update: workflow production #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Jabar Super Apps Web Admin Production | |
on: | |
push: | |
branches: [ main ] | |
jobs: | |
docker: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
# Configure Docker with Credentials | |
- name: Configure Docker | |
run: | | |
docker login ${{ secrets.REGISTRY_URL }} -u ${{ secrets.REGISTRY_USERNAME }} -p '${{ secrets.REGISTRY_PASSWORD }}' | |
# Set version tag using SHA Hash (short) | |
- name: Set version tag | |
id: vars | |
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
# Build the Docker image | |
- name: Build and push | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
file: Dockerfile | |
push: true | |
tags: ${{ secrets.SERVICE_IMAGENAME }}:${{ env.sha_short }} | |
build-args: | | |
KEYCLOCK_CLIENT_ID=${{ secrets.KEYCLOCK_CLIENT_ID_PROD }} | |
KEYCLOCK_ENDPOINT=${{ secrets.KEYCLOCK_ENDPOINT_PROD }} | |
KEYCLOCK_BASE_URL=${{ secrets.KEYCLOCK_BASE_URL_PROD}} | |
GOOGLE_ANALYTICS_ID=${{secrets.GOOGLE_ANALYTICS_ID_PRODUCTION}} | |
APPLICATION_ID_NEW_RELIC=${{secrets.APPLICATION_ID_NEW_RELIC_PRODUCTION}} | |
LICENSE_KEY_NEW_RELIC_ACCOUNT=${{secrets.LICENSE_KEY_NEW_RELIC_ACCOUNT}} | |
ACCOUNT_ID_NEW_RELIC=${{secrets.ACCOUNT_ID_NEW_RELIC}} | |
NEW_RELIC_APP_NAME=${{secrets.NEW_RELIC_APP_NAME}} | |
NEW_RELIC_LICENSE_KEY=${{secrets.NEW_RELIC_LICENSE_KEY}} | |
TINYMCE_API_KEY=${{secrets.TINYMCE_API_KEY}} | |
# GitOps | |
- name: GitOps ArgoCD Setup | |
run: | | |
echo "${{ secrets.GITLAB_ARGOCD_KEY }}" > /tmp/gitlab-deploy-ssh-key | |
chmod 600 /tmp/gitlab-deploy-ssh-key | |
export GIT_SSH_COMMAND="ssh -i /tmp/gitlab-deploy-ssh-key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" | |
git clone ${{ secrets.GITLAB_ARGOCD_REPOSITORY }} | |
- name: GitOps ArgoCD Update Image Tag | |
uses: mikefarah/yq@master | |
with: | |
cmd: yq -i '.spec.template.spec.containers[0].image = "${{ secrets.SERVICE_IMAGENAME }}:${{ env.sha_short }}"' 'jds-terraform-gke/k8s/superapp/production/web-admin/deployment.yaml' | |
- name: GitOps ArgoCD Create Branch, Commit, Push | |
run: | | |
export GIT_SSH_COMMAND="ssh -i /tmp/gitlab-deploy-ssh-key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" | |
cd jds-terraform-gke/k8s/superapp/production/web-admin | |
git config user.email "github-action@github.com" | |
git config user.name "Github Action" | |
git checkout -b superapp-web-admin-release-${{ env.sha_short }}-production | |
git add deployment.yaml | |
git commit -m "[release]: Superapp Web Admin ${{ env.sha_short }} to production" | |
git push origin superapp-web-admin-release-${{ env.sha_short }}-production -o merge_request.description="# Overview \n\n - Superapp Web Admin Release ${{ env.sha_short }} to production \n\n ## Evidence \n\n - title: Release Web Admin ${{ env.sha_short }} to production \n - project: Jabar Super Apps \n - participants: " -o merge_request.create |