Skip to content

allow failure secret creation #3

allow failure secret creation

allow failure secret creation #3

Workflow file for this run

name: Update Fusionauth
on: [push]
env:
ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}
ORG_NAME: ${{ secrets.ORG_NAME }}
REPO_NAME: ${{ secrets.REPO_NAME }}
jobs:
build-and-deploy-aks:
runs-on: self-hosted
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Azure login
uses: azure/login@v1
with:
auth-type: IDENTITY
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Kubernetes secrets
continue-on-error: true
working-directory: deployement/k8s
run: |
az aks get-credentials --resource-group ${{ secrets.AKS_RESOURCE_GROUP_NAME }} --name ${{ secrets.KUBERNETES_CLUSTER_NAME }}
kubectl get nodes
DATABASE_URL=jdbc:postgresql://${{ secrets.POSTGRESQL_FQDN }}:5432/fusionauth
kubectl create secret generic posgresqlurl --from-literal=DATABASE_URL=$DATABASE_URL
kubectl create secret generic posgresqlrootusername --from-literal=DATABASE_ROOT_USERNAME=${{ secrets.POSTGRESQL_ROOT_USERNAME }}
kubectl create secret generic posgresqlrootpassword --from-literal=DATABASE_ROOT_PASSWORD=${{ secrets.POSTGRESQL_ROOT_PASSWORD }}
kubectl create secret generic fusionauthdatabaseusername --from-literal=DATABASE_USERNAME=${{ secrets.FUSIONAUTH_DATABASE_USERNAME }}
kubectl create secret generic fusionauthdatabasepassword --from-literal=DATABASE_PASSWORD=${{ secrets.FUSIONAUTH_DATABASE_PASSWORD }}
- name: Kubernetes deploy
continue-on-error: true
working-directory: deployement/k8s
run: |
az aks get-credentials --resource-group ${{ secrets.AKS_RESOURCE_GROUP_NAME }} --name ${{ secrets.KUBERNETES_CLUSTER_NAME }}
kubectl apply -f fusionauth.yaml
FUSION_AUTH_PUBLIC_IP=$(kubectl get service fusionauth --output jsonpath='{.status.loadBalancer.ingress[0].ip}')
cd ..
public_key_info=$(curl -H "Authorization: token $ACCESS_TOKEN" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/$ORG_NAME/$REPO_NAME/actions/secrets/public-key)
public_key_value=$(echo "$public_key_info" | jq -r '.key')
public_key_id=$(echo "$public_key_info" | jq -r '.key_id')
FUSION_AUTH_PUBLIC_IP=$(python3 encrypt-secret.py ${FUSION_AUTH_PUBLIC_IP} $public_key_value)
echo '{"encrypted_value":"'${FUSION_AUTH_PUBLIC_IP}'","key_id":"'$public_key_id'"}' > body.json
curl -L -X PUT -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $ACCESS_TOKEN" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/$ORG_NAME/$REPO_NAME/actions/secrets/FUSION_AUTH_PUBLIC_IP -d @body.json