-
-
Notifications
You must be signed in to change notification settings - Fork 206
124 lines (120 loc) · 4.72 KB
/
cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: CD
on:
push:
branches:
- main
# Deploy if "deploy" label exists
pull_request:
types: [ reopened, synchronize, labeled ]
# Do not use concurrency to prevent simultaneous helm deployments
jobs:
build:
name: Build
if: ${{ github.repository == 'api-platform/demo' && (github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'deploy')) }}
runs-on: ubuntu-latest
env:
PHP_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/php:${{ github.sha }}
PWA_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/pwa:${{ github.sha }}
CADDY_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/caddy:${{ github.sha }}
KEYCLOAK_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/keycloak:${{ github.sha }}
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
# gcloud does not work with Python 3.10 because "collections.Mappings" was removed in Python 3.10.
-
uses: actions/setup-python@v4
with:
python-version: 3.9.15
-
name: Auth gcloud
uses: google-github-actions/auth@v1
with:
credentials_json: ${{ secrets.GKE_SA_KEY }}
-
name: Setup gcloud
uses: google-github-actions/setup-gcloud@v1
with:
project_id: ${{ secrets.GKE_PROJECT }}
-
name: Configure gcloud
run: |
gcloud --quiet auth configure-docker
gcloud container clusters get-credentials api-platform-demo --zone europe-west1-c
-
name: Build Docker images
uses: docker/bake-action@v3
with:
# push and load may not be set together
# must push manually in a next step
pull: true
load: true
files: |
docker-compose.yml
docker-compose.prod.yml
set: |
*.cache-from=type=gha,scope=${{github.ref}}
*.cache-from=type=gha,scope=refs/heads/main
*.cache-to=type=gha,scope=${{github.ref}},mode=max
-
name: Docker push
run: |
docker push $PHP_DOCKER_IMAGE
docker push $PWA_DOCKER_IMAGE
docker push $CADDY_DOCKER_IMAGE
docker push $KEYCLOAK_DOCKER_IMAGE
-
name: Docker tag and push latest
if: github.event_name == 'push'
run: |
docker tag $PHP_DOCKER_IMAGE eu.gcr.io/${{ secrets.GKE_PROJECT }}/php:latest
docker tag $PWA_DOCKER_IMAGE eu.gcr.io/${{ secrets.GKE_PROJECT }}/pwa:latest
docker tag $CADDY_DOCKER_IMAGE eu.gcr.io/${{ secrets.GKE_PROJECT }}/caddy:latest
docker tag $KEYCLOAK_DOCKER_IMAGE eu.gcr.io/${{ secrets.GKE_PROJECT }}/keycloak:latest
docker push eu.gcr.io/${{ secrets.GKE_PROJECT }}/php:latest
docker push eu.gcr.io/${{ secrets.GKE_PROJECT }}/pwa:latest
docker push eu.gcr.io/${{ secrets.GKE_PROJECT }}/caddy:latest
docker push eu.gcr.io/${{ secrets.GKE_PROJECT }}/keycloak:latest
deploy:
name: Deploy
needs: [ build ]
if: github.event_name == 'push'
uses: ./.github/workflows/deploy.yml
with:
environment: prod
url: demo.api-platform.com
docker-images-version: ${{ github.sha }}
cors: '["https://demo.api-platform.com", "http://localhost", "https://localhost", "http://localhost:3000"]'
release: main
namespace: main
gke-cluster: api-platform-demo
gke-zone: europe-west1-c
secrets:
gke-credentials: ${{ secrets.GKE_SA_KEY }}
gke-project: ${{ secrets.GKE_PROJECT }}
cloudflare-api-token: ${{ secrets.CF_API_TOKEN }}
cloudflare-zone-id: ${{ secrets.CF_ZONE_ID }}
keycloak-admin-password: ${{ secrets.KEYCLOAK_ADMIN_PASSWORD }}
feature-deploy:
name: Feature Deploy
needs: [ build ]
if: github.event_name == 'pull_request'
uses: ./.github/workflows/deploy.yml
with:
environment: pr-${{ github.event.pull_request.number }}
url: pr-${{ github.event.pull_request.number }}-demo.api-platform.com
docker-images-version: ${{ github.sha }}
cors: '["https://pr-${{ github.event.pull_request.number }}-demo.api-platform.com", "http://localhost", "https://localhost", "http://localhost:3000"]'
release: pr-${{ github.event.pull_request.number }}
namespace: pr-${{ github.event.pull_request.number }}
gke-cluster: api-platform-demo
gke-zone: europe-west1-c
secrets:
gke-credentials: ${{ secrets.GKE_SA_KEY }}
gke-project: ${{ secrets.GKE_PROJECT }}
cloudflare-api-token: ${{ secrets.CF_API_TOKEN }}
cloudflare-zone-id: ${{ secrets.CF_ZONE_ID }}
keycloak-admin-password: ${{ secrets.KEYCLOAK_ADMIN_PASSWORD }}