CD - Kubernetes - Dev #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD - Syft - Deploy `dev` to K8s | |
| on: | |
| # TODO: Re-enable once merged & tested | |
| # schedule: | |
| # - cron: "0 */3 * * *" | |
| workflow_dispatch: | |
| inputs: | |
| none: | |
| description: "Run Tests Manually" | |
| required: false | |
| jobs: | |
| deploy-syft-dev: | |
| runs-on: om-ci-16vcpu-ubuntu2204 | |
| steps: | |
| - name: Permission to home directory | |
| run: | | |
| sudo chown -R $USER:$USER $HOME | |
| - uses: actions/checkout@v4 | |
| # Checkout Infra repo (nested) | |
| - name: Checkout Infra Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ secrets.INFRA_REPO }} | |
| ref: "main" | |
| token: ${{ secrets.INFRA_BOT_COMMIT_TOKEN }} | |
| path: infrastructure | |
| - name: Set up Python | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: "3.11" | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Azure container registry | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ secrets.ACR_SERVER }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Set Grid package version | |
| id: grid | |
| shell: bash | |
| run: echo "GRID_VERSION=$(python packages/grid/VERSION)" >> $GITHUB_OUTPUT | |
| - name: Build and push `grid-backend` image to DockerHub | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./packages | |
| file: ./packages/grid/backend/backend.dockerfile | |
| push: true | |
| target: backend | |
| tags: | | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-backend:dev | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-backend:dev-${{ github.sha }} | |
| - name: Build and push `grid-frontend` image to DockerHub | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./packages/grid/frontend | |
| file: ./packages/grid/frontend/frontend.dockerfile | |
| push: true | |
| tags: | | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-frontend:dev | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-frontend:dev-${{ github.sha }} | |
| target: grid-ui-development | |
| # TODO: Re-enable once we have Enclave up and running | |
| # - name: Build and push `grid-enclave` image to DockerHub | |
| # uses: docker/build-push-action@v4 | |
| # with: | |
| # context: ./packages | |
| # file: ./packages/grid/worker/worker.dockerfile | |
| # push: true | |
| # target: worker | |
| # tags: | | |
| # ${{ secrets.ACR_SERVER }}/openmined/grid-enclave:dev | |
| # ${{ secrets.ACR_SERVER }}/openmined/grid-enclave:dev-${{ github.sha }} | |
| - name: Build and push `grid-headscale` image to DockerHub | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./packages/grid/vpn | |
| file: ./packages/grid/vpn/headscale.dockerfile | |
| push: true | |
| tags: | | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-headscale:dev | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-headscale:dev-${{ github.sha }} | |
| - name: Build and push `grid-tailscale` image to DockerHub | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./packages/grid/vpn | |
| file: ./packages/grid/vpn/tailscale.dockerfile | |
| push: true | |
| tags: | | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-tailscale:dev | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-tailscale:dev-${{ github.sha }} | |
| - name: Build and push `grid-vpn-iptables` image to DockerHub | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: ./packages/grid/vpn | |
| file: ./packages/grid/vpn/iptables.dockerfile | |
| push: true | |
| tags: | | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-vpn-iptables:dev | |
| ${{ secrets.ACR_SERVER }}/openmined/grid-vpn-iptables:dev-${{ github.sha }} | |
| - name: Build Helm Chart & Copy to infra | |
| shell: bash | |
| run: | | |
| K3D_VERSION=v5.6.0 | |
| DEVSPACE_VERSION=v6.3.3 | |
| # install k3d | |
| wget https://github.com/k3d-io/k3d/releases/download/${K3D_VERSION}/k3d-linux-amd64 | |
| mv k3d-linux-amd64 k3d | |
| chmod +x k3d | |
| export PATH=`pwd`:$PATH | |
| k3d version | |
| # Install devspace | |
| curl -sSL https://github.com/loft-sh/devspace/releases/download/${DEVSPACE_VERSION}/devspace-linux-amd64 -o ./devspace | |
| chmod +x devspace | |
| devspace version | |
| export CONTAINER_REGISTRY=${{ secrets.ACR_SERVER }} | |
| export VERSION=dev-${{github.sha}} | |
| tox -e syft.build.helm | |
| rm -rf infrastructure/gitops/environments/dev/ | |
| mkdir -p infrastructure/gitops/environments/dev/ | |
| cp -R packages/grid/helm/syft/. packages/grid/helm/manifests.yaml infrastructure/gitops/environments/dev/ | |
| - name: Commit & push changes to Infra Repo | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| author_name: ${{ secrets.OM_BOT_NAME }} | |
| author_email: ${{ secrets.OM_BOT_EMAIL }} | |
| message: "[env] Update dev helm charts" | |
| add: "." | |
| push: "origin main" | |
| cwd: "./infrastructure/" |