Skip to content

Deploy (main -> staging) by @ShanaLMoore #165

Deploy (main -> staging) by @ShanaLMoore

Deploy (main -> staging) by @ShanaLMoore #165

Workflow file for this run

name: "Deploy"
run-name: Deploy (${{ github.ref_name }} -> ${{ inputs.environment }}) by @${{ github.actor }}
on:
workflow_dispatch:
inputs:
environment:
description: 'Deploy to Environment'
require: true
default: 'staging'
type: choice
options:
- demo
- iiif
- staging
debug_enabled:
type: boolean
description: 'Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)'
required: false
default: false
jobs:
deployment:
runs-on: ubuntu-latest
container: dtzar/helm-kubectl:3.9.4
environment: ${{ inputs.environment }}
env:
HELM_EXPERIMENTAL_OCI: 1
HELM_RELEASE_NAME: ${{ github.event.repository.name }}-${{ inputs.environment }}
KUBE_NAMESPACE: ${{ github.event.repository.name }}-${{ inputs.environment }}
HELM_EXTRA_ARGS: >
--values ops/${{ inputs.environment }}-deploy.yaml
KUBECONFIG_FILE: ${{ secrets.KUBECONFIG_FILE }}
KUBECONFIG: ./kubeconfig.yml
BASE_URL: ${{ secrets.BASE_URL }}
DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
GOOGLE_ANALYTICS_ID: ${{ secrets.GOOGLE_ANALYTICS_ID }}
GOOGLE_FONTS_KEY: ${{ secrets.GOOGLE_FONTS_KEY }}
GOOGLE_OAUTH_PRIVATE_KEY_SECRET: ${{ secrets.GOOGLE_OAUTH_PRIVATE_KEY_SECRET }}
GOOGLE_OAUTH_PRIVATE_KEY_VALUE: ${{ secrets.GOOGLE_OAUTH_PRIVATE_KEY_VALUE }}
IA_PASSWORD: ${{ secrets.IA_PASSWORD }}
MAIL_PASS: ${{ secrets.MAIL_PASS }}
NEGATIVE_CAPTCHA_SECRET: ${{ secrets.NEGATIVE_CAPTCHA_SECRET }}
PAPERTRAIL_API_TOKEN: ${{ secrets.PAPERTRAIL_API_TOKEN }}
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }}
SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }}
SENDGRID_PASSWORD: ${{ secrets.SENDGRID_PASSWORD }}
SENTRY_ENVIRONMENT: ${{ secrets.SENTRY_ENVIRONMENT }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
SMTP_PASSWORD: ${{ secrets.SMTP_PASSWORD }}
SOLR_ADMIN_PASSWORD: ${{ secrets.SOLR_ADMIN_PASSWORD }}
SQUARE_ACCESS_TOKEN: ${{ secrets.SQUARE_ACCESS_TOKEN }}
SQUARE_WEBHOOK_SIGNATURE_KEY: ${{ secrets.SQUARE_WEBHOOK_SIGNATURE_KEY }}
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
steps:
- id: setup
name: Setup
uses: scientist-softserv/actions/[email protected]
with:
tag: ${{ inputs.tag }}
image_name: ${{ inputs.image_name }}
token: ${{ secrets.CHECKOUT_TOKEN || secrets.GITHUB_TOKEN }}
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
with:
limit-access-to-actor: true
- name: Do deploy
run: |
echo $KUBECONFIG_FILE | base64 -d > $KUBECONFIG;
DOLLAR=$ envsubst < ops/${{ inputs.environment }}-deploy.tmpl.yaml > ops/${{ inputs.environment }}-deploy.yaml;
export DEPLOY_TAG=${TAG};
export DEPLOY_IMAGE=ghcr.io/${REPO_LOWER};
export WORKER_IMAGE=ghcr.io/${REPO_LOWER}/worker;
./bin/helm_deploy ${{ inputs.k8s-release-name || format('{0}-{1}', github.event.repository.name, inputs.environment) }} ${{ inputs.k8s-namespace || format('{0}-{1}', github.event.repository.name, inputs.environment) }}