diff --git a/.github/workflows/kubernetes-cd.yml b/.github/workflows/kubernetes-cd.yml deleted file mode 100644 index 37f47b1..0000000 --- a/.github/workflows/kubernetes-cd.yml +++ /dev/null @@ -1,80 +0,0 @@ -name: "CI/CD" -on: - push: - branches: - - master -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - name: Build container image - run: | - docker build -t xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) . - echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin - docker push xena/christinewebsite - env: - DOCKER_USERNAME: "xena" - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - - name: Download secrets/Install/Configure/Use Dyson - run: | - mkdir ~/.ssh - echo $FILE_DATA | base64 -d > ~/.ssh/id_rsa - md5sum ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - git clone git@ssh.tulpa.dev:cadey/within-terraform-secret - curl https://xena.greedo.xeserv.us/files/dyson-linux-amd64-0.1.0.tgz | tar xz - cp ./dyson-linux-amd64-0.1.1/dyson . - rm -rf dyson-linux-amd64-0.1.1 - mkdir -p ~/.config/dyson - - echo '[DigitalOcean] - Token = "" - - [Cloudflare] - Email = "" - Token = "" - - [Secrets] - GitCheckout = "./within-terraform-secret"' > ~/.config/dyson/dyson.ini - - ./dyson manifest \ - --name=christinewebsite \ - --domain=christine.website \ - --dockerImage=xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) \ - --containerPort=5000 \ - --replicas=2 \ - --useProdLE=true > $GITHUB_WORKSPACE/deploy.yml - env: - FILE_DATA: ${{ secrets.SSH_PRIVATE_KEY }} - GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - - name: Save DigitalOcean kubeconfig - uses: digitalocean/action-doctl@master - env: - DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} - with: - args: kubernetes cluster kubeconfig show kubermemes > $GITHUB_WORKSPACE/.kubeconfig - - name: Deploy to DigitalOcean Kubernetes - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig apply -n apps -f /github/workspace/deploy.yml - - name: Verify deployment - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig rollout status -n apps deployment/christinewebsite - - name: Ping Google - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig apply -f /github/workspace/k8s/job.yml - - name: Sleep - run: | - sleep 5 - - name: Don't Ping Google - uses: docker://lachlanevenson/k8s-kubectl - with: - args: --kubeconfig=/github/workspace/.kubeconfig delete -f /github/workspace/k8s/job.yml - - name: POSSE - env: - MI_TOKEN: ${{ secrets.MI_TOKEN }} - run: | - curl -H "Authorization: $MI_TOKEN" --data "https://christine.website/blog.json" https://mi.within.website/blog/refresh diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 27ec57d..cdb080d 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -39,3 +39,4 @@ jobs: PATREON_REFRESH_TOKEN: ${{ secrets.PATREON_REFRESH_TOKEN }} PATREON_CLIENT_ID: ${{ secrets.PATREON_CLIENT_ID }} PATREON_CLIENT_SECRET: ${{ secrets.PATREON_CLIENT_SECRET }} + MI_TOKEN: ${{ secrets.MI_TOKEN }} diff --git a/scripts/release.sh b/scripts/release.sh index 11848cd..4a77c55 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -1,6 +1,10 @@ #!/usr/bin/env nix-shell -#! nix-shell -p doctl -p kubectl -i bash +#! nix-shell -p doctl -p kubectl -p curl -i bash nix-env -if ./nix/dhall-yaml.nix doctl kubernetes cluster kubeconfig save kubermemes dhall-to-yaml-ng < ./site.dhall | kubectl apply -n apps -f - kubectl rollout status -n apps deployment/christinewebsite +kubectl apply -f ./k8s/job.yml +sleep 10 +kubectl delete -f ./k8s/job.yml +curl -H "Authorization: $MI_TOKEN" --data "https://christine.website/blog.json" https://mi.within.website/blog/refresh