deploy-to-production #429
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy-to-production | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| netmanager: | |
| description: "Deploy [Legacy] Platform" | |
| required: false | |
| type: boolean | |
| website: | |
| description: "Deploy Website" | |
| required: false | |
| type: boolean | |
| website2: | |
| description: "Deploy Website2" | |
| required: false | |
| type: boolean | |
| calibrate_app: | |
| description: "Deploy Calibrate app" | |
| required: false | |
| type: boolean | |
| analytics_platform: | |
| description: "Deploy Analytics Platform" | |
| required: false | |
| type: boolean | |
| docs: | |
| description: "Deploy Docs" | |
| required: false | |
| type: boolean | |
| inventory: | |
| description: "Deploy Inventory" | |
| required: false | |
| type: boolean | |
| reports: | |
| description: "Deploy Reports" | |
| required: false | |
| type: boolean | |
| env: | |
| REGISTRY_URL: eu.gcr.io | |
| PROJECT_ID: airqo-250220 | |
| DEPLOY_BRANCH: staging | |
| jobs: | |
| image-tag: | |
| name: create image tag | |
| runs-on: ubuntu-latest | |
| outputs: | |
| build_id: ${{ steps.prep.outputs.build_id }} # build id | |
| datetime: ${{ steps.prep.outputs.datetime }} # build date | |
| # This job will only run if triggered by Baalmart | |
| if: github.triggering_actor == 'Baalmart' | |
| steps: | |
| - name: generate build ID | |
| id: prep | |
| run: | | |
| sha=${GITHUB_SHA::8} | |
| timestamp=$(date +%s) | |
| datetime=$(date) | |
| echo "build_id=prod-${sha}-${timestamp}" >>$GITHUB_OUTPUT | |
| echo "datetime=${datetime}" >>$GITHUB_OUTPUT | |
| ### build and push netmanager image ### | |
| netmanager: | |
| name: build-push-netmanager-image | |
| needs: [image-tag] | |
| if: inputs.netmanager == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Google login | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
| - name: Setup Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Create .env file | |
| run: gcloud secrets versions access latest --secret="prod-env-netmanager" > src/netmanager/.env | |
| - name: NPM Setup and Build | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "12" | |
| - run: | | |
| cd src/netmanager/ | |
| npm install | |
| CI=false npm run build | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCR_CONFIG }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/netmanager/ | |
| docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-platform-frontend:${{ needs.image-tag.outputs.build_id }} . | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-platform-frontend:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-platform-frontend:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-platform-frontend:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-platform-frontend:latest | |
| - name: Update corresponding helm values file(with retry) | |
| uses: Wandalen/[email protected] # Retries action on fail | |
| with: | |
| action: fjogeleit/yaml-update-action@main # Action to retry | |
| with: | | |
| valueFile: "k8s/netmanager/values-prod.yaml" | |
| propertyPath: "image.tag" | |
| value: ${{ needs.image-tag.outputs.build_id }} | |
| branch: ${{ env.DEPLOY_BRANCH }} | |
| token: ${{ secrets.YAML_UPDATER_TOKEN }} | |
| message: "Update netmanger production image tag to ${{ needs.image-tag.outputs.build_id }}" | |
| createPR: false | |
| - name: Login to K8S | |
| uses: azure/k8s-set-context@v3 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.K8S_CONFIG_PROD }} | |
| - name: Update the corresponding configmap | |
| run: | | |
| kubectl create configmap --dry-run=client -o yaml \ | |
| --from-env-file=src/netmanager/.env env-platform-production | kubectl replace -f - -n production | |
| ### deploy website ### | |
