Update production workflow to use dockerize too #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: | |
push: | |
branches: | |
- "master" | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
services: | |
memcached: | |
image: memcached:1.4.31 | |
ports: | |
- 11211/udp | |
env: | |
MEMCACHE_SERVERS: "localhost:11211" | |
SECRET_KEY_BASE: ${{ secrets.SECRET_KEY_BASE }} | |
SESSION_ENCRYPTED_COOKIE_SALT: ${{ secrets.SESSION_ENCRYPTED_COOKIE_SALT }} | |
JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }} | |
JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Ruby 2.6 | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: '2.6' | |
- uses: actions/cache@v3 | |
with: | |
path: vendor/bundle | |
key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }} | |
restore-keys: | | |
${{ runner.os }}-gems- | |
- name: Install | |
run: | | |
cp .env.build .env | |
gem install bundler | |
bundle config path vendor/bundle | |
bundle install --jobs 4 --retry 3 | |
- name: Lint and Test | |
env: | |
MEMCACHE_SERVERS: "localhost:11211" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
STAFF_ADMIN_TOKEN: ${{ secrets.STAFF_ADMIN_TOKEN }} | |
STAFF_PROFILES_ADMIN_TOKEN: ${{ secrets.STAFF_PROFILES_ADMIN_TOKEN }} | |
run: | | |
# bundle exec rubocop | |
bundle exec rspec | |
echo $? | |
# - name: Publish code coverage | |
# uses: paambaati/[email protected] | |
# env: | |
# CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} | |
build: | |
needs: test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Login to DockerHub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
file: ./Dockerfile | |
push: true | |
tags: ${{ github.repository }}:latest | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
- name: Push to GitHub Packages | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
file: ./Dockerfile | |
push: true | |
tags: ghcr.io/${{ github.repository }}:latest | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
deploy: | |
needs: [test, build] | |
runs-on: ubuntu-latest | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Extract variables | |
shell: bash | |
run: | | |
echo "::set-output name=BRANCH::$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//_/g')" | |
echo "::set-output name=TAG::$(git tag --points-at HEAD)" | |
echo "::set-output name=GIT_SHA::$(git rev-parse HEAD)" | |
echo "::set-output name=GIT_SHA_SHORT::$(git rev-parse --short HEAD)" | |
echo "::set-output name=MESSAGE::$(git log --format=%B -n 1 ${{ github.event.after }})" | |
id: extract_variables | |
- name: Checkout terraform config repo | |
uses: actions/checkout@v2 | |
with: | |
# public repo with terraform configuration | |
repository: 'datacite/mastino' | |
persist-credentials: false | |
- name: Commit changes to terraform config repository | |
# use go template in terraform config repository to update git sha and tag | |
# commit and push changes to trigger terraform workflow | |
run: | | |
export GIT_SHA=${{ steps.extract_variables.outputs.GIT_SHA_SHORT }} | |
export GIT_TAG=${{ steps.extract_variables.outputs.TAG }} | |
export VERSION_FILENAME=stage/services/levriero/_levriero.auto.tfvars | |
sed -e "s/{{ .Env.GIT_SHA }}/$GIT_SHA/g" -e "s/{{ .Env.GIT_TAG }}/$GIT_TAG/g" $VERSION_FILENAME.tmpl > $VERSION_FILENAME | |
git config --local user.email "[email protected]" | |
git config --local user.name "GitHub Action" | |
git add $VERSION_FILENAME | |
git commit -m "Adding levriero git variables for commit ${{ steps.extract_variables.outputs.GIT_SHA }}" | |
- name: Push changes | |
uses: ad-m/[email protected] | |
with: | |
github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
repository: 'datacite/mastino' | |
branch: 'refs/heads/master' | |
tags: false | |
- name: Notify Slack | |
uses: edge/simple-slack-notify@master | |
with: | |
channel: '#ops' | |
color: 'good' | |
text: 'A new version of the Levriero service is been deployed to stage.' | |
failure_text: '${env.GITHUB_WORKFLOW} (${env.GITHUB_RUN_NUMBER}) build failed' | |
fields: | | |
[{ "title": "Commit message", "value": "${{ steps.extract_variables.outputs.MESSAGE }}" }, | |
{ "title": "Committed by", "value": "<https://github.com/${{ github.repository }}/commits?author=${{ github.actor }}|${{ github.actor }}>", "short": true }, | |
{ "title": "Commit SHA", "value": "<https://github.com/${{ github.repository }}/commit/${{ steps.extract_variables.outputs.GIT_SHA }}|${{ steps.extract_variables.outputs.GIT_SHA_SHORT }}>", "short": true }, | |
{ "title": "Repository", "value": "<https://github.com/${{ github.repository }}|${{ github.repository }}>", "short": true }, | |
{ "title": "Branch", "value": "<https://github.com/${{ github.repository }}/tree/${{ steps.extract_variables.outputs.BRANCH }}|${{ steps.extract_variables.outputs.BRANCH }}>", "short": true }] |