diff --git a/.github/workflows/deploy-docker.yml b/.github/workflows/deploy-docker.yml new file mode 100644 index 0000000..290c0aa --- /dev/null +++ b/.github/workflows/deploy-docker.yml @@ -0,0 +1,134 @@ +name: Deploy Docker + +on: + workflow_dispatch: + branches: ["master"] + inputs: + tag: + description: tag/version to deploy + required: true +jobs: + deploy: + + runs-on: ubuntu-latest + + steps: + - name: deploy docker + run: | + SC_RELEASE_TAG="v${{ env.TAG }}" + echo "$SC_RELEASE_TAG" + + TOKEN="${{ secrets.RANCHER2_BEARER_TOKEN }}" + RANCHER_HOST="rancher.tools.swagger.io" + CLUSTER_ID="c-n8zp2" + NAMESPACE_NAME="swagger-oss" + K8S_OBJECT_TYPE="daemonsets" + K8S_OBJECT_NAME="swagger-validator-v2" + DEPLOY_IMAGE="swaggerapi/swagger-validator-v2:$SC_RELEASE_TAG" + + workloadStatus="" + getStatus() { + echo "Getting update status..." + if ! workloadStatus="$(curl -s -X GET \ + -H "Authorization: Bearer ${TOKEN}" \ + -H 'Content-Type: application/json' \ + "https://${RANCHER_HOST}/k8s/clusters/${CLUSTER_ID}/apis/apps/v1/namespaces/${NAMESPACE_NAME}/${K8S_OBJECT_TYPE}/${K8S_OBJECT_NAME}/status")" + then + echo 'ERROR - get status k8s API call failed!' + echo "Exiting build"... + exit 1 + fi + } + + # $1 = image to deploy + updateObject() { + local image="${1}" + echo "Updating image value..." + + if ! curl -s -X PATCH \ + -H "Authorization: Bearer ${TOKEN}" \ + -H 'Content-Type: application/json-patch+json' \ + "https://${RANCHER_HOST}/k8s/clusters/${CLUSTER_ID}/apis/apps/v1/namespaces/${NAMESPACE_NAME}/${K8S_OBJECT_TYPE}/${K8S_OBJECT_NAME}" \ + -d "[{\"op\": \"replace\", \"path\": \"/spec/template/spec/containers/0/image\", \"value\": \"${image}\"}]" + then + echo 'ERROR - image update k8s API call failed!' + echo "Exiting build..." + exit 1 + fi + } + + + # Check that the TAG is valid + if [[ $SC_RELEASE_TAG =~ ^[vV]?[0-9]*\.[0-9]*\.[0-9]*$ ]]; then + echo "" + echo "This is a Valid TAG..." + + # Get current image/tag in case we need to rollback + getStatus + ROLLBACK_IMAGE="$(echo "${workloadStatus}" | jq -r '.spec.template.spec.containers[0].image')" + echo "" + echo "Current image: ${ROLLBACK_IMAGE}" + + # Update image and validate response + echo "" + updateObject "${DEPLOY_IMAGE}" + echo "" + + echo "" + echo "Waiting for pods to start..." + echo "" + sleep 60s + + # Get state of the k8s object. If numberReady == desiredNumberScheduled, consider the upgrade successful. Else raise error + getStatus + status="$(echo "${workloadStatus}" | jq '.status')" + echo "" + echo "${status}" + echo "" + + numberDesired="$(echo "${status}" | jq -r '.desiredNumberScheduled')" + numberReady="$(echo "${status}" | jq -r '.numberReady')" + + if (( numberReady == numberDesired )); then + echo "${K8S_OBJECT_NAME} has been upgraded to ${DEPLOY_IMAGE}" + + # If pods are not starting, rollback the upgrade and exit the build with error + else + echo "state = error...rolling back upgrade" + updateObject "${ROLLBACK_IMAGE}" + echo "" + + echo "" + echo "Waiting for rollback pods to start..." + echo "" + sleep 60s + + getStatus + status="$(echo "${workloadStatus}" | jq '.status')" + echo "" + echo "${status}" + echo "" + + numberDesired="$(echo "${status}" | jq -r '.desiredNumberScheduled')" + numberReady="$(echo "${status}" | jq -r '.numberReady')" + + if (( numberReady == numberDesired )); then + echo "Rollback to ${ROLLBACK_IMAGE} completed." + else + echo "FATAL - rollback failed" + fi + echo "Exiting Build..." + exit 1 + fi + + else + echo "This TAG is not in a valid format..." + echo "Exiting Build..." + exit 0 + fi + echo "Exiting Build..." + exit 0 + env: + ACTIONS_ALLOW_UNSECURE_COMMANDS: true + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + TAG: ${{ github.event.inputs.tag }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3d5c506..10f5d4b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -55,7 +55,7 @@ jobs: git config --global user.email "action@github.com" git config --global user.name "GitHub Action" git config --global hub.protocol https - git remote set-url origin https://\${{ secrets.GITHUB_TOKEN }}:x-oauth-basic@github.com/''' + 'swagger-api/validator-badge' + '''.git + git remote set-url origin https://\${{ secrets.GITHUB_TOKEN }}:x-oauth-basic@github.com/swagger-api/validator-badge.git - name: Run maven deploy/release (action-maven-publish) uses: samuelmeuli/action-maven-publish@v1 if: env.RELEASE_OK == 'yes'