| # website: | |
| # name: build-push-deploy-website | |
| # needs: [image-tag] | |
| # if: inputs.website == true | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v3 | |
| # - name: Login to GCR | |
| # uses: docker/login-action@v2 | |
| # with: | |
| # registry: ${{ env.REGISTRY_URL }} | |
| # username: _json_key | |
| # password: ${{ secrets.GCP_FRONTEND_PROJECT_SA_CREDENTIALS }} | |
| # - name: Set up Docker Buildx | |
| # uses: docker/setup-buildx-action@v1 | |
| # - name: Google login | |
| # uses: google-github-actions/auth@v1 | |
| # with: | |
| # credentials_json: "${{ secrets.GCP_FRONTEND_PROJECT_SA_CREDENTIALS }}" | |
| # - name: Setup Cloud SDK | |
| # uses: "google-github-actions/setup-gcloud@v1" | |
| # - name: Create google_application_credentials.json file | |
| # id: create-google-application-credentials-file | |
| # uses: jsdaniell/[email protected] | |
| # with: | |
| # name: "google_application_credentials.json" | |
| # json: ${{ secrets.GCP_FRONTEND_PROJECT_SA_CREDENTIALS }} | |
| # dir: "src/website/" | |
| # - name: Create app.yaml and .env.yaml files | |
| # run: | | |
| # cd src/website/ | |
| # echo "========== Creating app.yaml file ==========" | |
| # echo "runtime: python" > app.yaml | |
| # echo "env: flex" >> app.yaml | |
| # echo "service: default" >> app.yaml | |
| # echo "includes:" >> app.yaml | |
| # echo " - .env.yaml" >> app.yaml | |
| # echo "automatic_scaling:" >> app.yaml | |
| # echo " cool_down_period_sec: 120" >> app.yaml | |
| # echo " min_num_instances: 1" >> app.yaml | |
| # echo " max_num_instances: 10" >> app.yaml | |
| # echo " cpu_utilization:" >> app.yaml | |
| # echo " target_utilization: 0.8" >> app.yaml | |
| # echo "runtime_config:" >> app.yaml | |
| # echo " operating_system: \"ubuntu22\"" >> app.yaml | |
| # echo " runtime_version: \"3.12\"" >> app.yaml | |
| # echo "========== Creating .env.yaml file ==========" | |
| # echo "env_variables:" > .env.yaml | |
| # echo " SECRET: ${{ secrets.WEBSITE_SECRET }}" >> .env.yaml | |
| # echo " CLOUDINARY_KEY: ${{ secrets.WEBSITE_CLOUDINARY_KEY }}" >> .env.yaml | |
| # echo " CLOUDINARY_NAME: ${{ secrets.WEBSITE_CLOUDINARY_NAME }}" >> .env.yaml | |
| # echo " CLOUDINARY_SECRET: ${{ secrets.WEBSITE_CLOUDINARY_SECRET }}" >> .env.yaml | |
| # echo " DATABASE_URI: ${{ secrets.WEBSITE_PROD_DATABASE_URI }}" >> .env.yaml | |
| # echo " GS_BUCKET_NAME: ${{ secrets.WEBSITE_PROD_GS_BUCKET_NAME }}" >> .env.yaml | |
| # echo " REACT_WEB_STATIC_HOST: ${{ secrets.WEBSITE_PROD_REACT_WEB_STATIC_HOST }}" >> .env.yaml | |
| # echo " SECRET_KEY: ${{ secrets.WEBSITE_PROD_SECRET_KEY }}" >> .env.yaml | |
| # echo " DJANGO_ALLOWED_HOSTS: ${{ secrets.WEBSITE_DJANGO_ALLOWED_HOSTS }}" >> .env.yaml | |
| # echo " DEBUG: False" >> .env.yaml | |
| # echo " GOOGLE_APPLICATION_CREDENTIALS: /app/google_application_credentials.json" >> .env.yaml | |
| # - name: Build and Push Docker Image | |
| # run: | | |
| # cd src/website/ | |
| # docker build . \ | |
| # --build-arg REACT_WEB_STATIC_HOST=${{ secrets.WEBSITE_PROD_REACT_WEB_STATIC_HOST }} \ | |
| # --build-arg REACT_NETMANAGER_BASE_URL=${{ secrets.WEBSITE_PROD_REACT_NETMANAGER_BASE_URL }} \ | |
| # --build-arg REACT_APP_NETMANAGER_URL=${{ secrets.PROD_REACT_APP_NETMANAGER_URL }} \ | |
| # --build-arg REACT_APP_BASE_AIRQLOUDS_URL=${{ secrets.WEBSITE_PROD_REACT_APP_BASE_AIRQLOUDS_URL }} \ | |
| # --build-arg REACT_APP_BASE_NEWSLETTER_URL=${{ secrets.WEBSITE_REACT_APP_BASE_NEWSLETTER_URL }} \ | |
| # --build-arg REACT_APP_WEBSITE_BASE_URL=${{ secrets.WEBSITE_PROD_REACT_APP_WEBSITE_BASE_URL }} \ | |
| # --build-arg REACT_APP_AUTHORIZATION_TOKEN=${{ secrets.WEBSITE_PROD_REACT_APP_AUTHORIZATION_TOKEN }} \ | |
| # --build-arg REACT_APP_GEO_LOCATION_URL=${{ secrets.WEBSITE_PROD_REACT_APP_GEO_LOCATION_URL }} \ | |
