site/.github/workflows/kubernetes-cd.yml

81 lines
2.9 KiB
YAML
Raw Normal View History

2019-09-07 15:44:38 +00:00
name: "CI/CD"
on:
push:
branches:
- master
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
2019-09-09 21:53:12 +00:00
- name: Build container image
2019-10-16 01:04:44 +00:00
run: |
docker build -t xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) .
echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin
docker push xena/christinewebsite
2019-09-07 16:40:39 +00:00
env:
DOCKER_USERNAME: "xena"
2019-09-09 21:53:12 +00:00
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
- name: Download secrets/Install/Configure/Use Dyson
2019-09-07 15:50:47 +00:00
run: |
mkdir ~/.ssh
2019-09-07 15:59:57 +00:00
echo $FILE_DATA | base64 -d > ~/.ssh/id_rsa
2019-09-07 15:50:47 +00:00
md5sum ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
2019-10-16 01:04:44 +00:00
git clone git@ssh.tulpa.dev:cadey/within-terraform-secret
2019-09-07 15:50:47 +00:00
curl https://xena.greedo.xeserv.us/files/dyson-linux-amd64-0.1.0.tgz | tar xz
2019-12-21 20:07:31 +00:00
cp ./dyson-linux-amd64-0.1.1/dyson .
rm -rf dyson-linux-amd64-0.1.1
2019-09-07 16:45:08 +00:00
mkdir -p ~/.config/dyson
2019-09-07 15:50:47 +00:00
echo '[DigitalOcean]
Token = ""
[Cloudflare]
Email = ""
Token = ""
[Secrets]
GitCheckout = "./within-terraform-secret"' > ~/.config/dyson/dyson.ini
2019-09-07 16:45:08 +00:00
2019-09-07 16:48:06 +00:00
./dyson manifest \
2019-09-07 15:50:47 +00:00
--name=christinewebsite \
--domain=christine.website \
2019-09-07 16:12:04 +00:00
--dockerImage=xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) \
2019-09-07 15:50:47 +00:00
--containerPort=5000 \
--replicas=1 \
2019-09-09 21:53:12 +00:00
--useProdLE=true > $GITHUB_WORKSPACE/deploy.yml
env:
FILE_DATA: ${{ secrets.SSH_PRIVATE_KEY }}
GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
- name: Save DigitalOcean kubeconfig
uses: digitalocean/action-doctl@master
2019-09-07 16:59:26 +00:00
env:
2019-09-07 17:05:08 +00:00
DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
2019-09-09 21:53:12 +00:00
with:
args: kubernetes cluster kubeconfig show kubermemes > $GITHUB_WORKSPACE/.kubeconfig
- name: Deploy to DigitalOcean Kubernetes
uses: docker://lachlanevenson/k8s-kubectl
with:
args: --kubeconfig=/github/workspace/.kubeconfig apply -n apps -f /github/workspace/deploy.yml
- name: Verify deployment
uses: docker://lachlanevenson/k8s-kubectl
with:
args: --kubeconfig=/github/workspace/.kubeconfig rollout status -n apps deployment/christinewebsite
- name: Ping Google
uses: docker://lachlanevenson/k8s-kubectl
with:
2019-10-23 17:18:49 +00:00
args: --kubeconfig=/github/workspace/.kubeconfig apply -f /github/workspace/k8s/job.yml
- name: Sleep
run: |
sleep 5
- name: Don't Ping Google
uses: docker://lachlanevenson/k8s-kubectl
with:
2019-10-23 17:18:49 +00:00
args: --kubeconfig=/github/workspace/.kubeconfig delete -f /github/workspace/k8s/job.yml
2020-01-11 21:32:47 +00:00
- name: POSSE
env:
MI_TOKEN: ${{ secrets.MI_TOKEN }}
run: |
curl -H "Authorization: $MI_TOKEN" --data "https://christine.website/blog.json" https://mi.within.website/blog/refresh