Merge pull request #199 from vshn/renovate/mamezou-tech-setup-helmfil… #22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy-Master | |
on: | |
push: | |
branches: | |
- master | |
paths: | |
- envs/** | |
- chart/** | |
- .github/workflows/deploy-*.yaml | |
env: | |
OPENSHIFT_API: https://api.cloudscale-lpg-2.appuio.cloud:6443 | |
HELM_RELEASE_NAME: odootools | |
NAMESPACE: vshn-odoo-prod | |
jobs: | |
upgrade: | |
runs-on: ubuntu-latest | |
environment: production | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup helmfile | |
uses: mamezou-tech/[email protected] | |
with: | |
helm-version: v3.7.1 | |
helmfile-version: v0.142.0 | |
install-kubectl: false | |
- name: Install CLI tools from OpenShift Mirror | |
uses: redhat-actions/openshift-tools-installer@v1 | |
with: | |
oc: "4" | |
- name: Authenticate and set context | |
uses: redhat-actions/oc-login@v1 | |
with: | |
openshift_server_url: ${{ env.OPENSHIFT_API }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
namespace: ${{ env.NAMESPACE }} | |
# We don't have a LE cert yet | |
insecure_skip_tls_verify: true | |
# Note: The following steps will fail if there's no deployment. | |
# On default branch, we don't know what the last pushed image tag was, so let's retrieve from currently deployed release. | |
- name: Gather status | |
run: | | |
echo "IMG_TAG=$(helm -n ${{ env.NAMESPACE }} get values ${{ env.HELM_RELEASE_NAME }} | yq eval '.image.tag' -)" >> $GITHUB_ENV | |
- name: Deploy app | |
run: helmfile -f envs/helmfile.yaml -e prod apply | |
env: | |
HELM_RELEASE_NAME: ${{ env.HELM_RELEASE_NAME }} | |
IMG_TAG: ${{ env.IMG_TAG }} | |
ODOO_DB: ${{ secrets.ODOO_DB }} | |
SECRET_KEY: ${{ secrets.SECRET_KEY }} |