forked from MakarovS96/dc-analytics-proto
-
Notifications
You must be signed in to change notification settings - Fork 9
135 lines (117 loc) · 4.21 KB
/
workflow.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Build DC-analytics image, deploy it to GCR. Run GKE. Run DC-analytics in GKE
on:
push:
branches:
- master
release:
types:
- published
# Environment variables.
# ${{ secrets }} are taken from GitHub -> Settings -> Secrets
# ${{ github.sha }} is the commit hash
env:
PROJECT_ID: iris-community-demos
SERVICE_ACCOUNT_KEY: ${{ secrets.SERVICE_ACCOUNT_KEY }}
GOOGLE_CREDENTIALS: ${{ secrets.TF_SERVICE_ACCOUNT_KEY }}
GITHUB_SHA: ${{ github.sha }}
GCR_LOCATION: eu.gcr.io
IMAGE_NAME: dc-analytics-image
GKE_CLUSTER: dc-analytics-cluster
GKE_ZONE: europe-west1-b
K8S_NAMESPACE: iris
STATEFULSET_NAME: dc-analytics
jobs:
gcloud-setup-and-build-and-publish-to-GCR:
name: Setup gcloud utility, Build DC-ANALYTICS image and Publish it to Container Registry
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Google Authentication
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.SERVICE_ACCOUNT_KEY }}
- name: Setup gcloud cli
uses: google-github-actions/[email protected]
with:
version: '496.0.0'
- name: Configure docker to use the gcloud as a credential helper
run: |
gcloud --quiet auth configure-docker
- name: Build DC-ANALYTICS image
working-directory: iris
run: |
docker build -t ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA} .
- name: Publish DC-ANALYTICS image to Google Container Registry
working-directory: iris
run: |
docker push ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA}
# gke-provisioner:
# # Inspired by:
# ## https://www.terraform.io/docs/github-actions/getting-started.html
# ## https://github.com/hashicorp/terraform-github-actions
# name: Provision GKE cluster
# runs-on: ubuntu-20.04
# steps:
# - name: Checkout
# uses: actions/checkout@v3
# - name: Terraform init
# uses: hashicorp/terraform-github-actions@master
# with:
# tf_actions_version: 0.12.17
# tf_actions_subcommand: 'init'
# tf_actions_working_dir: 'terraform'
# - name: Terraform validate
# uses: hashicorp/terraform-github-actions@master
# with:
# tf_actions_version: 0.12.17
# tf_actions_subcommand: 'validate'
# tf_actions_working_dir: 'terraform'
# - name: Terraform plan
# uses: hashicorp/terraform-github-actions@master
# with:
# tf_actions_version: 0.12.17
# tf_actions_subcommand: 'plan'
# tf_actions_working_dir: 'terraform'
# - name: Terraform apply
# uses: hashicorp/terraform-github-actions@master
# with:
# tf_actions_version: 0.12.17
# tf_actions_subcommand: 'apply'
# tf_actions_working_dir: 'terraform'
kubernetes-deploy:
name: Deploy Kubernetes manifests to GKE cluster
needs:
- gcloud-setup-and-build-and-publish-to-GCR
# - gke-provisioner
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Replace placeholders with values in statefulset template
working-directory: ./k8s/
run: |
cat statefulset.tpl |\
sed "s|DOCKER_REPO_NAME|${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}|" |\
sed "s|DOCKER_IMAGE_TAG|${GITHUB_SHA}|" > statefulset.yaml
cat statefulset.yaml
- name: Google Authentication
uses: google-github-actions/[email protected]
with:
credentials_json: ${{ secrets.SERVICE_ACCOUNT_KEY }}
- name: Setup gcloud cli
uses: google-github-actions/[email protected]
with:
version: '496.0.0'
- name: Apply Kubernetes manifests
working-directory: ./k8s/
run: |
gcloud components install gke-gcloud-auth-plugin
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
gcloud container clusters get-credentials ${GKE_CLUSTER} --zone ${GKE_ZONE} --project ${PROJECT_ID}
kubectl apply -f namespace.yaml
kubectl apply -f managed-certificate.yaml
kubectl apply -f service.yaml
kubectl apply -f ingress.yaml
kubectl apply -f statefulset.yaml
kubectl -n ${K8S_NAMESPACE} rollout status statefulset/${STATEFULSET_NAME}