Skip to content

[dbt] br_ms_sia

[dbt] br_ms_sia #60

Workflow file for this run

---
name: CD
on:
pull_request:
types: [closed]
env:
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
GH_PAT: ${{ secrets.GH_PAT }}
GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }}
GKE_REGION: ${{ secrets.GKE_REGION }}
BASEDOSDADOS_CONFIG: ${{ secrets.BASEDOSDADOS_CONFIG }}
BASEDOSDADOS_CREDENTIALS_PROD: ${{ secrets.BASEDOSDADOS_CREDENTIALS_PROD }}
BASEDOSDADOS_CREDENTIALS_STAGING: ${{ secrets.BASEDOSDADOS_CREDENTIALS_STAGING }}
IMAGE_NAME: ghcr.io/basedosdados/queries-basedosdados
jobs:
build-container:
if: |
github.event.pull_request.merged == true
&& github.event.pull_request.base.ref == 'main'
name: Deployment
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Google Cloud CLI
uses: google-github-actions/[email protected]
with:
service_account_key: ${{ secrets.GCP_SA_KEY }}
project_id: ${{ secrets.GCP_PROJECT_ID }}
export_default_credentials: true
- name: Get GKE credentials
uses: google-github-actions/[email protected]
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GKE_REGION }}
credentials: ${{ secrets.GCP_SA_KEY }}
- name: Build and publish image
run: |
docker build -t $IMAGE_NAME:$GITHUB_SHA .
echo $GH_PAT | docker login ghcr.io -u gabriel-milan --password-stdin
docker push $IMAGE_NAME:$GITHUB_SHA
- name: Set up Kustomize
run: |-
curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64
chmod u+x ./kustomize
- name: Deploy
run: |-
./kustomize edit set image gcr.io/PROJECT_ID/IMAGE_DBT:TAG=$IMAGE_NAME:$GITHUB_SHA
./kustomize build . | kubectl apply -n prefect-agent-basedosdados -f -
kubectl rollout status -w -n prefect-agent-basedosdados deployment/dbt-rpc-dev
kubectl rollout status -w -n prefect-agent-basedosdados deployment/dbt-rpc-prod
table-approve:
if: contains(github.event.pull_request.labels.*.name, 'table-approve')
needs: build-container
name: Table approve
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get all changed files using a comma separator
id: changed-files
uses: tj-actions/changed-files@v35
with:
separator: ','
- name: Set up poetry
run: pipx install poetry
- name: Set up python
uses: actions/setup-python@v4
with:
cache: poetry
python-version: '3.9'
- name: Install requirements
run: poetry install --only=dev
- name: Run script for approving table
run: |
poetry run python .github/workflows/scripts/table_approve.py --modified-files ${{ steps.changed-files.outputs.all_modified_files }} --graphql-url ${{ secrets.BACKEND_GRAPHQL_URL }} --source-bucket-name ${{ secrets.SOURCE_BUCKET_NAME }} --destination-bucket-name ${{ secrets.DESTINATION_BUCKET_NAME }} --backup-bucket-name ${{ secrets.BACKUP_BUCKET_NAME }} --prefect-backend-token ${{ secrets.PREFECT_BACKEND_TOKEN }} --materialization-mode ${{ secrets.MATERIALIZATION_MODE }} --materialization-label ${{ secrets.MATERIALIZATION_LABEL }}
change-metadata-status:
needs: table-approve
name: Change metadata status to "production"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Get all changed files using a comma separator
id: changed-files
uses: tj-actions/changed-files@v35
with:
separator: ','
- name: Set up poetry
run: pipx install poetry
- name: Set up python
uses: actions/setup-python@v4
with:
cache: poetry
python-version: '3.9'
- name: Install requirements
run: poetry install --only=dev
- name: Run script for changing metadata status
run: |-
poetry run python .github/workflows/scripts/change_metadata_status.py --modified-files ${{ steps.changed-files.outputs.all_modified_files }} --graphql-url ${{ secrets.BACKEND_GRAPHQL_URL }} --status published --email ${{ secrets.BACKEND_EMAIL }} --password ${{ secrets.BACKEND_PASSWORD }}