Skip to content

Commit

Permalink
Update action versions, get secrets from vault
Browse files Browse the repository at this point in the history
  • Loading branch information
pierrebeauguitte committed Apr 12, 2024
1 parent 0655456 commit ab80c72
Showing 1 changed file with 68 additions and 40 deletions.
108 changes: 68 additions & 40 deletions .github/workflows/pipeline.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ jobs:
name: Run linting, typecheck, and tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- name: Set up Python
uses: actions/setup-python@v4
uses: actions/setup-python@v5
with:
python-version: "3.11"

Expand All @@ -32,59 +32,59 @@ jobs:
- name: Running tests
run: python -m pytest --cov=metadata_extract

build:
name: Create Docker image
needs: lint-and-test
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: nationallibraryofnorway/meteor
tags: |
type=semver,pattern={{version}}
type=ref,event=branch
type=ref,event=pr
- name: Build image
uses: docker/build-push-action@v4
with:
push: false
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: Dockerfile
build-args: |
USE_GIELLA=true
# build:
# name: Create Docker image
# needs: lint-and-test
# runs-on: ubuntu-latest
# steps:
# - name: Check out the repo
# uses: actions/checkout@v4

# - name: Set up Docker Buildx
# uses: docker/setup-buildx-action@v3

# - name: Extract metadata (tags, labels) for Docker
# id: meta
# uses: docker/metadata-action@v5
# with:
# images: nationallibraryofnorway/meteor
# tags: |
# type=semver,pattern={{version}}
# type=ref,event=branch
# type=ref,event=pr

# - name: Build image
# uses: docker/build-push-action@v4
# with:
# push: false
# context: .
# tags: ${{ steps.meta.outputs.tags }}
# labels: ${{ steps.meta.outputs.labels }}
# file: Dockerfile
# build-args: |
# USE_GIELLA=true

publish:
name: Create and push Docker image
needs: lint-and-test
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
# if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Log in to Docker Hub
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: nationallibraryofnorway/meteor
tags: |
Expand All @@ -93,7 +93,7 @@ jobs:
type=ref,event=pr
- name: Build image
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
push: true
context: .
Expand All @@ -104,10 +104,38 @@ jobs:
USE_GIELLA=true
- name: Docker Hub Description
uses: peter-evans/dockerhub-description@v3
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: nationallibraryofnorway/meteor
short-description: ${{ github.event.repository.description }}
readme-filepath: ./README.md

deploy-to-stage:
name: Deploy to kubernetes stage environment
needs: publish
runs-on: [self-hosted, Linux]
environment: stage
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Import secrets
id: import-secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
kv/team/text/data/k8s-text-stage *
- name: Setup Kubectl
uses: azure/setup-kubectl@v4
with:
version: 'v1.26.5'

- name: Deploy to k8s
run: echo "TODO..."

0 comments on commit ab80c72

Please sign in to comment.