Skip to content

chore(deps): update docker/metadata-action action to v5 #413

chore(deps): update docker/metadata-action action to v5

chore(deps): update docker/metadata-action action to v5 #413

Workflow file for this run

name: Add a new Deployment
on:
pull_request:
branches: [main]
types: [opened, reopened, edited]
jobs:
deploy:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
with:
ref: deployment
- run: git config --global user.email "github-actions[bot]@users.noreply.github.com"
- run: git config --global user.name "github-actions[bot]"
- run: |
MEILI_MASTER_KEY_RAW="$(echo $RANDOM | md5sum | head -c 20)"
MEILI_MASTER_KEY="$(echo "$MEILI_MASTER_KEY_RAW"|base64)"
export MEILI_MASTER_KEY
echo > staging/pr-${{ github.event.number }}.yaml "
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: pr-${{ github.event.number }}
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://github.com/TUM-Dev/navigatum.git
targetRevision: ${{ github.event.pull_request.head.ref }}
path: deployment/k3s
helm:
version: v3
values: |
namespace: pr-${{ github.event.number }}
tag: pr-${{ github.event.number }}
url: pr-${{ github.event.number }}.nav.tum.sexy
server:
MEILI_MASTER_KEY: $MEILI_MASTER_KEY
# GITHUB_TOKEN is intentionally omitted, as this file is templated and then added to git in the deployments branch
# JWT_KEY is omitted, because adding it would only make sense in conjunction with GITHUB_TOKEN
# MEILI_MASTER_KEY being added is not a security risk, since it is a hidden service and even if exposed is heavily restricted by other network policies
destination:
server: https://kubernetes.default.svc
namespace: pr-${{ github.event.number }}
syncPolicy:
automated:
selfHeal: true
prune: true
syncOptions:
- PrunePropagationPolicy=foreground
- CreateNamespace=true
retry:
limit: 2
backoff:
duration: 5s
factor: 2
maxDuration: 3m0s"
- run: git add .
- run: git commit -m "Add deployment for PR ${{ '#' }}${{ github.event.number }}"
- run: git push