init commit
This commit is contained in:
commit
7dabe9f65c
154
.gitea/workflows/base.yaml
Normal file
154
.gitea/workflows/base.yaml
Normal file
@ -0,0 +1,154 @@
|
|||||||
|
name: Base workflow which build and push docker, run prisma migrations and deploy helm to k8s
|
||||||
|
on:
|
||||||
|
workflow_call:
|
||||||
|
inputs:
|
||||||
|
APP_NAME:
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
description: Application name which would be the name of Docker and Helm release
|
||||||
|
# default:
|
||||||
|
GITEA_REGISTRY:
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
default: registry.project-rent-dev.com
|
||||||
|
NAMESPACE:
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
description: Namespace where Helm Release would be install
|
||||||
|
secrets:
|
||||||
|
PRISMA_DB_URL:
|
||||||
|
required: true
|
||||||
|
description: Secret where db url for migration stores
|
||||||
|
REGISTRY_USERNAME:
|
||||||
|
required: true
|
||||||
|
description: Service acc name for registry
|
||||||
|
REGISTRY_PASSWORD:
|
||||||
|
required: true
|
||||||
|
description: Service acc password for registry
|
||||||
|
KUBECONF:
|
||||||
|
required: true
|
||||||
|
description: Kubeconf which allow to deploy Helm release to namespace
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
|
||||||
|
### Build docker image
|
||||||
|
build:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: catthehacker/ubuntu:act-22.04
|
||||||
|
|
||||||
|
steps:
|
||||||
|
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Set up Docker BuildX
|
||||||
|
uses: docker/setup-buildx-action@v2
|
||||||
|
|
||||||
|
- &get_version
|
||||||
|
name: Extract version from tag or set commit SHA
|
||||||
|
id: vars
|
||||||
|
run: |
|
||||||
|
if [ "${{ github.ref_type }}" = "tag" ]; then
|
||||||
|
echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
|
||||||
|
else
|
||||||
|
VERSION=$(echo "${{ github.sha }}" | cut -c1-7)
|
||||||
|
echo "VERSION=$VERSION" >> $GITHUB_ENV
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Login to Docker registry
|
||||||
|
uses: docker/login-action@v2
|
||||||
|
with:
|
||||||
|
registry: ${{ env.GITEA_REGISTRY }}
|
||||||
|
username: ${{ secrets.REGISTRY_USERNAME }}
|
||||||
|
password: ${{ secrets.REGISTRY_PASSWORD }}
|
||||||
|
|
||||||
|
- name: Build Docker image
|
||||||
|
run: |
|
||||||
|
docker build -t ${{ env.GITEA_REGISTRY }}/${{ secrets.REGISTRY_USERNAME }}/$APP_NAME:${{ env.VERSION }} .
|
||||||
|
|
||||||
|
- name: Push Docker image
|
||||||
|
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
|
||||||
|
run: |
|
||||||
|
docker push ${{ env.GITEA_REGISTRY }}/${{ secrets.REGISTRY_USERNAME }}/$APP_NAME:${{ env.VERSION }}
|
||||||
|
|
||||||
|
- name: Logout from Docker registry
|
||||||
|
run: docker logout ${{ env.GITEA_REGISTRY }}
|
||||||
|
|
||||||
|
### Run prisma migrations
|
||||||
|
migration:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') # Condition
|
||||||
|
container:
|
||||||
|
image: catthehacker/ubuntu:act-22.04
|
||||||
|
needs: build
|
||||||
|
steps:
|
||||||
|
|
||||||
|
- name: Checkout repo
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Setup Node
|
||||||
|
uses: actions/setup-node@v3
|
||||||
|
|
||||||
|
- name: Install dependencies
|
||||||
|
run: npm install
|
||||||
|
|
||||||
|
## TODO: practice to work with vault from CI
|
||||||
|
# - name: Import secret
|
||||||
|
# uses: hashicorp/vault-action@v2
|
||||||
|
# with:
|
||||||
|
# url: 'https://vault.project-rent-dev.com'
|
||||||
|
# role_id: ${{ secrets.VAULT_ROLE_ID }}
|
||||||
|
# secret_id: ${{ secrets.VAULT_SECRET_ID }}
|
||||||
|
# secrets: cicd/data/prisma/db url | DATABASE_URL
|
||||||
|
|
||||||
|
- name: Apply all pending migrations to the database
|
||||||
|
run: npx prisma migrate deploy
|
||||||
|
env:
|
||||||
|
DATABASE_URL: ${{ secrets.PRISMA_DB_URL }}
|
||||||
|
|
||||||
|
deploy:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: [migration, build]
|
||||||
|
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') # Condition
|
||||||
|
container:
|
||||||
|
image: catthehacker/ubuntu:act-22.04
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Extract version from tag or set commit SHA
|
||||||
|
id: vars
|
||||||
|
run: |
|
||||||
|
if [ "${{ github.ref_type }}" = "tag" ]; then
|
||||||
|
echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
|
||||||
|
else
|
||||||
|
VERSION=$(echo "${{ github.sha }}" | cut -c1-7)
|
||||||
|
echo "VERSION=$VERSION" >> $GITHUB_ENV
|
||||||
|
fi
|
||||||
|
|
||||||
|
### TO:DO make something with chart, helm allow only semantic
|
||||||
|
# - name: Package chart
|
||||||
|
# run: |
|
||||||
|
# helm package chart/ --version ${{ env.VERSION }}
|
||||||
|
|
||||||
|
- name: Install helm
|
||||||
|
uses: azure/setup-helm@v4.2.0
|
||||||
|
with:
|
||||||
|
version: latest
|
||||||
|
|
||||||
|
- name: Set up Kubectl
|
||||||
|
uses: azure/k8s-set-context@v4
|
||||||
|
with:
|
||||||
|
kubeconfig: ${{ secrets.PROD_KUBECONF }}
|
||||||
|
|
||||||
|
- name: Install chart
|
||||||
|
run: |
|
||||||
|
helm upgrade --install --cleanup-on-fail --atomic --timeout 2m --wait $APP_NAME ./chart \
|
||||||
|
--create-namespace --namespace $NAMESPACE \
|
||||||
|
--set image.repository=${{ env.GITEA_REGISTRY }}/${{ secrets.REGISTRY_USERNAME }}/$APP_NAME \
|
||||||
|
--set image.tag=${{ env.VERSION }} \
|
||||||
|
-f chart/values-prod.yaml
|
||||||
Loading…
x
Reference in New Issue
Block a user