name: Build & Deploy on: workflow_call: inputs: sha-tag: description: "A short-form SHA tag for the commit that triggered this workflow" required: true type: string jobs: build: name: Build Docker Image runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 # The current version (v3) of Docker's build-push action uses # buildx, which comes with BuildKit features that help us speed # up our builds using additional cache features. Buildx also # has a lot of other features that are not as relevant to us. # # See https://github.com/docker/build-push-action - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Github Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} # Build the container, including an inline cache manifest to # allow us to use the registry as a cache source. - name: Build and push uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile push: true cache-from: type=registry,ref=ghcr.io/python-discord/site:latest cache-to: type=inline tags: | ghcr.io/python-discord/site:latest ghcr.io/python-discord/site:${{ inputs.sha-tag }} build-args: | git_sha=${{ github.sha }} deploy: name: Deploy needs: build runs-on: ubuntu-latest environment: production steps: - name: Checkout code uses: actions/checkout@v4 with: repository: python-discord/infra path: infra - uses: azure/setup-kubectl@v4.0.0 - name: Authenticate with Kubernetes uses: azure/k8s-set-context@v4 with: method: kubeconfig kubeconfig: ${{ secrets.KUBECONFIG }} - name: Deploy to Kubernetes uses: Azure/k8s-deploy@v4 with: manifests: | infra/kubernetes/namespaces/default/site/deployment.yaml images: 'ghcr.io/python-discord/site:${{ inputs.sha-tag }}' - name: Purge Cloudflare Edge Cache uses: jakejarvis/cloudflare-purge-action@master env: CLOUDFLARE_ZONE: 989c984a358bfcd1e9b9d188cc86c1df CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_CACHE_TOKEN }}