| # --build-arg REACT_APP_OPENCAGE_API_KEY=${{ secrets.REACT_APP_OPENCAGE_API_KEY }} \ | |
| # --tag ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website:${{ needs.image-tag.outputs.build_id }} | |
| # docker push ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website:${{ needs.image-tag.outputs.build_id }} | |
| # docker tag ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website:latest | |
| # docker push ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website:latest | |
| # - name: Deploy to App Engine | |
| # run: |- | |
| # cd website/ | |
| # gcloud app deploy \ | |
| # --image-url=${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website:latest \ | |
| # --project=${{ secrets.FRONTEND_PROJECT_ID }} \ | |
| # --quiet | |
| # - name: Delete Old Versions | |
| # run: |- | |
| # service="default" | |
| # versions=$(gcloud app versions list --service=$service --sort-by '~LAST_DEPLOYED' --format 'value(VERSION.ID)' | grep -v 'maintenance' | sort -r | tail -n +4) | |
| # for version in $versions; do | |
| # echo "Deleting version: $version for service: $service" | |
| # gcloud app versions delete "$version" --service=$service --quiet | |
| # done | |
| ### deploy website2 ### | |
| website2: | |
| name: build-push-deploy-website2 | |
| needs: [image-tag] | |
| if: inputs.website2 == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCP_FRONTEND_PROJECT_SA_CREDENTIALS }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Google login | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: "${{ secrets.GCP_FRONTEND_PROJECT_SA_CREDENTIALS }}" | |
| - name: Setup Cloud SDK | |
| uses: "google-github-actions/setup-gcloud@v1" | |
| - name: Create google_application_credentials.json file | |
| id: create-google-application-credentials-file | |
| uses: jsdaniell/[email protected] | |
| with: | |
| name: "google_application_credentials.json" | |
| json: ${{ secrets.GCP_FRONTEND_PROJECT_SA_CREDENTIALS }} | |
| dir: "src/website2/" | |
| - name: Create app.yaml and .env.yaml files | |
| run: | | |
| cd src/website2/ | |
| echo "========== Creating app.yaml file ==========" | |
| echo "runtime: python" > app.yaml | |
| echo "env: flex" >> app.yaml | |
| echo "service: default" >> app.yaml | |
| echo "includes:" >> app.yaml | |
| echo " - .env.yaml" >> app.yaml | |
| echo "automatic_scaling:" >> app.yaml | |
| echo " cool_down_period_sec: 80" >> app.yaml | |
| echo " min_num_instances: 2" >> app.yaml | |
| echo " max_num_instances: 10" >> app.yaml | |
| echo " cpu_utilization:" >> app.yaml | |
| echo " target_utilization: 0.8" >> app.yaml | |
| echo "runtime_config:" >> app.yaml | |
| echo " operating_system: \"ubuntu22\"" >> app.yaml | |
| echo " runtime_version: \"3.12\"" >> app.yaml | |
| echo "readiness_check:" >> app.yaml | |
| echo " check_interval_sec: 5" >> app.yaml | |
| echo " timeout_sec: 4" >> app.yaml | |
| echo " failure_threshold: 2" >> app.yaml | |
| echo " success_threshold: 2" >> app.yaml | |
| echo " app_start_timeout_sec: 1800" >> app.yaml | |
| echo "========== Creating .env.yaml file ==========" | |
| echo "env_variables:" > .env.yaml | |
| echo " SECRET: ${{ secrets.WEBSITE_SECRET }}" >> .env.yaml | |
| echo " NEXT_PUBLIC_API_URL: ${{ secrets.WEBSITE_PROD_NEXT_PUBLIC_API_URL }}" >> .env.yaml | |
| echo " NEXT_PUBLIC_OPENCAGE_API_KEY: ${{ secrets.WEBSITE_NEXT_PUBLIC_OPENCAGE_API_KEY }}" >> .env.yaml | |
| echo " NEXT_PUBLIC_API_TOKEN: ${{ secrets.WEBSITE_PROD_NEXT_PUBLIC_API_TOKEN }}" >> .env.yaml | |
| echo " DEBUG: False" >> .env.yaml | |
| echo " GOOGLE_APPLICATION_CREDENTIALS: /app/google_application_credentials.json" >> .env.yaml | |
| echo " NEXT_PUBLIC_GA_MEASUREMENT_ID: ${{ secrets.WEBSITE_PROD_NEXT_PUBLIC_GA_MEASUREMENT_ID }}" >> .env.yaml | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/website2/ | |
