-
Notifications
You must be signed in to change notification settings - Fork 1
145 lines (144 loc) · 6.27 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: Promote
on:
workflow_dispatch:
env:
IMAGE_NAME: teleservices/bookworm
DEBIAN_VERSION: bookworm
jobs:
staging:
environment:
name: staging
runs-on: gha-runners-teleservices
steps:
- name: Build push prod image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_TAGS: |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
CONTEXT: 'teleservices'
DOCKERFILE: 'teleservices/Dockerfile'
BUILD_ARGS: 'DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}'
TARGET: 'prod-image'
- name: Build push dev image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_TAGS: |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
CONTEXT: 'teleservices'
DOCKERFILE: 'teleservices/Dockerfile'
BUILD_ARGS: 'DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}'
TARGET: 'dev-image'
- name: Install jq
run: |
if which jq > /dev/null; then
echo "jq is already installed"
else
sudo apt-get update && sudo apt-get install -y jq
fi
- name: Restart staging instances
uses: IMIO/gha/[email protected]
with:
RUNDECK_URL: ${{ secrets.RUNDECK_URL }}
RUNDECK_TOKEN: ${{ secrets.TELESERVICES_RUNDECK_TOKEN }}
RUNDECK_JOB_ID: ${{ secrets.RUNDECK_JOB_ID }}
RUNDECK_PARAMETERS: '-F "filter=name ${{ vars.NODE_NAME }}"'
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name: Sleep 30s to let instances restart
run: sleep 30
shell: bash
- name: Test staging instance
uses: IMIO/gha/[email protected]
with:
URL: ${{ secrets.STAGING_HEALTH_API_URL }}
- name: Test staging services
timeout-minutes: 5
run: |
until curl -m 2 --output /dev/null --silent --fail '${{ secrets.STAGING_HEALTH_API_URL }}' | jq '
.data.passerelle.is_running
and .data.portal.is_running
and ".data.portal-agent.is_running"
and .data.idp.is_running
and .data.eservices.is_running
and .data.agenda.is_running
and .data.statistics.is_running'
do
sleep 3
echo 'Waiting until services are running on guichet-citoyen staging instance'
done
echo 'services are running on guichet-citoyen staging instance'
- name : Send failure notification on Mattermost
if: failure()
run: |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
MESSAGE="Error : docker staging image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)"
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
canary:
needs: [staging]
environment:
name: canary
timeout-minutes: 2880
runs-on: gha-runners-teleservices
steps:
- name: Get tomorrow date
run: echo "DEPLOY_DATE=$(date --date='01:00 tomorrow' +'%Y-%m-%dT%H:%M:%S%z')" >> $GITHUB_ENV
- name: Tag prod image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_TAG: 'staging'
NEW_IMAGE_TAGS: |
latest
latest-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name: Tag test image and notify
uses: IMIO/gha/[email protected]
with:
IMAGE_NAME: ${{ env.IMAGE_NAME }}-test
IMAGE_TAG: 'staging'
NEW_IMAGE_TAGS: |
latest
latest-${{ github.run_number }}
REGISTRY_URL: ${{ secrets.HARBOR_URL }}
REGISTRY_USERNAME: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name: Schedule restart of canary instances
uses: IMIO/gha/[email protected]
with:
RUNDECK_URL: ${{ secrets.RUNDECK_URL }}
RUNDECK_TOKEN: ${{ secrets.TELESERVICES_RUNDECK_TOKEN }}
RUNDECK_JOB_ID: ${{ secrets.RUNDECK_JOB_ID }}
RUNDECK_PARAMETERS: '-F "runAtTime=${{ env.DEPLOY_DATE }}" -F "filter=name ${{ vars.NODE_NAME }}"'
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
production:
needs: [canary]
environment:
name: production
timeout-minutes: 5760
runs-on: gha-runners-teleservices
steps:
- name: Get tomorrow date
run: echo "DEPLOY_DATE=$(date --date='01:00 tomorrow' +'%Y-%m-%dT%H:%M:%S%z')" >> $GITHUB_ENV
- name: Schedule restart of prod instances
uses: IMIO/gha/[email protected]
with:
RUNDECK_URL: ${{ secrets.RUNDECK_URL }}
RUNDECK_TOKEN: ${{ secrets.TELESERVICES_RUNDECK_TOKEN }}
RUNDECK_JOB_ID: ${{ secrets.RUNDECK_JOB_ID }}
RUNDECK_PARAMETERS: '-F "runAtTime=${{ env.DEPLOY_DATE }}"'
MATTERMOST_WEBHOOK_URL: ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}