From 3a9b8943d1d4203a7a6f41af5437d2c9dc90e828 Mon Sep 17 00:00:00 2001
From: Sebastiaan Zeeff <sebastiaan.zeeff@gmail.com>
Date: Thu, 19 Nov 2020 00:37:14 +0100
Subject: Ensure that flake8 runs on PR changes

Unfortunately, the way we previously set up our workflow caused flake8
to run on code already committed to master, not the changes made in a
PR, because it ran in the context of the target branch.

This is obviously useless when it comes to protecting our codebase from
linting errors. I've now set up flake8 in a different way, using
Workflow Commands to create error annotions.

I've also split up the workflow into two separate workflows.
---
 .github/workflows/build-deploy.yaml | 70 +++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 .github/workflows/build-deploy.yaml

(limited to '.github/workflows/build-deploy.yaml')

diff --git a/.github/workflows/build-deploy.yaml b/.github/workflows/build-deploy.yaml
new file mode 100644
index 00000000..668927e0
--- /dev/null
+++ b/.github/workflows/build-deploy.yaml
@@ -0,0 +1,70 @@
+name: Build & Deploy
+
+on:
+  workflow_run:
+    workflows: ["Lint & Test"]
+    branches:
+      - master
+    types:
+      - completed
+
+  build-and-deploy:
+    name: Build and Deploy to Kubernetes
+    needs: lint-test
+    if: github.event.workflow_run.conclusion == 'success'
+    runs-on: ubuntu-latest
+
+    steps:
+      # Create a commit SHA-based tag for the container repositories
+      - name: Create SHA Container Tag
+        id: sha_tag
+        run: |
+          tag=$(cut -c 1-7 <<< $GITHUB_SHA)
+          echo "::set-output name=tag::$tag"
+
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      # The current version (v2) of Docker's build-push action uses
+      # buildx, which comes with BuildKit features that help us speed
+      # up our builds using additional cache features. Buildx also
+      # has a lot of other features that are not as relevant to us.
+      #
+      # See https://github.com/docker/build-push-action
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to Github Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ secrets.GHCR_USER }}
+          password: ${{ secrets.GHCR_TOKEN }}
+
+      # Build the container, including an inline cache manifest to
+      # allow us to use the registry as a cache source.
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          cache-from: type=registry,ref=ghcr.io/python-discord/site:latest
+          cache-to: type=inline
+          tags: |
+            ghcr.io/python-discord/site:latest
+            ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }}
+
+      - name: Authenticate with Kubernetes
+        uses: azure/k8s-set-context@v1
+        with:
+          method: kubeconfig
+          kubeconfig: ${{ secrets.KUBECONFIG }}
+
+      - name: Deploy to Kubernetes
+        uses: Azure/k8s-deploy@v1
+        with:
+          manifests: |
+              deployment.yaml
+          images: 'ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }}'
+          kubectl-version: 'latest'
-- 
cgit v1.2.3