run the [deploy] directly. pass into it PRIVATE_REPO #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://docs.github.com/en/actions/using-workflows/reusing-workflows | ||
| name: CI/CD build, test and deploy using github registry and nomad | ||
| on: | ||
| workflow_call: | ||
| secrets: | ||
| NOMAD_TOKEN: | ||
| description: 'nomad cluster credentials - store in your repo GitHub Secrets - required to deploy' | ||
| required: false | ||
| NOMAD_TOKEN_PROD: | ||
| description: 'nomad archive.org production cluster credentials - store in your repo GitHub Secrets' | ||
| required: false | ||
| NOMAD_SECRETS: | ||
| # NOTE: requires '=' char key/val separator instead of ':' (which would be actual JSON). | ||
| # NOTE: the values *in reality* should all be like the last value. | ||
| # Example: {"A"="xxx", "STRINGY"="i'm \"json-like\"", "MY_TOKEN"="${{ secrets.MY_TOKEN }}"} | ||
| description: 'json-like key/value string which become env vars in your running deployment shell' | ||
| required: false | ||
| inputs: | ||
| PLATFORMS: | ||
| description: 'can set to: "linux/amd64, linux/arm64" for linux + mac arm' | ||
| required: false | ||
| type: string | ||
| default: 'linux/amd64' | ||
| BASE_DOMAIN: | ||
| description: 'nomad cluster wildcard DNS domain name, eg: example.com' | ||
| required: false | ||
| type: string | ||
| default: 'dev.archive.org' | ||
| NOMAD_ADDR: | ||
| description: 'nomad cluster API endpoint - archive.org deploys automate this but you can override' | ||
| required: false | ||
| type: string | ||
| TEST_SCRIPT: | ||
| description: 'default looks for [WORKDIR]/test.sh in docker image and runs it. pass in alt pathname' | ||
| default: './test.sh' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_CHECK_PATH: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_CHECK_PROTOCOL: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_CHECK_TIMEOUT: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_COUNT: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_COUNT_CANARIES: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_CPU: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_FORCE_PULL: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_HEALTH_TIMEOUT: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_HOME: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_HOSTNAMES: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_IS_BATCH: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_MEMORY: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_MULTI_CONTAINER: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_NETWORK_MODE: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_NO_DEPLOY: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_PERSISTENT_VOLUME: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| NOMAD_VAR_PORTS: | ||
| description: '@see https://gitlab.com/internetarchive/nomad#customizing' | ||
| required: false | ||
| type: string | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repo | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| lfs: true | ||
| - name: Setup QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
| - name: Setup docker buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - name: Extract branch name | ||
| shell: bash | ||
| run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" | ||
| id: extract_branch | ||
| - name: Login to registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Build and push | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| platforms: ${{ inputs.PLATFORMS }} | ||
| push: ${{ github.event_name != 'pull_request' }} | ||
| tags: ghcr.io/${{ github.repository }}:${{ steps.extract_branch.outputs.branch }} | ||
| cache-from: type=gha # chexxx | ||
| cache-to: type=gha,mode=max # chexxx | ||
| test: | ||
| # https://github.com/internetarchive/test/blob/main/action.yml | ||
| runs-on: ubuntu-latest | ||
| needs: build | ||
| steps: | ||
| - uses: internetarchive/test@v1 | ||
| with: | ||
| TEST_SCRIPT: ${{ inputs.TEST_SCRIPT }} | ||
| deploy: | ||
| runs-on: ubuntu-latest | ||
| needs: test | ||
| container: | ||
| # https://gitlab.com/internetarchive/nomad | ||
| image: docker://registry.gitlab.com/internetarchive/nomad/master | ||
| env: | ||
| BASE_DOMAIN: ${{ inputs.BASE_DOMAIN }} | ||
| NOMAD_ADDR: ${{ inputs.NOMAD_ADDR }} | ||
| NOMAD_TOKEN: ${{ secrets.NOMAD_TOKEN }} | ||
| NOMAD_TOKEN_PROD: ${{ secrets.NOMAD_TOKEN_PROD }} | ||
| REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| NOMAD_SECRETS: ${{ secrets.NOMAD_SECRETS }} | ||
| PRIVATE_REPO: ${{ github.event.repository.private }} | ||
| NOMAD_VAR_CHECK_PATH: ${{ inputs.NOMAD_VAR_CHECK_PATH }} | ||
| NOMAD_VAR_CHECK_PROTOCOL: ${{ inputs.NOMAD_VAR_CHECK_PROTOCOL }} | ||
| NOMAD_VAR_CHECK_TIMEOUT: ${{ inputs.NOMAD_VAR_CHECK_TIMEOUT }} | ||
| NOMAD_VAR_COUNT: ${{ inputs.NOMAD_VAR_COUNT }} | ||
| NOMAD_VAR_COUNT_CANARIES: ${{ inputs.NOMAD_VAR_COUNT_CANARIES }} | ||
| NOMAD_VAR_CPU: ${{ inputs.NOMAD_VAR_CPU }} | ||
| NOMAD_VAR_FORCE_PULL: ${{ inputs.NOMAD_VAR_FORCE_PULL }} | ||
| NOMAD_VAR_HEALTH_TIMEOUT: ${{ inputs.NOMAD_VAR_HEALTH_TIMEOUT }} | ||
| NOMAD_VAR_HOME: ${{ inputs.NOMAD_VAR_HOME }} | ||
| NOMAD_VAR_HOSTNAMES: ${{ inputs.NOMAD_VAR_HOSTNAMES }} | ||
| NOMAD_VAR_IS_BATCH: ${{ inputs.NOMAD_VAR_IS_BATCH }} | ||
| NOMAD_VAR_MEMORY: ${{ inputs.NOMAD_VAR_MEMORY }} | ||
| NOMAD_VAR_MULTI_CONTAINER: ${{ inputs.NOMAD_VAR_MULTI_CONTAINER }} | ||
| NOMAD_VAR_NETWORK_MODE: ${{ inputs.NOMAD_VAR_NETWORK_MODE }} | ||
| NOMAD_VAR_NO_DEPLOY: ${{ inputs.NOMAD_VAR_NO_DEPLOY }} | ||
| NOMAD_VAR_PERSISTENT_VOLUME: ${{ inputs.NOMAD_VAR_PERSISTENT_VOLUME }} | ||
| NOMAD_VAR_PORTS: ${{ inputs.NOMAD_VAR_PORTS }} | ||
| # https://gitlab.com/internetarchive/nomad/-/blob/master/deploy.sh | ||
| options: --entrypoint=/deploy.sh | ||
