From ad84a56bf14f4c491d43f67abb6895c13dfb02e5 Mon Sep 17 00:00:00 2001 From: Sebastiaan Zeeff Date: Tue, 24 Nov 2020 00:30:22 +0100 Subject: Restructure Build & Deploy sequence in CI I've restructured the build & deploy sequence in our GitHub Actions CI workflow: - There's now a separate workflow to deploy to our cluster - The Build workflow has an additional `if` check to ensure we're only starting the build & deploy sequences for pushes to master - We now checkout the python-discord/kubernetes repo to fetch the deployment.yaml file located in there --- .github/workflows/build-deploy.yaml | 70 ---------------------------- .github/workflows/build.yaml | 56 ++++++++++++++++++++++ .github/workflows/kubernetes-deployment.yaml | 45 ++++++++++++++++++ 3 files changed, 101 insertions(+), 70 deletions(-) delete mode 100644 .github/workflows/build-deploy.yaml create mode 100644 .github/workflows/build.yaml create mode 100644 .github/workflows/kubernetes-deployment.yaml (limited to '.github') diff --git a/.github/workflows/build-deploy.yaml b/.github/workflows/build-deploy.yaml deleted file mode 100644 index c00f7f6a..00000000 --- a/.github/workflows/build-deploy.yaml +++ /dev/null @@ -1,70 +0,0 @@ -name: Build & Deploy - -on: - workflow_run: - workflows: ["Lint & Test"] - branches: - - master - types: - - completed - -jobs: - build-and-deploy: - name: Build and Deploy to Kubernetes - if: github.event.workflow_run.conclusion == 'success' - runs-on: ubuntu-latest - - steps: - # Create a commit SHA-based tag for the container repositories - - name: Create SHA Container Tag - id: sha_tag - run: | - tag=$(cut -c 1-7 <<< $GITHUB_SHA) - echo "::set-output name=tag::$tag" - - - name: Checkout code - uses: actions/checkout@v2 - - # The current version (v2) of Docker's build-push action uses - # buildx, which comes with BuildKit features that help us speed - # up our builds using additional cache features. Buildx also - # has a lot of other features that are not as relevant to us. - # - # See https://github.com/docker/build-push-action - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to Github Container Registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ secrets.GHCR_USER }} - password: ${{ secrets.GHCR_TOKEN }} - - # Build the container, including an inline cache manifest to - # allow us to use the registry as a cache source. - - name: Build and push - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile - push: true - cache-from: type=registry,ref=ghcr.io/python-discord/site:latest - cache-to: type=inline - tags: | - ghcr.io/python-discord/site:latest - ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }} - - - name: Authenticate with Kubernetes - uses: azure/k8s-set-context@v1 - with: - method: kubeconfig - kubeconfig: ${{ secrets.KUBECONFIG }} - - - name: Deploy to Kubernetes - uses: Azure/k8s-deploy@v1 - with: - manifests: | - deployment.yaml - images: 'ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }}' - kubectl-version: 'latest' diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 00000000..514c42e2 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,56 @@ +name: Build + +on: + workflow_run: + workflows: ["Lint & Test"] + branches: + - master + types: + - completed + +jobs: + build: + name: Build Docker Image + if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'push' + runs-on: ubuntu-latest + + steps: + # Create a commit SHA-based tag for the container repositories + - name: Create SHA Container Tag + id: sha_tag + run: | + tag=$(cut -c 1-7 <<< $GITHUB_SHA) + echo "::set-output name=tag::$tag" + + - name: Checkout code + uses: actions/checkout@v2 + + # The current version (v2) of Docker's build-push action uses + # buildx, which comes with BuildKit features that help us speed + # up our builds using additional cache features. Buildx also + # has a lot of other features that are not as relevant to us. + # + # See https://github.com/docker/build-push-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Github Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ secrets.GHCR_USER }} + password: ${{ secrets.GHCR_TOKEN }} + + # Build the container, including an inline cache manifest to + # allow us to use the registry as a cache source. + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + push: true + cache-from: type=registry,ref=ghcr.io/python-discord/site:latest + cache-to: type=inline + tags: | + ghcr.io/python-discord/site:latest + ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }} diff --git a/.github/workflows/kubernetes-deployment.yaml b/.github/workflows/kubernetes-deployment.yaml new file mode 100644 index 00000000..ff2652fd --- /dev/null +++ b/.github/workflows/kubernetes-deployment.yaml @@ -0,0 +1,45 @@ +name: Deploy + +on: + workflow_run: + workflows: ["Build"] + branches: + - master + types: + - completed + +jobs: + deploy: + if: github.event.workflow_run.conclusion == 'success' + name: Deploy to Kubernetes Cluster + runs-on: ubuntu-latest + + steps: + - name: Create SHA Container Tag + id: sha_tag + run: | + tag=$(cut -c 1-7 <<< $GITHUB_SHA) + echo "::set-output name=tag::$tag" + + # Check out the private Kubernetes repository for the + # deployment.yaml file using a GitHub Personal Access + # Token to get access. + - name: Checkout code + uses: actions/checkout@v2 + with: + repository: python-discord/kubernetes + token: ${{ secrets.REPO_TOKEN }} + + - name: Authenticate with Kubernetes + uses: azure/k8s-set-context@v1 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBECONFIG }} + + - name: Deploy to Kubernetes + uses: Azure/k8s-deploy@v1 + with: + manifests: | + site/deployment.yaml + images: 'ghcr.io/python-discord/site:${{ steps.sha_tag.outputs.tag }}' + kubectl-version: 'latest' -- cgit v1.2.3