-
Notifications
You must be signed in to change notification settings - Fork 2
124 lines (105 loc) · 3.92 KB
/
pipeline.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: CI/CD pipeline
on: [push]
env:
APP_VERSION: ${{ github.ref_name }}
jobs:
lint-and-test:
name: Run linting, typecheck, and tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
pip install -r test/requirements.txt
- name: Linting
run: |
flake8 -v
pylint metadata_extract src diff test *.py
- name: Type-check
run: mypy metadata_extract src diff main.py
- name: Running tests
run: python -m pytest --cov=metadata_extract
build-and-publish:
name: Create and push Docker image
needs: lint-and-test
# if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: nationallibraryofnorway/meteor
tags: |
type=semver,pattern={{version}}
type=ref,event=branch
type=ref,event=pr
- name: Build image
uses: docker/build-push-action@v5
with:
push: true
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: Dockerfile
build-args: |
USE_GIELLA=true
- name: Docker Hub Description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: nationallibraryofnorway/meteor
short-description: ${{ github.event.repository.description }}
readme-filepath: ./README.md
deploy-to-stage:
name: Deploy to kubernetes stage environment
needs: build-and-publish
runs-on: [self-hosted, Linux]
environment: stage
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Import secrets
id: import-secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
kv/team/text/data/harvestk8s-text-stage *
- name: Setup Kubectl
uses: azure/setup-kubectl@v4
with:
version: 'v1.26.5'
- name: Deploy to k8s
run: |
echo "Deploy version ${{ env.APP_VERSION }}" to stage
kubectl config set-cluster k8s --server="${{ steps.import-secrets.outputs.K8S_STAGE_SERVER }}"
kubectl config set clusters.k8s.certificate-authority-data ${{ steps.import-secrets.outputs.K8S_STAGE_NB_NO_CA }}
kubectl config set-credentials ${{ steps.import-secrets.outputs.K8S_STAGE_USER }} --token=${{ steps.import-secrets.outputs.K8S_STAGE_NB_NO_TOKEN }}
kubectl config set-context meteor --cluster=k8s --user=${{ steps.import-secrets.outputs.K8S_STAGE_USER }} --namespace=tekst-stage
kubectl config use-context meteor
kubectl config view
kubectl version
sed -i "s/<version>/${{ env.APP_VERSION }}/g" k8s/stage/meteor.yml
sed -i "s/<host_url>/${{ steps.import-secrets.outputs.K8S_HOST_URL }}/g" k8s/stage/meteor.yml
kubectl apply -f k8s/stage/meteor.yml
kubectl rollout restart deploy/meteor