106 lines
3.5 KiB
YAML
106 lines
3.5 KiB
YAML
name: Workflow for deploy helm to k8s
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
APP_NAME:
|
|
required: true
|
|
type: string
|
|
description: Application name which would be the name of Docker and Helm release
|
|
REGISTRY:
|
|
required: true
|
|
type: string
|
|
default: registry.project-rent-dev.com
|
|
PROD_NAMESPACE:
|
|
required: true
|
|
type: string
|
|
description: Namespace where PROD Helm Release would be install
|
|
default: greedy
|
|
DEV_NAMESPACE:
|
|
required: true
|
|
type: string
|
|
description: Namespace where DEV Helm Release would be install
|
|
default: greedy-dev
|
|
PROD_VALUES_FILE:
|
|
required: true
|
|
type: string
|
|
description: Prod values file location in repo
|
|
default: chart/values-prod.yaml
|
|
DEV_VALUES_FILE:
|
|
required: true
|
|
type: string
|
|
description: Dev values file location in repo
|
|
default: chart/values-dev.yaml
|
|
REGISTRY_USER:
|
|
type: string
|
|
default: registry-bot
|
|
description: Because of gitea registry specific docker images path we need that var
|
|
DEV_KUBECONF_SECRET_PATH:
|
|
required: true
|
|
type: string
|
|
description: Kubeconf secret path in vault for dev
|
|
PROD_KUBECONF_SECRET_PATH:
|
|
required: true
|
|
type: string
|
|
description: Kubeconf secret path in vault for prod
|
|
secrets:
|
|
VAULT_TOKEN:
|
|
required: true
|
|
|
|
jobs:
|
|
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: catthehacker/ubuntu:act-22.04
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Extract version from tag or set commit SHA
|
|
id: vars
|
|
run: |
|
|
if [ "${{ github.ref_type }}" = "tag" ]; then
|
|
echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV
|
|
else
|
|
VERSION=$(echo "${{ github.sha }}" | cut -c1-7)
|
|
echo "VERSION=$VERSION" >> $GITHUB_ENV
|
|
fi
|
|
|
|
- name: Export secrets for deploy
|
|
run: |
|
|
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
|
echo "NAMESPACE=${{ inputs.PROD_NAMESPACE }}" >> $GITHUB_ENV
|
|
echo "VALUES_FILE=${{ inputs.PROD_VALUES_FILE }}" >> $GITHUB_ENV
|
|
echo "KUBECONF=${{ inputs.PROD_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
|
|
else
|
|
echo "NAMESPACE=${{ inputs.DEV_NAMESPACE }}" >> $GITHUB_ENV
|
|
echo "VALUES_FILE=${{ inputs.DEV_VALUES_FILE }}" >> $GITHUB_ENV
|
|
echo "KUBECONF=${{ inputs.DEV_KUBECONF_SECRET_PATH }}" >> $GITHUB_ENV
|
|
fi
|
|
|
|
- name: Import config of k8s
|
|
uses: hashicorp/vault-action@v2
|
|
with:
|
|
url: https://vault.project-rent-dev.com
|
|
token: ${{ secrets.VAULT_TOKEN }}
|
|
secrets: |
|
|
${{ env.KUBECONF }} | KUBECONFIG;
|
|
|
|
- name: Install helm
|
|
uses: azure/setup-helm@v4.2.0
|
|
with:
|
|
version: latest
|
|
|
|
- name: Set up Kubectl
|
|
uses: azure/k8s-set-context@v4
|
|
with:
|
|
kubeconfig: ${{ env.KUBECONFIG }}
|
|
|
|
- name: Install chart
|
|
run: |
|
|
helm upgrade --install --cleanup-on-fail --atomic --timeout 2m --wait ${{ inputs.APP_NAME }} ./chart \
|
|
--namespace ${{ env.NAMESPACE }} \
|
|
--set image.repository=${{ inputs.REGISTRY }}/${{ inputs.REGISTRY_USER }}/${{ inputs.APP_NAME }} \
|
|
--set image.tag=${{ env.VERSION }} \
|
|
-f ${{ env.VALUES_FILE }} |