meme bot v0.1.31 #22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Push, and Deploy meme-bot | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| env: | |
| DOCKER_IMAGE: ghcr.io/${{ github.repository }}/meme-bot | |
| KUBE_NAMESPACE: meme-bot | |
| HELM_CHART_PATH: ./charts/meme-bot | |
| KANIKO_CACHE_ARGS: "--cache=true --cache-copy-layers=true --cache-ttl=24h" | |
| jobs: | |
| build-to-ghcr: | |
| runs-on: arc-runner-set # uses self-hosted runner scale set | |
| container: | |
| image: gcr.io/kaniko-project/executor:v1.20.0-debug # the kaniko image | |
| permissions: | |
| contents: read # read the repository | |
| packages: write # to push to GHCR, omit for other container registry. https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#publishing-a-package-using-an-action | |
| steps: | |
| - name: Build and Push Image to GHCR with kaniko | |
| run: | | |
| cat <<EOF > /kaniko/.docker/config.json | |
| { | |
| "auths": { | |
| "ghcr.io": { | |
| "auth": "$(echo -n "$GIT_USERNAME:$GIT_PASSWORD" | base64 -w0)" | |
| } | |
| } | |
| } | |
| EOF | |
| /kaniko/executor --dockerfile="./Dockerfile" \ | |
| --context="${{ github.repositoryUrl }}#${{ github.ref }}#${{ github.sha }}" \ | |
| --destination="$GH_REGISTRY/$IMAGE_NAME:$(echo ${GITHUB_SHA} | head -c 7)" \ | |
| ${{ env.KANIKO_CACHE_ARGS }} \ | |
| --push-retry 5 | |
| env: # needed to authenticate to github and download the repo | |
| GIT_USERNAME: ${{ github.actor }} | |
| GIT_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| GH_REGISTRY: "ghcr.io" | |
| IMAGE_NAME: "${{ github.repository }}/meme-bot" | |
| deploy-to-k8s: | |
| runs-on: arc-runner-set | |
| needs: build-to-ghcr | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Install Helm | |
| run: | | |
| curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | |
| - name: Deploy to Kubernetes using Helm | |
| run: | | |
| helm upgrade --install meme-bot ${{ env.HELM_CHART_PATH }} \ | |
| --namespace ${{ env.KUBE_NAMESPACE }} \ | |
| --set image.repository=${{ env.DOCKER_IMAGE }} \ | |
| --set image.tag=$(echo ${GITHUB_SHA} | head -c 7) \ | |
| --set secrets.telegramBotToken=${{ secrets.TELEGRAM_BOT_TOKEN }} \ | |
| --set secrets.yandexOAuthToken=${{ secrets.YANDEX_OAUTH_TOKEN }} \ | |
| --set secrets.yandexArtFolderId=${{ secrets.YANDEX_ART_FOLDER_ID }} \ | |
| --set secrets.fusionBrainApiKey=${{ secrets.FUSION_BRAIN_API_KEY }} \ | |
| --set secrets.fusionBrainSecretKey=${{ secrets.FUSION_BRAIN_SECRET_KEY }} |