diff options
| author |  Sebastiaan Zeeff <[email protected]> | 2020-11-19 00:37:14 +0100 |
|---|---|---|
| committer | Sebastiaan Zeeff <[email protected]> | 2020-11-19 00:37:14 +0100 |
| commit | 3a9b8943d1d4203a7a6f41af5437d2c9dc90e828 (patch) | |
| tree | 2a8534fddddc4f9c71fa7b77d2379606ea16d012 /.github/workflows/build-deploy.yaml | |
| parent | Default to HTTPS for account URLs (diff) | |
Ensure that flake8 runs on PR changes
Unfortunately, the way we previously set up our workflow caused flake8
to run on code already committed to master, not the changes made in a
PR, because it ran in the context of the target branch.
This is obviously useless when it comes to protecting our codebase from
linting errors. I've now set up flake8 in a different way, using
Workflow Commands to create error annotions.
I've also split up the workflow into two separate workflows.
Diffstat (limited to '.github/workflows/build-deploy.yaml')
| -rw-r--r-- | .github/workflows/build-deploy.yaml | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/.github/workflows/build-deploy.yaml b/.github/workflows/build-deploy.yaml new file mode 100644 index 00000000..668927e0 --- /dev/null +++ b/.github/workflows/build-deploy.yaml @@ -0,0 +1,70 @@ +name: Build & Deploy + +on: + workflow_run: + workflows: ["Lint & Test"] + branches: + - master + types: + - completed + + build-and-deploy: + name: Build and Deploy to Kubernetes + needs: lint-test + if: github.event.workflow_run.conclusion == 'success' + runs-on: ubuntu-latest + + steps: + # Create a commit SHA-based tag for the container repositories + - name: Create SHA Container Tag + id: sha_tag + run: | + tag=$(cut -c 1-7 <<< $GITHUB_SHA) + echo "::set-output name=tag::$tag" + + - name: Checkout code + uses: actions/checkout@v2 + + # The current version (v2) of Docker's build-push action uses + # buildx, which comes with BuildKit features that help us speed + # up our builds using additional cache features. Buildx also + # has a lot of other features that are not as relevant to us. + # + # See https://github.com/docker/build-push-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Github Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ secrets.GHCR_USER }} + password: ${{ secrets.GHCR_TOKEN }} + + # Build the container, including an inline cache manifest to + # allow us to use the registry as a cache source. + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + push: true + cache-from: type=registry,ref=ghcr.io/python-discord/site:latest + cache-to: type=inline + tags: | + ghcr.io/python-discord/site:latest + ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }} + + - name: Authenticate with Kubernetes + uses: azure/k8s-set-context@v1 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + + - name: Deploy to Kubernetes + uses: Azure/k8s-deploy@v1 + with: + manifests: | + deployment.yaml + images: 'ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }}' + kubectl-version: 'latest' |