| docker build . \ | |
| --build-arg NEXT_PUBLIC_API_URL=${{ secrets.WEBSITE_PROD_NEXT_PUBLIC_API_URL }} \ | |
| --build-arg NEXT_PUBLIC_OPENCAGE_API_KEY=${{ secrets.WEBSITE_NEXT_PUBLIC_OPENCAGE_API_KEY }} \ | |
| --build-arg NEXT_PUBLIC_API_TOKEN=${{ secrets.WEBSITE_PROD_NEXT_PUBLIC_API_TOKEN }} \ | |
| --tag ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website2:${{ needs.image-tag.outputs.build_id }} | |
| docker push ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website2:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website2:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website2:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website2:latest | |
| - name: Deploy to App Engine | |
| run: |- | |
| cd src/website2/ | |
| gcloud app deploy \ | |
| --image-url=${{ env.REGISTRY_URL }}/${{ secrets.FRONTEND_PROJECT_ID }}/airqo-website2:latest \ | |
| --project=${{ secrets.FRONTEND_PROJECT_ID }} \ | |
| --quiet | |
| - name: Delete Old Versions | |
| run: |- | |
| service="default" | |
| versions=$(gcloud app versions list --service=$service --sort-by '~LAST_DEPLOYED' --format 'value(VERSION.ID)' | grep -v 'maintenance' | sort -r | tail -n +4) | |
| for version in $versions; do | |
| echo "Attempting to delete version: $version for service: $service" | |
| attempt=1 | |
| max_attempts=3 | |
| while [ $attempt -le $max_attempts ]; do | |
| # Check for ongoing operations | |
| if gcloud app operations list --format="value(name)" --filter="status=RUNNING" | grep -q .; then | |
| echo "Another operation is still running. Waiting 30 seconds... (Attempt $attempt/$max_attempts)" | |
| sleep 30 | |
| ((attempt++)) | |
| else | |
| if gcloud app versions delete "$version" --service=$service --quiet; then | |
| echo "Successfully deleted version: $version" | |
| break | |
| else | |
| echo "Failed to delete version: $version. Retrying... ($attempt/$max_attempts)" | |
| sleep 10 | |
| ((attempt++)) | |
| fi | |
| fi | |
| done | |
| if [ $attempt -gt $max_attempts ]; then | |
| echo "Skipping version: $version after $max_attempts failed attempts." | |
| fi | |
| done | |
| ### build and push calibrate app image ### | |
| calibrate-app: | |
| name: build-push-calibrate-app-image | |
| needs: [image-tag] | |
| if: inputs.calibrate_app == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Google login | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
| - name: Setup Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Create .env file | |
| run: gcloud secrets versions access latest --secret="prod-env-calibrate-app" > src/calibrate/.env | |
| - name: NPM Setup and Build | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "12" | |
| - run: | | |
| cd src/calibrate/ | |
| npm install | |
| CI=false npm run build | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCR_CONFIG }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/calibrate/ | |
| docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-calibrate-app:${{ needs.image-tag.outputs.build_id }} . | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-calibrate-app:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-calibrate-app:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-calibrate-app:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-calibrate-app:latest | |
| - name: Update corresponding helm values file(with retry) | |
| uses: Wandalen/[email protected] # Retries action on fail | |
| with: | |
| action: fjogeleit/yaml-update-action@main # Action to retry | |
| with: | | |
| valueFile: "k8s/calibrate/values-prod.yaml" | |
| propertyPath: "image.tag" | |
| value: ${{ needs.image-tag.outputs.build_id }} | |
| branch: ${{ env.DEPLOY_BRANCH }} | |
