diff options
| -rw-r--r-- | .github/workflows/build-deploy.yaml | 88 | ||||
| -rw-r--r-- | .github/workflows/build.yaml | 58 | ||||
| -rw-r--r-- | .github/workflows/deploy.yaml | 52 | ||||
| -rw-r--r-- | .github/workflows/lint-test.yaml | 6 | ||||
| -rw-r--r-- | .github/workflows/main.yaml | 50 | ||||
| -rw-r--r-- | .github/workflows/sentry-release.yaml (renamed from .github/workflows/sentry-release.yml) | 4 | ||||
| -rw-r--r-- | .github/workflows/static-preview.yaml | 21 | ||||
| -rw-r--r-- | .github/workflows/status-embed.yaml (renamed from .github/workflows/status_embed.yaml) | 4 |
8 files changed, 149 insertions, 134 deletions
diff --git a/.github/workflows/build-deploy.yaml b/.github/workflows/build-deploy.yaml new file mode 100644 index 00000000..5007110d --- /dev/null +++ b/.github/workflows/build-deploy.yaml @@ -0,0 +1,88 @@ +name: Build & Deploy + +on: + workflow_call: + inputs: + sha-tag: + description: "A short-form SHA tag for the commit that triggered this workflow" + required: true + type: string + + +jobs: + build: + name: Build Docker Image + runs-on: ubuntu-latest + + steps: + + - name: Checkout code + uses: actions/checkout@v3 + + # The current version (v3) of Docker's build-push action uses + # buildx, which comes with BuildKit features that help us speed + # up our builds using additional cache features. Buildx also + # has a lot of other features that are not as relevant to us. + # + # See https://github.com/docker/build-push-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Github Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Build the container, including an inline cache manifest to + # allow us to use the registry as a cache source. + - name: Build and push + uses: docker/build-push-action@v4 + with: + context: . + file: ./Dockerfile + push: true + cache-from: type=registry,ref=ghcr.io/python-discord/site:latest + cache-to: type=inline + tags: | + ghcr.io/python-discord/site:latest + ghcr.io/python-discord/site:${{ inputs.sha_tag }} + build-args: | + git_sha=${{ github.sha }} + + deploy: + name: Deploy + needs: build + runs-on: ubuntu-latest + environment: production + + steps: + # Check out the private Kubernetes repository for the + # deployment.yaml file using a GitHub Personal Access + # Token to get access. + - name: Checkout code + uses: actions/checkout@v3 + with: + repository: python-discord/kubernetes + + - uses: azure/setup-kubectl@v3 + + - name: Authenticate with Kubernetes + uses: azure/k8s-set-context@v3 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + + - name: Deploy to Kubernetes + uses: Azure/k8s-deploy@v4 + with: + manifests: | + namespaces/default/site/deployment.yaml + images: 'ghcr.io/python-discord/site:${{ inputs.sha_tag }}' + + - name: Purge Cloudflare Edge Cache + uses: jakejarvis/cloudflare-purge-action@master + env: + CLOUDFLARE_ZONE: 989c984a358bfcd1e9b9d188cc86c1df + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_CACHE_TOKEN }} diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml deleted file mode 100644 index bf9ec5b7..00000000 --- a/.github/workflows/build.yaml +++ /dev/null @@ -1,58 +0,0 @@ -name: Build - -on: - workflow_run: - workflows: ["Lint & Test"] - branches: - - main - types: - - completed - -jobs: - build: - name: Build Docker Image - if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'push' - runs-on: ubuntu-latest - - steps: - # Create a commit SHA-based tag for the container repositories - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "tag=$tag" >> $GITHUB_OUTPUT - - - name: Checkout code - uses: actions/checkout@v3 - - # The current version (v3) of Docker's build-push action uses - # buildx, which comes with BuildKit features that help us speed - # up our builds using additional cache features. Buildx also - # has a lot of other features that are not as relevant to us. - # - # See https://github.com/docker/build-push-action - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to Github Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - # Build the container, including an inline cache manifest to - # allow us to use the registry as a cache source. - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: . - file: ./Dockerfile - push: true - cache-from: type=registry,ref=ghcr.io/python-discord/site:latest - cache-to: type=inline - tags: | - ghcr.io/python-discord/site:latest - ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }} - build-args: | - git_sha=${{ github.sha }} diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml deleted file mode 100644 index f27690f0..00000000 --- a/.github/workflows/deploy.yaml +++ /dev/null @@ -1,52 +0,0 @@ -name: Deploy - -on: - workflow_run: - workflows: ["Build"] - branches: - - main - types: - - completed - -jobs: - deploy: - if: github.event.workflow_run.conclusion == 'success' - name: Deploy to Kubernetes Cluster - runs-on: ubuntu-latest - environment: production - - steps: - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "tag=$tag" >> $GITHUB_OUTPUT - - # Check out the private Kubernetes repository for the - # deployment.yaml file using a GitHub Personal Access - # Token to get access. - - name: Checkout code - uses: actions/checkout@v3 - with: - repository: python-discord/kubernetes - - - uses: azure/setup-kubectl@v3 - - - name: Authenticate with Kubernetes - uses: azure/k8s-set-context@v3 - with: - method: kubeconfig - kubeconfig: ${{ secrets.KUBECONFIG }} - - - name: Deploy to Kubernetes - uses: Azure/k8s-deploy@v4 - with: - manifests: | - namespaces/default/site/deployment.yaml - images: 'ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }}' - - - name: Purge Cloudflare Edge Cache - uses: jakejarvis/cloudflare-purge-action@master - env: - CLOUDFLARE_ZONE: 989c984a358bfcd1e9b9d188cc86c1df - CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_CACHE_TOKEN }} diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 1fe3bd89..3328c208 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -1,11 +1,7 @@ name: Lint & Test on: - push: - branches: - - main - pull_request: - + workflow_call jobs: lint-test: diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml new file mode 100644 index 00000000..6454737d --- /dev/null +++ b/.github/workflows/main.yaml @@ -0,0 +1,50 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + lint-test: + uses: ./.github/workflows/lint-test.yaml + + generate-sha-tag: + runs-on: ubuntu-latest + outputs: + sha-tag: ${{ steps.sha-tag.outputs.sha-tag }} + steps: + - name: Create SHA Container tag + id: sha-tag + run: | + tag=$(cut -c 1-7 <<< $GITHUB_SHA) + echo "sha-tag=$tag" >> $GITHUB_OUTPUT + + publish-static-preview: + uses: ./.github/workflows/static-preview.yaml + needs: + - generate-sha-tag + with: + sha-tag: ${{ needs.generate-sha-tag.outputs.sha-tag }} + + build-deploy: + if: github.ref == 'refs/heads/main' + uses: ./.github/workflows/build-deploy.yaml + needs: + - lint-test + - generate-sha-tag + with: + sha-tag: ${{ needs.generate-sha-tag.outputs.sha-tag }} + secrets: inherit + + sentry-release: + if: github.ref == 'refs/heads/main' + uses: ./.github/workflows/sentry-release.yaml + needs: + - build-deploy + secrets: inherit diff --git a/.github/workflows/sentry-release.yml b/.github/workflows/sentry-release.yaml index 6521c389..ed42c980 100644 --- a/.github/workflows/sentry-release.yml +++ b/.github/workflows/sentry-release.yaml @@ -1,9 +1,7 @@ name: Create Sentry release on: - push: - branches: - - main + workflow_call jobs: createSentryRelease: diff --git a/.github/workflows/static-preview.yaml b/.github/workflows/static-preview.yaml index 9987aafe..c19ba05c 100644 --- a/.github/workflows/static-preview.yaml +++ b/.github/workflows/static-preview.yaml @@ -1,10 +1,12 @@ name: Build & Publish Static Preview on: - push: - branches: - - main - pull_request: + workflow_call: + inputs: + sha-tag: + description: "A short-form SHA tag for the commit that triggered this workflow" + required: true + type: string jobs: build: @@ -14,13 +16,6 @@ jobs: steps: - uses: actions/checkout@v3 - # Create a commit SHA-based tag for the container repositories - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "tag=$tag" >> $GITHUB_OUTPUT - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -43,7 +38,7 @@ jobs: cache-to: type=inline tags: | ghcr.io/python-discord/static-site:latest - ghcr.io/python-discord/static-site:${{ steps.sha_tag.outputs.tag }} + ghcr.io/python-discord/static-site:${{ inputs.sha_tag }} build-args: | git_sha=${{ github.sha }} STATIC_BUILD=TRUE @@ -53,7 +48,7 @@ jobs: run: | mkdir docker_build \ && docker run --entrypoint /bin/echo --name site \ - ghcr.io/python-discord/static-site:${{ steps.sha_tag.outputs.tag }} \ + ghcr.io/python-discord/static-site:${{ inputs.sha_tag }} \ && docker cp site:/app docker_build/ # Build directly to a local folder diff --git a/.github/workflows/status_embed.yaml b/.github/workflows/status-embed.yaml index e9b283cd..ead0f5ec 100644 --- a/.github/workflows/status_embed.yaml +++ b/.github/workflows/status-embed.yaml @@ -3,9 +3,7 @@ name: Status Embed on: workflow_run: workflows: - - Lint & Test - - Build - - Deploy + - CI types: - completed |