-
Notifications
You must be signed in to change notification settings - Fork 34
119 lines (99 loc) · 3.36 KB
/
build-docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
name: Build Docker image, push to gcr.io, deploy to staging
on:
push:
branches:
- main
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
GKE_CLUSTER: fritz-staging
GKE_ZONE: us-west2-a
IMAGE: fritz
jobs:
build-publish-deploy:
name: Setup, Build, Publish
runs-on: ubuntu-latest
timeout-minutes: 45
steps:
- uses: actions/cache@v2
with:
path: |
~/.cache
~/.local
~/.npm
key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
- name: Checkout
uses: actions/checkout@v2
with:
submodules: recursive
fetch-depth: 0
- uses: actions/setup-python@v1
with:
python-version: '3.8'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- id: 'auth'
uses: 'google-github-actions/auth@v0'
with:
credentials_json: ${{ secrets.GKE_SA_KEY }}
- name: Setup gcloud cli
uses: google-github-actions/setup-gcloud@v1
with:
version: "369.0.0"
project_id: ${{ secrets.GKE_PROJECT }}
# Configure Docker to use the gcloud command-line tool as a credential
# helper for authentication
- name: Set up docker credentials
run: |-
gcloud --quiet auth configure-docker
# Get the GKE credentials so we can deploy to the cluster
# - name: Get Google Kubernetes Engine credentials
# run: |-
# gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE"
- name: Get Google Kubernetes Engine credentials
uses: 'google-github-actions/get-gke-credentials@v1'
with:
cluster_name: fritz-staging
location: us-west2-a
# # Will use this, once the official Docker action introduces caching
# - name: Build and push image
# uses: docker/build-push-action@v1
# with:
# registry: gcr.io
# repository: $PROJECT_ID/$IMAGE
# tags: $GITHUB_SHA
- name: Build
run: |-
cp fritz.defaults.yaml fritz.yaml
./fritz build \
--no-kowalski \
--skyportal-tag="gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA"
# Push the Docker image to Google Container Registry
- name: Publish
run: |-
docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA"
- name: Checkout
uses: actions/checkout@v2
with:
repository: "fritz-marshal/fritz-deploy"
path: "fritz-deploy"
ssh-key: ${{ secrets.CI_FRITZ_DEPLOY_DEPLOY_KEY }}
- name: Set up SOPS
run: |-
SOPS_VER=3.5.0
CACHED_DOWNLOAD_DIR=~/.local/downloads
FILENAME=sops-v${SOPS_VER}.linux
SOPS_BINARY=~/.local/bin/sops
if [[ ! -f ${CACHED_DOWNLOAD_DIR=}/${FILENAME} ]]; then
wget https://github.com/mozilla/sops/releases/download/v${SOPS_VER}/${FILENAME} --quiet --directory-prefix=${CACHED_DOWNLOAD_DIR} --no-clobber
fi
mkdir -p ~/.local/bin
cp ${CACHED_DOWNLOAD_DIR}/${FILENAME} ${SOPS_BINARY}
chmod u+x ${SOPS_BINARY}
${SOPS_BINARY} --version
- name: Deploy
run: |-
cd fritz-deploy
export PATH=$PATH:~/.local/bin
./deploy.py --staging --tag=$GITHUB_SHA