| token: ${{ secrets.YAML_UPDATER_TOKEN }} | |
| message: "Update calibrate app production image tag to ${{ needs.image-tag.outputs.build_id }}" | |
| - name: Login to K8S | |
| uses: azure/k8s-set-context@v3 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.K8S_CONFIG_PROD }} | |
| - name: Update the corresponding configmap | |
| run: | | |
| kubectl create configmap --dry-run=client -o yaml \ | |
| --from-env-file=src/calibrate/.env env-calibrate-prod | kubectl replace -f - -n production | |
| ### build and push analytics platform image ### | |
| analytics-platform: | |
| name: build-push-analytics-platform-image | |
| needs: [image-tag] | |
| if: inputs.analytics_platform == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Google login | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
| - name: Setup Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Create .env file | |
| run: gcloud secrets versions access latest --secret="prod-env-next-platform" > src/platform/.env | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCR_CONFIG }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/platform/ | |
| docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-next-platform:${{ needs.image-tag.outputs.build_id }} . | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-next-platform:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-next-platform:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-next-platform:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-next-platform:latest | |
| - name: Update corresponding helm values file(with retry) | |
| uses: Wandalen/[email protected] # Retries action on fail | |
| with: | |
| action: fjogeleit/yaml-update-action@main # Action to retry | |
| with: | | |
| valueFile: "k8s/platform/values-prod.yaml" | |
| propertyPath: "image.tag" | |
| value: ${{ needs.image-tag.outputs.build_id }} | |
| branch: ${{ env.DEPLOY_BRANCH }} | |
| token: ${{ secrets.YAML_UPDATER_TOKEN }} | |
| message: "Update analytics platform production image tag to ${{ needs.image-tag.outputs.build_id }}" | |
| - name: Login to K8S | |
| uses: azure/k8s-set-context@v3 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.K8S_CONFIG_PROD }} | |
| - name: Update the corresponding configmap | |
| run: | | |
| kubectl create configmap --dry-run=client -o yaml \ | |
| --from-env-file=src/platform/.env env-next-platform-production | kubectl replace -f - -n production | |
| ### build and push docs image ### | |
| docs: | |
| name: build-push-docs-image | |
| needs: [image-tag] | |
| if: inputs.docs == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCR_CONFIG }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/docs/ | |
| docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-prod-docs:${{ needs.image-tag.outputs.build_id }} . | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-prod-docs:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-prod-docs:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-prod-docs:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-prod-docs:latest | |
| - name: Update corresponding helm values file(with retry) | |
| uses: Wandalen/[email protected] # Retries action on fail | |
| with: | |
| action: fjogeleit/yaml-update-action@main # Action to retry | |
| with: | | |
| valueFile: "k8s/docs/values-prod.yaml" | |
| propertyPath: "image.tag" | |
| value: ${{ needs.image-tag.outputs.build_id }} | |
| branch: ${{ env.DEPLOY_BRANCH }} | |
| token: ${{ secrets.YAML_UPDATER_TOKEN }} | |
| message: "Update docs production image tag to ${{ needs.image-tag.outputs.build_id }}" | |
| ### build and push inventory image ### | |
| inventory: | |
| name: build-push-inventory-image | |
| needs: [image-tag] | |
