Try to reformat yaml #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: [push] | |
| # push: | |
| # branches: | |
| # - "**" | |
| # tags: | |
| # - "v*.*.*" | |
| # pull_request: | |
| # branches: | |
| # - "main" | |
| jobs: | |
| lint-and-test: | |
| name: Run linter and tests | |
| runs-on: [self-hosted, Linux] | |
| steps: | |
| - name: Checkout the repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "npm" | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Linting | |
| run: npm run lint | |
| build-and-publish: | |
| name: Create and push Docker image | |
| needs: lint-and-test | |
| # if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') | |
| runs-on: [self-hosted, Linux] | |
| steps: | |
| - name: Checkout the repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver: docker | |
| - name: Import secrets | |
| id: import-secrets | |
| uses: hashicorp/vault-action@v3 | |
| with: | |
| url: ${{ secrets.VAULT_URL }} | |
| method: approle | |
| roleId: ${{ secrets.VAULT_ROLE_ID }} | |
| secretId: ${{ secrets.VAULT_SECRET_ID }} | |
| secrets: | | |
| kv/team/text/data/harbor * | |
| - name: Log in to Harbor | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ steps.import-secrets.outputs.HARBOR_URL }} | |
| username: ${{ steps.import-secrets.outputs.HARBOR_USERNAME }} | |
| password: ${{ steps.import-secrets.outputs.HARBOR_PASSWORD }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: harbor.nb.no/tekst/hugin | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| - name: Build and push image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: . | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| file: Dockerfile | |
| deploy-to-stage: | |
| name: Deploy to kubernetes stage environment | |
| needs: build-and-publish | |
| runs-on: [self-hosted, Linux] | |
| # if: github.ref == 'refs/heads/main' | |
| environment: stage | |
| steps: | |
| - name: Checkout the repository | |
| uses: actions/checkout@v4 | |
| - name: Import secrets | |
| id: import-secrets | |
| uses: hashicorp/vault-action@v3 | |
| with: | |
| url: ${{ secrets.VAULT_URL }} | |
| method: approle | |
| roleId: ${{ secrets.VAULT_ROLE_ID }} | |
| secretId: ${{ secrets.VAULT_SECRET_ID }} | |
| secrets: | | |
| kv/team/text/data/k8s-text-stage * | |
| - name: Set up kubectl | |
| uses: azure/setup-kubectl@v4 | |
| with: | |
| version: 'v1.26.5' | |
| - name: Deploy to k8s | |
| run: | | |
| kubectl config set-cluster k8s --server="${{ steps.import-secrets.outputs.K8S_STAGE_SERVER }}" | |
| kubectl config set clusters.k8s.certificate-authority-data ${{ steps.import-secrets.outputs.K8S_STAGE_NB_NO_CA }} | |
| kubectl config set-credentials ${{ steps.import-secrets.outputs.K8S_STAGE_USER }} --token=${{ steps.import-secrets.outputs.K8S_STAGE_NB_NO_TOKEN }} | |
| kubectl config set-context hugin --cluster=k8s --user=${{ steps.import-secrets.outputs.K8S_STAGE_USER }} --namespace=tekst-stage | |
| kubectl config use-context hugin | |
| kubectl config view | |
| kubectl version | |
| sed -i "s/<version>/${{ env.APP_VERSION }}/g" k8s/stage/hugin.yml | |
| sed -i "s/<host_url>/${{ steps.import-secrets.outputs.K8S_HOST_URL }}/g" k8s/stage/hugin.yml | |
| kubectl apply -f k8s/stage/hugin.yml | |
| kubectl rollout restart deploy/hugin |