [[ $GIT_BRANCH == feature/* ]]; then
	BRANCH="${GIT_BRANCH##*/}"
	elif [[ $GIT_BRANCH == main ]] \|\| [[ $GIT_BRANCH == dev ]] \|\| [[ $GIT_BRANCH == stage ]]; then
	BRANCH="$GIT_BRANCH"
	else
	BRANCH=""
	fi

	echo "name=$BRANCH" >> $GITHUB_OUTPUT
	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	# list of Docker images to use as base name for tags
	images: \|
	${{ env.DOCKER_REGISTRY_URL }}:80/default/budget-tracker
	# generate Docker tags based on the following events/attributes
	tags: \|
	type=ref,event=branch
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}
	type=semver,pattern={{major}}
	type=sha
	type=raw,value=latest
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	driver-opts: network=host
	buildkitd-config-inline: \|
	[registry."${{ env.DOCKER_REGISTRY_URL }}:80"]
	insecure = true
	http = true
	- name: Login to registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.DOCKER_REGISTRY_URL }}:80
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}
	- name: Build and push
	uses: docker/build-push-action@v5
	with:
	context: .
	file: ./docker/prod/Dockerfile
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=registry,ref=${{ env.DOCKER_REGISTRY_URL }}:80/default/budget-tracker:latest
	cache-to: type=inline
	test:
	name: Test k8s manifests
	runs-on: arc-runner-set
	needs: build
	outputs:
	branch: ${{ needs.build.outputs.branch }}
	steps:
	- uses: actions/checkout@v4
	- name: Prepare k8s manifests
	run: \|
	DB_NAME="budget_tracker_${{ needs.build.outputs.branch }}"
	DB_PASSWORD="password"

	find k8s -type f \| xargs sed -i -e "s/\${DB_NAME}/$DB_NAME/g"
	find k8s -type f \| xargs sed -i -e "s\|\${DB_PASSWORD}\|$DB_PASSWORD\|g"
	find k8s -type f \| xargs sed -i -e "s/\${DB_HOST}/${{ secrets.DB_HOST }}/g"

	NAME="budget-tracker-${{ needs.build.outputs.branch }}"
	find k8s -type f \| xargs sed -i -e "s/\${NAME}/$NAME/g"

	if [[ ${{ needs.build.outputs.branch }} == main ]]; then
	SUBDOMAIN=""
	else
	SUBDOMAIN="${{ needs.build.outputs.branch }}."
	fi
	find k8s -type f \| xargs sed -i -e "s/\${SUBDOMAIN}/$SUBDOMAIN/g"

	APP_KEY="base64:$(openssl rand 32 \| base64)"
	find k8s -type f \| xargs sed -i -e "s\|\${APP_KEY}\|$APP_KEY\|g"

	IMAGE="${{ env.DOCKER_REGISTRY_URL }}:80/default/budget-tracker:sha-$(echo ${GITHUB_SHA} \| cut -c1-7)"
	find k8s -type f \| xargs sed -i -e "s\|\${IMAGE}\|$IMAGE\|g"

	docker pull $IMAGE

	kubectl kustomize k8s -o k8s/tests/e2e/00-install.yaml
	- name: Run tests
	run: \|
	cd k8s/tests
	export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
	kubectl kuttl test
	push:
	name: Update k8s resources
	runs-on: arc-runner-set
	environment: production
	concurrency:
	group: production
	cancel-in-progress: true
	needs: test
	steps:
	- uses: actions/checkout@v4
	- name: Create database if doesn't exists
	run: \|
	DB_NAME="budget_tracker_${{ needs.test.outputs.branch }}"
	find k8s -type f \| xargs sed -i -e "s/\${DB_NAME}/$DB_NAME/g"

	EXISTS=$(mariadb -h ${{ secrets.DB_HOST }} -u${{ secrets.DB_USERNAME }} -p${{ secrets.DB_PASSWORD }} -e " \
	SELECT SCHEMA_NAME \
	FROM INFORMATION_SCHEMA.SCHEMATA \
	WHERE SCHEMA_NAME = \"$DB_NAME\"; \
	")

	if [[ -n "$EXISTS" ]]; then
	DB_PASSWORD="$(kubectl get secret --namespace apps $DB_NAME-env -o jsonpath="{.data.DB_PASSWORD}" \| base64 -d)"
	else
	DB_PASSWORD="$(openssl rand -base64 18)"

	mariadb -h ${{ secrets.DB_HOST }} -u${{ secrets.DB_USERNAME }} -p${{ secrets.DB_PASSWORD }} -e " \
	CREATE DATABASE $DB_NAME; \
	CREATE USER $DB_NAME@'%' IDENTIFIED BY \"$DB_PASSWORD\"; \
	GRANT ALL PRIVILEGES ON $DB_NAME.* TO $DB_NAME@'%'; \
	"
	fi

	find k8s -type f \| xargs sed -i -e "s\|\${DB_PASSWORD}\|$DB_PASSWORD\|g"
	find k8s -type f \| xargs sed -i -e "s/\${DB_HOST}/${{ secrets.DB_HOST }}/g"
	- name: Prepare k8s manifests
	run: \|
	NAME="budget-tracker-${{ needs.test.outputs.branch }}"
	find k8s -type f \| xargs sed -i -e "s/\${NAME}/$NAME/g"

	if [[ ${{ needs.test.outputs.branch }} == main ]]; then
	SUBDOMAIN=""
	else
	SUBDOMAIN="${{ needs.test.outputs.branch }}."
	fi
	find k8s -type f \| xargs sed -i -e "s/\${SUBDOMAIN}/$SUBDOMAIN/g"

	APP_KEY="base64:$(openssl rand 32 \| base64)"
	find k8s -type f \| xargs sed -i -e "s\|\${APP_KEY}\|$APP_KEY\|g"

	IMAGE="${{ env.DOCKER_REGISTRY_URL }}/default/budget-tracker:sha-$(echo ${GITHUB_SHA} \| cut -c1-7)"
	find k8s -type f \| xargs sed -i -e "s\|\${IMAGE}\|$IMAGE\|g"
	- name: Update k8s resources
	run: \|
	kubectl apply -k k8s

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deploy #200

Workflow file

deploy #200

Jobs

Run details

Workflow file for this run