| if: inputs.inventory == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Google login | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
| - name: Setup Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Create .env file | |
| run: gcloud secrets versions access latest --secret="prod-env-inventory" > src/inventory/.env | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCR_CONFIG }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/inventory/ | |
| docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-inventory:${{ needs.image-tag.outputs.build_id }} . | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-inventory:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-inventory:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-inventory:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-inventory:latest | |
| - name: Update corresponding helm values file(with retry) | |
| uses: Wandalen/[email protected] # Retries action on fail | |
| with: | |
| action: fjogeleit/yaml-update-action@main # Action to retry | |
| with: | | |
| valueFile: "k8s/inventory/values-prod.yaml" | |
| propertyPath: "image.tag" | |
| value: ${{ needs.image-tag.outputs.build_id }} | |
| branch: ${{ env.DEPLOY_BRANCH }} | |
| token: ${{ secrets.YAML_UPDATER_TOKEN }} | |
| message: "Update inventory production image tag to ${{ needs.image-tag.outputs.build_id }}" | |
| - name: Login to K8S | |
| uses: azure/k8s-set-context@v3 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.K8S_CONFIG_PROD }} | |
| - name: Update the corresponding configmap | |
| run: | | |
| kubectl create configmap --dry-run=client -o yaml \ | |
| --from-env-file=src/inventory/.env env-inventory-production | kubectl replace -f - -n production | |
| ### build and push reports image ### | |
| reports: | |
| name: build-push-reports-image | |
| needs: [image-tag] | |
| if: inputs.reports == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Google login | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }} | |
| - name: Setup Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Create .env file | |
| run: gcloud secrets versions access latest --secret="prod-env-reports" > src/reports/.env | |
| - name: Login to GCR | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY_URL }} | |
| username: _json_key | |
| password: ${{ secrets.GCR_CONFIG }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| cd src/reports/ | |
| docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-reports:${{ needs.image-tag.outputs.build_id }} . | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-reports:${{ needs.image-tag.outputs.build_id }} | |
| docker tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-reports:${{ needs.image-tag.outputs.build_id }} ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-reports:latest | |
| docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/airqo-reports:latest | |
| - name: Update corresponding helm values file(with retry) | |
| uses: Wandalen/[email protected] # Retries action on fail | |
| with: | |
| action: fjogeleit/yaml-update-action@main # Action to retry | |
| with: | | |
| valueFile: "k8s/reports/values-prod.yaml" | |
| propertyPath: "image.tag" | |
| value: ${{ needs.image-tag.outputs.build_id }} | |
| branch: ${{ env.DEPLOY_BRANCH }} | |
| token: ${{ secrets.YAML_UPDATER_TOKEN }} | |
| message: "Update reports production image tag to ${{ needs.image-tag.outputs.build_id }}" | |
| - name: Login to K8S | |
| uses: azure/k8s-set-context@v3 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.K8S_CONFIG_PROD }} | |
| - name: Update the corresponding configmap | |
| run: | | |
| kubectl create configmap --dry-run=client -o yaml \ | |
| --from-env-file=src/reports/.env env-reports-production | kubectl replace -f - -n production |