diff --git a/.github/workflows/deploy-to-kubernetes.yml b/.github/workflows/deploy-to-kubernetes.yml index 9340f0781a..24ec2b6323 100644 --- a/.github/workflows/deploy-to-kubernetes.yml +++ b/.github/workflows/deploy-to-kubernetes.yml @@ -1,21 +1,22 @@ ---- name: Deploy images to k8s + on: push: branches: - - main - - staging - - test - - vcf - - tetrapack - - dev - - demo + - 'main' + - 'staging' + - 'test' + - 'vcf' + - 'tetrapack' + - 'dev' + - 'demo' paths: - - api/** - - client/** - - tiler/** - - .github/** - workflow_dispatch: null + - 'api/**' + - 'client/**' + - 'tiler/**' + - '.github/**' + workflow_dispatch: + jobs: wait_for_image_push: name: Wait for Docker images to be pushed @@ -27,12 +28,14 @@ jobs: token: ${{ secrets.REPO_ACCESS_TOKEN }} checkName: Push API Docker image to Docker Hub ref: ${{ github.event.pull_request.head.sha || github.sha }} + - name: Wait for Client image to be pushed to Docker Hub uses: fountainhead/action-wait-for-check@v1.1.0 with: token: ${{ secrets.REPO_ACCESS_TOKEN }} checkName: Push Client Docker image to Docker Hub ref: ${{ github.event.pull_request.head.sha || github.sha }} + deploy_images_to_kubernetes: name: Deploy updated Docker image to Kubernetes runs-on: ubuntu-20.04 @@ -40,11 +43,13 @@ jobs: steps: - name: Check out the repo uses: actions/checkout@v2 + - name: Log in to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + - name: Configure SSH access to the bastion host run: | mkdir -p ~/.ssh/ @@ -52,24 +57,25 @@ jobs: chmod 600 ~/.ssh/bastion.key env: SSH_KEY: ${{ secrets.BASTION_SSH_PRIVATE_KEY }} + - name: Add custom host data run: | sudo sh -c 'echo "127.0.0.1 ${{ secrets.EKS_HOST }}" >> /etc/hosts' + - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ secrets.AWS_REGION }} - - name: Install kubectl - run: > - curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/kubernetes-archive-keyring.gpg add - + - name: Install kubectl + run: | + sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list - sudo apt-get update - sudo apt-get install -y kubectl + - name: Config kubectl run: | mkdir ~/.kube @@ -77,30 +83,28 @@ jobs: sed -i 's/\(eks.amazonaws.com\)/\1:4433/g' ~/.kube/config env: KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }} + - name: Creating SSH tunnel - run: > - ssh -i ~/.ssh/bastion.key -o StrictHostKeyChecking=no -N -L 4433:${{ - secrets.EKS_HOST }}:443 ${{ secrets.BASTION_USER }}@${{ - secrets.BASTION_HOST }} -T & + run: | + ssh -i ~/.ssh/bastion.key -o StrictHostKeyChecking=no -N -L 4433:${{ secrets.EKS_HOST }}:443 ${{ secrets.BASTION_USER }}@${{ secrets.BASTION_HOST }} -T & + - name: Extract branch name shell: bash - run: > + run: | echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" - echo "##[set-output name=branch-upper;]$(echo ${GITHUB_REF#refs/heads/} | tr a-z A-Z )" id: extract_branch + - name: Redeploy production pods if: ${{ steps.extract_branch.outputs.branch == 'main' }} run: | kubectl rollout restart deployment api -n production kubectl rollout restart deployment tiler -n production kubectl rollout restart deployment client -n production + - name: Redeploy pods for other branches if: ${{ steps.extract_branch.outputs.branch != 'main' }} - run: > - kubectl rollout restart deployment api -n ${{ - steps.extract_branch.outputs.branch }} - + run: | + kubectl rollout restart deployment api -n ${{ steps.extract_branch.outputs.branch }} kubectl rollout restart deployment tiler -n ${{ steps.extract_branch.outputs.branch }} - kubectl rollout restart deployment client -n ${{ steps.extract_branch.outputs.branch }}