Skip to content

Promote

Promote #58

Workflow file for this run

name: Promote
on:
workflow_dispatch:
env:
IMAGE_NAME: teleservices/bookworm
DEBIAN_VERSION: bookworm
jobs:
staging:
environment:
name: staging
runs-on: gha-runners-teleservices
steps:
- name: Build push prod image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_TAGS: |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
CONTEXT: 'teleservices'
DOCKERFILE: 'teleservices/Dockerfile'
BUILD_ARGS: 'DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}'
TARGET: 'prod-image'
- name: Build push dev image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_TAGS: |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
CONTEXT: 'teleservices'
DOCKERFILE: 'teleservices/Dockerfile'
BUILD_ARGS: 'DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}'
TARGET: 'dev-image'
- name: Install jq
run: |
if which jq > /dev/null; then
echo "jq is already installed"
else
sudo apt-get update && sudo apt-get install -y jq
fi
- name: Restart staging instances
uses: IMIO/gha/[email protected]
with:
RUNDECK_URL: ${{ secrets.RUNDECK_URL }}
RUNDECK_TOKEN: ${{ secrets.TELESERVICES_RUNDECK_TOKEN }}
RUNDECK_JOB_ID: ${{ secrets.RUNDECK_JOB_ID }}
RUNDECK_PARAMETERS: '-F "filter=name ${{ vars.NODE_NAME }}"'
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name: Sleep 30s to let instances restart
run: sleep 30
shell: bash
- name: Test staging instance
uses: IMIO/gha/[email protected]
with:
URL: ${{ secrets.STAGING_HEALTH_API_URL }}
- name: Test staging services
timeout-minutes: 5
run: |
until curl -m 2 --output /dev/null --silent --fail '${{ secrets.STAGING_HEALTH_API_URL }}' | jq '
.data.passerelle.is_running
and .data.portal.is_running
and ".data.portal-agent.is_running"
and .data.idp.is_running
and .data.eservices.is_running
and .data.agenda.is_running
and .data.statistics.is_running'
do
sleep 3
echo 'Waiting until services are running on guichet-citoyen staging instance'
done
echo 'services are running on guichet-citoyen staging instance'
- name : Send failure notification on Mattermost
if: failure()
run: |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
MESSAGE="Error : docker staging image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)"
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
canary:
needs: [staging]
environment:
name: canary
timeout-minutes: 2880
runs-on: gha-runners-teleservices
steps:
- name: Get tomorrow date
run: echo "DEPLOY_DATE=$(date --date='01:00 tomorrow' +'%Y-%m-%dT%H:%M:%S%z')" >> $GITHUB_ENV
- name: Tag prod image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_TAG: 'staging'
NEW_IMAGE_TAGS: |
latest
latest-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name: Tag test image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}-test
IMAGE_TAG: 'staging'
NEW_IMAGE_TAGS: |
latest
latest-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name: Schedule restart of canary instances
uses: IMIO/gha/[email protected]
with:
RUNDECK_URL: ${{ secrets.RUNDECK_URL }}
RUNDECK_TOKEN: ${{ secrets.TELESERVICES_RUNDECK_TOKEN }}
RUNDECK_JOB_ID: ${{ secrets.RUNDECK_JOB_ID }}
RUNDECK_PARAMETERS: '-F "runAtTime=${{ env.DEPLOY_DATE }}" -F "filter=name ${{ vars.NODE_NAME }}"'
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
production:
needs: [canary]
environment:
name: production
timeout-minutes: 5760
runs-on: gha-runners-teleservices
steps:
- name: Get tomorrow date
run: echo "DEPLOY_DATE=$(date --date='01:00 tomorrow' +'%Y-%m-%dT%H:%M:%S%z')" >> $GITHUB_ENV
- name: Schedule restart of prod instances
uses: IMIO/gha/[email protected]
with:
RUNDECK_URL: ${{ secrets.RUNDECK_URL }}
RUNDECK_TOKEN: ${{ secrets.TELESERVICES_RUNDECK_TOKEN }}
RUNDECK_JOB_ID: ${{ secrets.RUNDECK_JOB_ID }}
RUNDECK_PARAMETERS: '-F "runAtTime=${{ env.DEPLOY_DATE }}"'
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}