Merge pull request #230 from OpenHistoricalMap/fix/tmserver #1058
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Chartpress Publish and Deploy | |
on: push | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 120 | |
steps: | |
- uses: actions/checkout@v1 | |
- name: Login to DockerHub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Setup python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: '3.6' | |
- name: Setup git | |
run: git config --global user.email "[email protected]" && git config --global user.name "Github Action" | |
- name: Install Chartpress | |
run: | | |
pip install -v chartpress && pip install six | |
- name: Run Chartpress | |
run: chartpress --push | |
env: | |
GITHUB_TOKEN: ${{ secrets.REPO_TOKEN }} | |
- name: Staging - substitute secrets | |
if: github.ref == 'refs/heads/staging' | |
uses: bluwy/substitute-string-action@v1 | |
with: | |
_input-file: 'values.staging.template.yaml' | |
_format-key: '{{key}}' | |
_output-file: 'values.staging.yaml' | |
AWS_SSL_ARN: ${{ secrets.AWS_SSL_ARN }} | |
MAILER_ADDRESS: ${{ secrets.MAILER_ADDRESS }} | |
MAILER_DOMAIN: ${{ secrets.MAILER_DOMAIN }} | |
MAILER_PASSWORD: ${{ secrets.MAILER_PASSWORD }} | |
MAILER_USERNAME: ${{ secrets.MAILER_USERNAME }} | |
STAGING_DB: ${{ secrets.STAGING_DB }} | |
STAGING_DB_EBS: ${{ secrets.STAGING_DB_EBS }} | |
STAGING_DB_PASSWORD: ${{ secrets.STAGING_DB_PASSWORD }} | |
STAGING_DB_USER: ${{ secrets.STAGING_DB_USER }} | |
STAGING_DOMAIN_NAME: ${{ secrets.STAGING_DOMAIN_NAME }} | |
STAGING_ID_KEY: ${{ secrets.STAGING_ID_KEY }} | |
STAGING_ID_APPLICATION: ${{ secrets.STAGING_ID_APPLICATION }} | |
STAGING_OAUTH_CLIENT_ID: ${{ secrets.STAGING_OAUTH_CLIENT_ID }} | |
STAGING_OAUTH_KEY: ${{ secrets.STAGING_OAUTH_KEY }} | |
STAGING_S3_BUCKET: ${{ secrets.STAGING_S3_BUCKET }} | |
STAGING_TILER_DB: ${{ secrets.STAGING_TILER_DB }} | |
STAGING_TILER_DB_EBS: ${{ secrets.STAGING_TILER_DB_EBS }} | |
STAGING_TILER_DB_HOST: ${{ secrets.STAGING_TILER_DB_HOST }} | |
STAGING_TILER_DB_PASSWORD: ${{ secrets.STAGING_TILER_DB_PASSWORD }} | |
STAGING_TILER_DB_USER: ${{ secrets.STAGING_TILER_DB_USER }} | |
STAGING_TILER_IMPOSM_EBS: ${{ secrets.STAGING_TILER_IMPOSM_EBS }} | |
STAGING_TILER_IMPOSM_REPLICATION_URL: ${{ secrets.STAGING_TILER_IMPOSM_REPLICATION_URL }} | |
STAGING_TILER_SERVER_EBS: ${{ secrets.STAGING_TILER_SERVER_EBS }} | |
STAGING_TILER_CACHE_AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_TILER_CACHE_AWS_ACCESS_KEY_ID }} | |
STAGING_TILER_CACHE_AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_TILER_CACHE_AWS_SECRET_ACCESS_KEY }} | |
STAGING_TM_API_CONSUMER_KEY: ${{ secrets.STAGING_TM_API_CONSUMER_KEY }} | |
STAGING_TM_API_CONSUMER_SECRET: ${{ secrets.STAGING_TM_API_CONSUMER_SECRET }} | |
STAGING_TM_API_DB: ${{ secrets.STAGING_TM_API_DB }} | |
STAGING_TM_API_DB_HOST: ${{ secrets.STAGING_TM_API_DB_HOST }} | |
