-
Notifications
You must be signed in to change notification settings - Fork 1
121 lines (117 loc) · 5.67 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: Build Image
on:
push:
branches: [main]
workflow_dispatch:
jobs:
setup_workflow_env:
runs-on: ubuntu-latest
# Optionally specify the environment that should be used on this branch
# environment: review/dev
outputs:
# It seems you have to specify the environment twice (passed to reusable workflow)
# as there is no way yet to get the active environment
# environment: review/dev
# or see the switch on ref_name script below
environment: ${{ steps.get_environment_from_git_ref.outputs.environment }}
environment_short: ${{ steps.get_environment_from_git_ref.outputs.environment_short }}
image_name: apis-mine-main
# Please note that the next line only works correctly with repositories that don't contain
# upper case characters. If you have such a repo name please replace ${{ github.repository }}
# with org/repo-name (all lower case).
# E. g. ACDH-OEAW/OpenAtlas-Discovery -> acdh-oeaw/openatlas-discovery
registry_root: ghcr.io/${{ github.repository }}/
default_port: "5000"
submodules: "true"
# herokuish_base_image: ghcr.io/acdh-oeaw/herokuish-for-cypress/main:latest-22
APP_NAME: apis-mine
# This together with the branch name is also used as the namespace to deploy to
APP_ROOT: "/"
PUBLIC_URL: "https://mine.acdh-ch-dev.oeaw.ac.at"
# SERVICE_ID: "99999" # Better use GtiHub environment variables for this
# PUBLIC_URL: "https://some-stuff.acdh-ch-dev.oeaw.ac.at" # Better use GitHub environment variables for this
# POSTGRES_ENABLED: "false" # needs to be set to true to enable a postgres db installed next to the deployed app
# You should not need to have to change anything below this line
#-----------------------------------------------------------------------------------------------------
steps:
- name: Get environment from git ref
id: get_environment_from_git_ref
run: |
echo "Running on branch ${{ github.ref_name }}"
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "environment=production"
echo "environment=production" >> $GITHUB_OUTPUT
echo "environment_short=prod" >> $GITHUB_OUTPUT
else
echo "environment=review/${{ github.ref_name }}"
echo "environment=review/${{ github.ref_name }}" >> $GITHUB_OUTPUT
echo "environment_short=$(echo -n ${{ github.ref_name }} | sed s/feature_// | tr '_' '-' | tr '[:upper:]' '[:lower:]' )" >> $GITHUB_OUTPUT
fi
build_and_push_to_registry:
runs-on: ubuntu-latest
needs: [setup_workflow_env]
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
${{ needs.setup_workflow_env.outputs.registry_root }}${{ needs.setup_workflow_env.outputs.image_name }}/${{ github.ref_name }}
#ghcr.io/acdh-oeaw/InTaVia-Backend
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable={{is_default_branch}}
type=raw,value={{sha}},enable={{is_default_branch}}
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to ghcr.io
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Create build environment
env:
SECRETS_CONTEXT: ${{ toJson(secrets) }}
run: |
echo -n "$SECRETS_CONTEXT" | jq -r '[to_entries[]|select(.key|startswith("K8S_SECRET_"))]|map("export \(.key|sub("K8S_SECRET_"; ""))=\(.value|tostring|@sh)")|.[]' > secrets.env
echo -n "$VARS_CONTEXT" | jq -r '[to_entries[]|select(.key|startswith("K8S_SECRET_"))]|map("export \(.key|sub("K8S_SECRET_"; "")): \(.value|tostring|@sh)")|.[]' >> secrets.env
echo -n "$SECRETS_CONTEXT" | jq -r '[to_entries[]|select(.key|startswith("LC_K8S_SECRET_"))]|map("export \(.key|sub("LC_K8S_SECRET_"; "")|ascii_downcase): \(.value|tostring|@sh)")|.[]' >> secrets.env
echo -n "$VARS_CONTEXT" | jq -r '[to_entries[]|select(.key|startswith("LC_K8S_SECRET_"))]|map("export \(.key|sub("LC_K8S_SECRET_"; "")|ascii_downcase): \(.value|tostring|@sh)")|.[]' >> secrets.env
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64
push: true
secret-files: |
"secrets_env=./secrets.env"
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
_3:
needs: [setup_workflow_env, build_and_push_to_registry]
uses: acdh-oeaw/gl-autodevops-minimal-port/.github/workflows/deploy-cluster-2.yml@main
secrets: inherit
with:
DOCKER_TAG: ${{ needs.setup_workflow_env.outputs.registry_root }}${{ needs.setup_workflow_env.outputs.image_name }}/${{ github.ref_name }}
APP_NAME: ${{ needs.setup_workflow_env.outputs.APP_NAME }}
APP_ROOT: ${{ needs.setup_workflow_env.outputs.APP_ROOT }}
SERVICE_ID: ${{ needs.setup_workflow_env.outputs.SERVICE_ID }}
PUBLIC_URL: ${{ needs.setup_workflow_env.outputs.PUBLIC_URL }}
POSTGRES_ENABLED: ${{ needs.setup_workflow_env.outputs.POSTGRES_ENABLED == 'true'}}
environment: "${{ needs.setup_workflow_env.outputs.environment}}"
default_port: "${{ needs.setup_workflow_env.outputs.default_port}}"