Skip to content

Update osm-sandbox-deploy #121

Update osm-sandbox-deploy

Update osm-sandbox-deploy #121

Workflow file for this run

name: Chartpress Publish osm-sandbox-dashboard images
on:
push:
branches:
- 'main'
- 'staging'
# - 'develop'
jobs:
build:
runs-on: ubuntu-20.04
timeout-minutes: 120
steps:
- uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_GITHUB_TOKEN }}
- name: Setup python
uses: actions/setup-python@v5
with:
python-version: '3.7'
- name: Setup git
run: git config --global user.email "[email protected]" && git config --global user.name "Github Action"
- name: Install Chartpress
run: |
pip install chartpress six ruamel.yaml
- name: Run Chartpress
run: chartpress --push
env:
GITHUB_TOKEN: ${{ secrets.GHCR_GITHUB_TOKEN }}
- name: Staging - substitute secrets
if: github.ref == 'refs/heads/staging'
uses: bluwy/substitute-string-action@v3
with:
_input-file: 'values.staging.template.yaml'
_format-key: '{{key}}'
_output-file: 'values.staging.yaml'
# Dashboard
POSTGRES_PASSWORD: ${{ secrets.STAGING_POSTGRES_PASSWORD }}
OSM_CLIENT_ID: ${{ secrets.STAGING_OSM_CLIENT_ID }}
OSM_CLIENT_SECRET: ${{ secrets.STAGING_OSM_CLIENT_SECRET }}
# Sandbox
SANDBOX_PG_DB_PASSWORD: ${{ secrets.STAGING_SANDBOX_PG_DB_PASSWORD }}
SANDBOX_PG_DB_NAME: ${{ secrets.STAGING_SANDBOX_PG_DB_NAME }}
SANDBOX_OSM_id_key: ${{ secrets.STAGING_SANDBOX_OSM_ID_KEY }}
SANDBOX_OAUTH_CLIENT_ID: ${{ secrets.STAGING_SANDBOX_OAUTH_CLIENT_ID }}
SANDBOX_OAUTH_KEY: ${{ secrets.STAGING_SANDBOX_OAUTH_KEY }}
SANDBOX_BACKUP_FILE_URL: ${{ secrets.STAGING_SANDBOX_BACKUP_FILE_URL }}
TM_OAUTH_CLIENT_ID: ${{ secrets.TM_OAUTH_CLIENT_ID }}
TM_OAUTH_CLIENT_SECRET_HASHED: ${{ secrets.TM_OAUTH_CLIENT_SECRET_HASHED }}
# Cluster
AWS_REGION: ${{ secrets.AWS_REGION }}
EKS_CLUSTER: ${{ secrets.EKS_CLUSTER }}
- name: Production - substitute secrets
if: github.ref == 'refs/heads/main'
uses: bluwy/substitute-string-action@v3
with:
_input-file: 'values.production.template.yaml'
_format-key: '{{key}}'
_output-file: 'values.production.yaml'
# Dashboard
POSTGRES_PASSWORD: ${{ secrets.PRODUCTION_POSTGRES_PASSWORD }}
OSM_CLIENT_ID: ${{ secrets.PRODUCTION_OSM_CLIENT_ID }}
OSM_CLIENT_SECRET: ${{ secrets.PRODUCTION_OSM_CLIENT_SECRET }}
SECRET_KEY: ${{ secrets.PRODUCTION_SECRET_KEY }}
# Sandbox
SANDBOX_PG_DB_USER: ${{ secrets.PRODUCTION_SANDBOX_PG_DB_USER }}
SANDBOX_PG_DB_PASSWORD: ${{ secrets.PRODUCTION_SANDBOX_PG_DB_PASSWORD }}
SANDBOX_PG_DB_NAME: ${{ secrets.PRODUCTION_SANDBOX_PG_DB_NAME }}
SANDBOX_OSM_id_key: ${{ secrets.PRODUCTION_SANDBOX_OSM_ID_KEY }}
SANDBOX_OAUTH_CLIENT_ID: ${{ secrets.PRODUCTION_SANDBOX_OAUTH_CLIENT_ID }}
SANDBOX_OAUTH_KEY: ${{ secrets.PRODUCTION_SANDBOX_OAUTH_KEY }}
SANDBOX_BACKUP_FILE_URL: ${{ secrets.PRODUCTION_SANDBOX_BACKUP_FILE_URL }}
TM_OAUTH_CLIENT_ID: ${{ secrets.TM_OAUTH_CLIENT_ID }}
TM_OAUTH_CLIENT_SECRET_HASHED: ${{ secrets.TM_OAUTH_CLIENT_SECRET_HASHED }}
# Cluster
AWS_REGION: ${{ secrets.AWS_REGION }}
EKS_CLUSTER: ${{ secrets.EKS_CLUSTER }}
- name: AWS Credentials
if: github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/main'
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Setup Kubectl and Helm Dependencies
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging'
run: "sudo pip install awscli --ignore-installed six\nsudo curl -L -o /usr/bin/kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.17.7/2020-07-08/bin/linux/amd64/kubectl\nsudo chmod +x /usr/bin/kubectl\nsudo curl -o /usr/bin/aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.17.7/2020-07-08/bin/linux/amd64/aws-iam-authenticator\nsudo chmod +x /usr/bin/aws-iam-authenticator\nwget https://get.helm.sh/helm-v3.5.0-linux-amd64.tar.gz -O helm.tar.gz\ntar -xvzf helm.tar.gz\nsudo mv linux-amd64/helm /usr/local/bin/ \nsudo chmod +x /usr/local/bin/helm\n #magic___^_^___line\n"
- name: Update kube-config staging
if: github.ref == 'refs/heads/main'
run: aws eks --region us-east-1 update-kubeconfig --name osm-us-k8s-staging
# - name: Staging - helm deploy
# if: github.ref == 'refs/heads/staging'
# run: helm upgrade --install staging --wait dashboard-charts/ -f values.staging.yaml -f dashboard-charts/values.yaml
- name: Production - helm deploy
if: github.ref == 'refs/heads/main'
run: helm upgrade --install production --wait dashboard-charts/ -f values.production.yaml -f dashboard-charts/values.yaml