STAGING_TM_API_DB_PASSWORD: ${{ secrets.STAGING_TM_API_DB_PASSWORD }} | |
STAGING_TM_API_DB_USER: ${{ secrets.STAGING_TM_API_DB_USER }} | |
STAGING_TM_API_SECRET: ${{ secrets.STAGING_TM_API_SECRET }} | |
STAGING_NOMINATIM_DB_EBS: ${{ secrets.STAGING_NOMINATIM_DB_EBS }} | |
STAGING_NOMINATIM_PG_PORT: ${{ secrets.STAGING_NOMINATIM_PG_PORT }} | |
STAGING_NOMINATIM_PG_USER: ${{ secrets.STAGING_NOMINATIM_PG_USER }} | |
STAGING_NOMINATIM_PG_PASSWORD: ${{ secrets.STAGING_NOMINATIM_PG_PASSWORD }} | |
STAGING_NOMINATIM_PG_DATABASE: ${{ secrets.STAGING_NOMINATIM_PG_DATABASE }} | |
STAGING_OVERPASS_API_DB_EBS: ${{ secrets.STAGING_OVERPASS_API_DB_EBS }} | |
STAGING_NEW_RELIC_LICENSE_KEY: ${{ secrets.STAGING_NEW_RELIC_LICENSE_KEY }} | |
STAGING_NEW_RELIC_APP_NAME: ${{ secrets.STAGING_NEW_RELIC_APP_NAME }} | |
- name: Production - substitute secrets | |
if: github.ref == 'refs/heads/main' | |
uses: bluwy/substitute-string-action@v1 | |
with: | |
_input-file: 'values.production.template.yaml' | |
_format-key: '{{key}}' | |
_output-file: 'values.production.yaml' | |
AWS_SSL_ARN: ${{ secrets.AWS_SSL_ARN }} | |
MAILER_ADDRESS: ${{ secrets.MAILER_ADDRESS }} | |
MAILER_DOMAIN: ${{ secrets.MAILER_DOMAIN }} | |
MAILER_PASSWORD: ${{ secrets.MAILER_PASSWORD }} | |
MAILER_USERNAME: ${{ secrets.MAILER_USERNAME }} | |
PRODUCTION_DB: ${{ secrets.PRODUCTION_DB }} | |
PRODUCTION_DB_EBS: ${{ secrets.PRODUCTION_DB_EBS }} | |
PRODUCTION_DB_PASSWORD: ${{ secrets.PRODUCTION_DB_PASSWORD }} | |
PRODUCTION_DB_USER: ${{ secrets.PRODUCTION_DB_USER }} | |
PRODUCTION_DOMAIN_NAME: ${{ secrets.PRODUCTION_DOMAIN_NAME }} | |
PRODUCTION_ID_KEY: ${{ secrets.PRODUCTION_ID_KEY }} | |
PRODUCTION_ID_APPLICATION: ${{ secrets.PRODUCTION_ID_APPLICATION }} | |
PRODUCTION_OAUTH_CLIENT_ID: ${{ secrets.PRODUCTION_OAUTH_CLIENT_ID }} | |
PRODUCTION_OAUTH_KEY: ${{ secrets.PRODUCTION_OAUTH_KEY }} | |
PRODUCTION_S3_BUCKET: ${{ secrets.PRODUCTION_S3_BUCKET }} | |
PRODUCTION_DB_BACKUP_S3_BUCKET: ${{ secrets.PRODUCTION_DB_BACKUP_S3_BUCKET }} | |
PRODUCTION_TILER_DB: ${{ secrets.PRODUCTION_TILER_DB }} | |
PRODUCTION_TILER_DB_EBS: ${{ secrets.PRODUCTION_TILER_DB_EBS }} | |
PRODUCTION_TILER_DB_HOST: ${{ secrets.PRODUCTION_TILER_DB_HOST }} | |
PRODUCTION_TILER_DB_PASSWORD: ${{ secrets.PRODUCTION_TILER_DB_PASSWORD }} | |
PRODUCTION_TILER_DB_USER: ${{ secrets.PRODUCTION_TILER_DB_USER }} | |
PRODUCTION_TILER_IMPOSM_EBS: ${{ secrets.PRODUCTION_TILER_IMPOSM_EBS }} | |
PRODUCTION_TILER_IMPOSM_REPLICATION_URL: ${{ secrets.PRODUCTION_TILER_IMPOSM_REPLICATION_URL }} | |
PRODUCTION_TILER_SERVER_EBS: ${{ secrets.PRODUCTION_TILER_SERVER_EBS }} | |
PRODUCTION_TILER_CACHE_AWS_ACCESS_KEY_ID: ${{ secrets.PRODUCTION_TILER_CACHE_AWS_ACCESS_KEY_ID }} | |
PRODUCTION_TILER_CACHE_AWS_SECRET_ACCESS_KEY: ${{ secrets.PRODUCTION_TILER_CACHE_AWS_SECRET_ACCESS_KEY }} | |
