Skip to content

MormonJesus69420 is deploying the project #8

MormonJesus69420 is deploying the project

MormonJesus69420 is deploying the project #8

Workflow file for this run

name: Deploy Project
run-name: ${{ github.actor }} is deploying the project
on:
# Run on push to main branch and tags
push:
branches:
- main
tags:
- "v*.*.*"
# Runs every time a pull request is created or updated
pull_request:
env:
# Run in batch mode, produce errors, use settings file, set local repo
MAVEN_CONFIG: -B -e -s .m2/settings.xml -Dmaven.repo.local=.m2/repository
concurrency:
# Define concurrency group name which will then be used to determine duplicate workflow runs
group: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
test-project:
name: Build and Test the Project
runs-on: self-hosted-linux
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Java JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
architecture: x64
# Cache maven dependencies for quicker runs
cache: maven
- name: Cache Maven Packages
uses: actions/cache@v4
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Import Secrets
uses: hashicorp/vault-action@v3
id: sec
with:
url: ${{ secrets.VAULT_URL }}
method: ldap
username: ${{ secrets.VAULT_USERNAME }} # TODO: Remove this, only for testing, using my personal account
password: ${{ secrets.VAULT_PASSWORD }}
# method: approle
# roleId: ${{ secrets.VAULT_ROLE_ID }}
# secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: secret/v1/application/k8s/mlt/metadata/proxy *
- name: Test the Project
run: |
sed -i "s/HTTP_PROXY_HOST/${{ steps.sec.outputs.HTTP_PROXY_HOST }}/g" .m2/settings.xml
sed -i "s/HTTP_PROXY_PORT/${{ steps.sec.outputs.HTTP_PROXY_PORT }}/g" .m2/settings.xml
sed -i "s/HTTPS_PROXY_HOST/${{ steps.sec.outputs.HTTPS_PROXY_HOST }}/g" .m2/settings.xml
sed -i "s/HTTPS_PROXY_PORT/${{ steps.sec.outputs.HTTPS_PROXY_PORT }}/g" .m2/settings.xml
./mvnw ${{ env.MAVEN_CONFIG }} verify --fail-at-end
- name: Publish Test Report
uses: scacap/action-surefire-report@v1
with:
fail_on_test_failures: true
- name: Upload the JAR File
uses: actions/upload-artifact@v4
with:
name: packaged-project
path: target/wls-*.jar
if-no-files-found: error
overwrite: true
- name: Cache Maven Repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
publish-image:
name: Build and Publish the Docker Image
needs: test-project
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
runs-on: self-hosted-linux
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker
- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: secret/v1/application/k8s/mlt/harbor *
- name: Log in to Harbor Registry
uses: docker/login-action@v3
with:
registry: ${{ steps.sec.outputs.HARBOR_URL }}
username: ${{ steps.sec.outputs.HARBOR_USERNAME }}
password: ${{ steps.sec.outputs.HARBOR_PASSWORD }}
- name: Extract Metadata for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: mlt/wls # TODO: Figure out what image name will be generated
tags: |
type=semver,pattern={{version}}
type=ref,event=branch
type=ref,event=pr
- name: Download the JAR File
uses: actions/download-artifact@v4
with:
name: packaged-project
- name: Build the Docker Image
uses: docker/build-push-action@v5
with:
push: true
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
deploy-to-stage:
name: Deploy to Kubernetes Stage
needs: publish-image
if: github.ref == 'refs/heads/main'
runs-on: self-hosted-linux
environment: stage
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: secret/v1/application/k8s/mlt/k8s-stage *
- name: Setup Kubectl
uses: azure/setup-kubectl@v4 # TODO: Check if it needs some more config
- name: Deploy to Stage
run: | # TODO: Fix this to fit our config and needs, as I've "borrowed" this from Tekst team
echo "Deploying to stage version ${{ steps.sec.outputs.APP_VERSION }}"
sed -i "s/<version>/${{ steps.sec.outputs.APP_VERSION }}/g" k8s/stage/wls.yml
sed -i "s/<host_url>/${{ steps.sec.outputs.K8S_HOST_URL }}/g" k8s/stage/wls.yml
kubectl config set-cluster stagecl --server=${{ steps.sec.outputs.K8S_STAGE_SERVER }}
kubectl config set clusters.stagecl.certificate-authority-data ${{ steps.sec.outputs.K8S_STAGE_NB_NO_CA }}
kubectl config set-credentials ${{ steps.sec.outputs.K8S_STAGE_USER }} --token=${{ steps.sec.outputs.K8S_STAGE_NB_NO_TOKEN }}
kubectl config set-context mlt --cluster=stagecl --user=${{ steps.sec.outputs.K8S_STAGE_USER }} --namespace=mlt-stage
kubectl config use-context mlt
kubectl config view
kubectl version
kubectl apply -f k8s/stage/wls.yml
kubectl rollout restart deploy/wls
deploy-to-prod:
name: Deploy to Kubernetes Prod
needs: publish-image
if: startsWith(github.event.ref, 'refs/tags/v')
runs-on: self-hosted-linux
environment: prod
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Import Secrets
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
secret/v1/application/k8s/mlt/k8s-prod *
- name: Setup Kubectl
uses: azure/setup-kubectl@v4 # TODO: Check if it needs some more config
- name: Deploy to Prod
run: | # TODO: Fix this to fit our config and needs, as I've "borrowed" this from Tekst team
echo "Deploying to production version ${{ steps.sec.outputs.APP_VERSION }}"
sed -i "s/<version>/${{ steps.sec.outputs.APP_VERSION }}/g" k8s/prod/wls.yml
sed -i "s/<host_url>/${{ steps.sec.outputs.K8S_HOST_URL }}/g" k8s/prod/wls.yml
kubectl config set-cluster prodcl --server=${{ steps.sec.outputs.K8S_PROD_SERVER }}
kubectl config set clusters.prodcl.certificate-authority-data ${{ steps.sec.outputs.K8S_PROD_NB_NO_CA }}
kubectl config set-credentials ${{ steps.sec.outputs.K8S_PROD_USER }} --token=${{ steps.sec.outputs.K8S_PROD_NB_NO_TOKEN }}
kubectl config set-context mlt --cluster=prodcl --user=${{ steps.sec.outputs.K8S_PROD_USER }} --namespace=mlt-prod
kubectl config use-context mlt
kubectl config view
kubectl version
kubectl apply -f k8s/prod/wls.yml
kubectl rollout restart deploy/wls