name: "CI/CD" on: push: branches: - master jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Build container image run: | docker build -t xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) . echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin docker push xena/christinewebsite env: DOCKER_USERNAME: "xena" DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - name: Download secrets/Install/Configure/Use Dyson run: | mkdir ~/.ssh echo $FILE_DATA | base64 -d > ~/.ssh/id_rsa md5sum ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa git clone git@ssh.tulpa.dev:cadey/within-terraform-secret curl https://xena.greedo.xeserv.us/files/dyson-linux-amd64-0.1.0.tgz | tar xz cp ./dyson-linux-amd64-0.1.1/dyson . rm -rf dyson-linux-amd64-0.1.1 mkdir -p ~/.config/dyson echo '[DigitalOcean] Token = "" [Cloudflare] Email = "" Token = "" [Secrets] GitCheckout = "./within-terraform-secret"' > ~/.config/dyson/dyson.ini ./dyson manifest \ --name=christinewebsite \ --domain=christine.website \ --dockerImage=xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) \ --containerPort=5000 \ --replicas=2 \ --useProdLE=true > $GITHUB_WORKSPACE/deploy.yml env: FILE_DATA: ${{ secrets.SSH_PRIVATE_KEY }} GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - name: Save DigitalOcean kubeconfig uses: digitalocean/action-doctl@master env: DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} with: args: kubernetes cluster kubeconfig show kubermemes > $GITHUB_WORKSPACE/.kubeconfig - name: Deploy to DigitalOcean Kubernetes uses: docker://lachlanevenson/k8s-kubectl with: args: --kubeconfig=/github/workspace/.kubeconfig apply -n apps -f /github/workspace/deploy.yml - name: Verify deployment uses: docker://lachlanevenson/k8s-kubectl with: args: --kubeconfig=/github/workspace/.kubeconfig rollout status -n apps deployment/christinewebsite - name: Ping Google uses: docker://lachlanevenson/k8s-kubectl with: args: --kubeconfig=/github/workspace/.kubeconfig apply -f /github/workspace/k8s/job.yml - name: Sleep run: | sleep 5 - name: Don't Ping Google uses: docker://lachlanevenson/k8s-kubectl with: args: --kubeconfig=/github/workspace/.kubeconfig delete -f /github/workspace/k8s/job.yml - name: POSSE env: MI_TOKEN: ${{ secrets.MI_TOKEN }} run: | curl -H "Authorization: $MI_TOKEN" --data "https://christine.website/blog.json" https://mi.within.website/blog/refresh