name: "CI/CD" on: push: branches: - master jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Build/Push Docker Image run: | docker login --username $DOCKER_USERNAME --password $DOCKER_PASSWORD docker build . -t xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) docker push xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) env: DOCKER_USERNAME: "xena" DOCKER_PASSWORD: "${{ secrets.DOCKER_PASSWORD }}" - name: Download secrets run: | mkdir ~/.ssh echo $FILE_DATA | base64 -d > ~/.ssh/id_rsa md5sum ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa git clone git@git.xeserv.us:xena/within-terraform-secret env: FILE_DATA: ${{ secrets.SSH_PRIVATE_KEY }} GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - name: Install/Configure/Use Dyson run: | curl https://xena.greedo.xeserv.us/files/dyson-linux-amd64-0.1.0.tgz | tar xz cp ./dyson-linux-amd64-0.1.0/dyson . rm -rf dyson-linux-amd64-0.1.0 mkdir -p ~/.config/dyson echo '[DigitalOcean] Token = "" [Cloudflare] Email = "" Token = "" [Secrets] GitCheckout = "./within-terraform-secret"' > ~/.config/dyson/dyson.ini ./dyson manifest \ --name=christinewebsite \ --domain=christine.website \ --dockerImage=xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) \ --containerPort=5000 \ --replicas=1 \ --useProdLE=true > deploy.yml - name: Configure Kubernetes run: | curl https://github.com/digitalocean/doctl/releases/download/v1.30.0/doctl-1.30.0-linux-amd64.tar.gz | tar xz ./doctl auth login -t $DIGITALOCEAN_ACCESS_TOKEN ./doctl kubernetes cluster kubeconfig show kubermemes > $HOME/.kubeconfig env: DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} - name: Deploy uses: docker://lachlanevenson/k8s-kubectl with: entrypoint: /usr/local/bin/kubectl args: | --kubeconfig=$HOME/.kubeconfig apply -f deploy.yml - name: Verify uses: docker://lachlanevenson/k8s-kubectl with: entrypoint: /usr/local/bin/kubectl args: | --kubeconfig=$HOME/.kubeconfig rollout status deployment/christinewebsite