This repository has been archived by the owner on Oct 21, 2024. It is now read-only.
feat: allow overriding env vars in flows (#62) #64
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: write | |
| name: release-please | |
| jobs: | |
| release-please: | |
| runs-on: ubuntu-latest | |
| # skip releases on forks | |
| if: github.repository == 'kurtosis-tech/kardinal-kontrol' | |
| outputs: | |
| tag_name: ${{ steps.release.outputs.tag_name }} | |
| release_created: ${{ steps.release.outputs.release_created }} | |
| steps: | |
| - name: Run Release Please | |
| id: release | |
| uses: googleapis/release-please-action@v3 | |
| with: | |
| token: ${{ secrets.RELEASE_PLEASE_TOKEN }} | |
| release-type: simple | |
| package-name: kardinal-kontrol | |
| bump-minor-pre-major: true | |
| bump-patch-for-minor-pre-major: true | |
| include-v-in-tag: false | |
| publish: | |
| name: Publish Images | |
| needs: release-please | |
| runs-on: ubuntu-22.04 | |
| if: ${{ needs.release-please.outputs.release_created }} | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v3 | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v27 | |
| # relax sandbox due impure kontrol-service tests during build | |
| with: | |
| extra_nix_config: | | |
| sandbox = relaxed | |
| - name: Magic cache | |
| uses: DeterminateSystems/magic-nix-cache-action@v7 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::258623609258:role/kardinal-control-publish-images | |
| role-session-name: GitHub_to_AWS_via_FederatedOIDC | |
| aws-region: "us-east-1" | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| - name: Publish images to AWS | |
| run: | | |
| nix run ./#publish-aws-kontrol-frontend-container | |
| nix run ./#publish-aws-kontrol-service-container | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Publish images to DockerHub | |
| run: | | |
| nix run ./#publish-dockerhub-kontrol-frontend-container | |
| nix run ./#publish-dockerhub-kontrol-service-container | |
| deploy: | |
| name: Update Cluster Deployment | |
| needs: [publish, release-please] | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: git checkout | |
| uses: actions/checkout@v3 | |
| - name: Install Kubectl | |
| uses: azure/setup-kubectl@v3 | |
| with: | |
| version: "v1.30.1" | |
| - name: configure aws credentials | |
| id: aws-creds | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::258623609258:role/kardinal-kontrol-deploy-to-cluster | |
| role-session-name: GitHub_to_AWS_via_FederatedOIDC | |
| aws-region: "us-east-1" | |
| - name: Update Kube config | |
| run: aws eks update-kubeconfig --name kardinal --region us-east-1 | |
| - name: Deploy to cluster | |
| run: | | |
| kubectl rollout restart deployment/kontrol-frontend -n kardinal-kontrol | |
| kubectl rollout restart deployment/kontrol-service-server -n kardinal-kontrol |