diff options
| -rw-r--r-- | .github/workflows/build-deploy.yml | 77 | ||||
| -rw-r--r-- | .github/workflows/deploy.yml | 64 | ||||
| -rw-r--r-- | .github/workflows/lint.yml | 14 | ||||
| -rw-r--r-- | .github/workflows/main.yml | 36 |
4 files changed, 114 insertions, 77 deletions
diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml new file mode 100644 index 0000000..c5d289d --- /dev/null +++ b/.github/workflows/build-deploy.yml @@ -0,0 +1,77 @@ +name: Deploy to production + +on: + workflow_call: + inputs: + sha-tag: + description: "A short-form SHA tag for the commit that triggered this workflow" + required: true + type: string + +jobs: + build: + name: Build & Publish Docker image + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + # The current version (v2) of Docker's build-push action uses + # buildx, which comes with BuildKit features that help us speed + # up our builds using additional cache features. Buildx also + # has a lot of other features that are not as relevant to us. + # + # See https://github.com/docker/build-push-action + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Github Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Generate docker image metadata + uses: docker/metadata-action@v4 + id: meta + with: + images: ghcr.io/python-discord/metricity + tags: | + type=sha + type=raw,value=latest + type=semver,pattern=v{{version}},enable=${{ startsWith(github.ref, 'refs/tags/v') }} + + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/') }} + cache-from: type=registry,ref=ghcr.io/python-discord/metricity:latest + cache-to: type=inline + tags: ${{ steps.meta.outputs.tags }} + build-args: | + git_sha=${{ github.sha }} + + deploy: + name: Deploy + needs: build + runs-on: ubuntu-latest + if: ${{ github.ref == 'refs/heads/main' }} + steps: + - uses: azure/setup-kubectl@v3 + + - name: Authenticate with Kubernetes + uses: azure/k8s-set-context@v3 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + + - name: Deploy to Kubernetes + uses: Azure/k8s-deploy@v4 + with: + manifests: | + deployment.yaml + images: 'ghcr.io/python-discord/metricity:${{ inputs.sha-tag }}' diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 74ba293..0000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: Deploy to production - -on: - push: - branches: - - main - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - push_docker_image: - name: Build & Publish Docker image - runs-on: ubuntu-latest - - steps: - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "::set-output name=tag::$tag" - - - name: Checkout code - uses: actions/checkout@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to Github Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - # This step builds and pushed the container to the - # Github Container Registry tagged with "latest" and - # the short SHA of the commit. - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: . - file: ./Dockerfile - push: true - cache-from: type=registry,ref=ghcr.io/python-discord/metricity:latest - tags: | - ghcr.io/python-discord/metricity:latest - ghcr.io/python-discord/metricity:${{ steps.sha_tag.outputs.tag }} - - - uses: azure/setup-kubectl@v3 - - - name: Authenticate with Kubernetes - uses: azure/k8s-set-context@v3 - with: - method: kubeconfig - kubeconfig: ${{ secrets.KUBECONFIG }} - - - name: Deploy to Kubernetes - uses: Azure/k8s-deploy@v4 - with: - manifests: | - deployment.yaml - images: 'ghcr.io/python-discord/metricity:${{ steps.sha_tag.outputs.tag }}' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 39097f6..f216266 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,24 +1,12 @@ name: Lint Python code on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true + workflow_call jobs: lint: - name: "Lint code" - # The type of runner that the job will run on runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Checkout branch uses: actions/checkout@v3 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..dbdc0df --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,36 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + release: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + lint: + uses: ./.github/workflows/lint.yml + + generate-sha-tag: + runs-on: ubuntu-latest + outputs: + sha-tag: ${{ steps.sha-tag.outputs.sha-tag }} + steps: + - name: Create SHA Container tag + id: sha-tag + run: | + tag=$(cut -c 1-7 <<< $GITHUB_SHA) + echo "sha-tag=$tag" >> $GITHUB_OUTPUT + + build-deploy: + uses: ./.github/workflows/build-deploy.yml + needs: + - lint + - generate-sha-tag + with: + sha-tag: ${{ needs.generate-sha-tag.outputs.sha-tag }} + secrets: inherit |