PRODUCTION_TM_API_CONSUMER_KEY: ${{ secrets.PRODUCTION_TM_API_CONSUMER_KEY }} | |
PRODUCTION_TM_API_CONSUMER_SECRET: ${{ secrets.PRODUCTION_TM_API_CONSUMER_SECRET }} | |
PRODUCTION_TM_API_DB: ${{ secrets.PRODUCTION_TM_API_DB }} | |
PRODUCTION_TM_API_DB_HOST: ${{ secrets.PRODUCTION_TM_API_DB_HOST }} | |
PRODUCTION_TM_API_DB_PASSWORD: ${{ secrets.PRODUCTION_TM_API_DB_PASSWORD }} | |
PRODUCTION_TM_API_DB_USER: ${{ secrets.PRODUCTION_TM_API_DB_USER }} | |
PRODUCTION_TM_API_SECRET: ${{ secrets.PRODUCTION_TM_API_SECRET }} | |
PRODUCTION_NOMINATIM_DB_EBS: ${{ secrets.PRODUCTION_NOMINATIM_DB_EBS }} | |
PRODUCTION_NOMINATIM_PG_PORT: ${{ secrets.PRODUCTION_NOMINATIM_PG_PORT }} | |
PRODUCTION_NOMINATIM_PG_USER: ${{ secrets.PRODUCTION_NOMINATIM_PG_USER }} | |
PRODUCTION_NOMINATIM_PG_PASSWORD: ${{ secrets.PRODUCTION_NOMINATIM_PG_PASSWORD }} | |
PRODUCTION_NOMINATIM_PG_DATABASE: ${{ secrets.PRODUCTION_NOMINATIM_PG_DATABASE }} | |
PRODUCTION_OVERPASS_API_DB_EBS: ${{ secrets.PRODUCTION_OVERPASS_API_DB_EBS }} | |
PRODUCTION_NEW_RELIC_LICENSE_KEY: ${{ secrets.PRODUCTION_NEW_RELIC_LICENSE_KEY }} | |
PRODUCTION_NEW_RELIC_APP_NAME: ${{ secrets.PRODUCTION_NEW_RELIC_APP_NAME }} | |
- name: AWS Credentials | |
if: github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/main' | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- name: Setup Kubectl and Helm Dependencies | |
if: github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/main' | |
run: | | |
sudo pip install awscli --ignore-installed six | |
sudo curl -L -o /usr/bin/kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.17.7/2020-07-08/bin/linux/amd64/kubectl | |
sudo chmod +x /usr/bin/kubectl | |
sudo curl -o /usr/bin/aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.17.7/2020-07-08/bin/linux/amd64/aws-iam-authenticator | |
sudo chmod +x /usr/bin/aws-iam-authenticator | |
wget https://get.helm.sh/helm-v3.5.0-linux-amd64.tar.gz -O helm.tar.gz | |
tar -xvzf helm.tar.gz | |
sudo mv linux-amd64/helm /usr/local/bin/ | |
sudo chmod +x /usr/local/bin/helm | |
- name: Update kube-config staging | |
if: github.ref == 'refs/heads/staging' | |
run: aws eks --region us-east-1 update-kubeconfig --name osmseed-staging | |
- name: Update kube-config prod | |
if: github.ref == 'refs/heads/main' | |
run: aws eks --region us-east-1 update-kubeconfig --name osmseed-production-v2 | |
- name: Install helm dependencies for | |
if: github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/main' | |
run: cd ohm && helm dep up | |
- name: Staging - helm deploy | |
if: github.ref == 'refs/heads/staging' | |
run: helm upgrade --install staging --wait ohm/ -f values.staging.yaml -f ohm/values.yaml | |
- name: Production - helm deploy | |
if: github.ref == 'refs/heads/main' | |
run: helm upgrade --install production --wait ohm/ -f values.production.yaml -f ohm/values.yaml |