Commit 88bd31e2 authored by Gary van Woerkens's avatar Gary van Woerkens
Browse files

fix: Add github workflows.

parent e4a824f0
SOCIALGOUV_BASE_DOMAIN=dev.fabrique.social.gouv.fr
SOCIALGOUV_BASE_DOMAIN=fabrique.social.gouv.fr
SOCIALGOUV_BASE_DOMAIN=dev.fabrique.social.gouv.fr
name: Deactivate
on:
pull_request:
types: [ closed ]
jobs:
prune:
name: Deactivate environment
runs-on: ubuntu-latest
steps:
- name: Get branch, project and namespace names
run: |
echo "branch=${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
echo "namespace=${GITHUB_REPOSITORY#*/}-${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV
- name: Install Kapp
uses: vmware-tanzu/carvel-setup-action@v1
with:
only: kapp
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create kubernetes config
run: |
mkdir ~/.kube
touch ~/.kube/config
echo ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }} | base64 -d > ~/.kube/config
- name: Delete k8s environment
run: kapp -y delete --namespace ${{ env.namespace }}
# run: kapp -y delete -a ${{ env.project }} --namespace ${{ env.namespace }}
- name: Mark environment as deactivated
uses: bobheadxi/deployments@v0.4.3
with:
step: deactivate-env
env: ${{ env.branch }}
token: ${{ secrets.GITHUB_TOKEN }}
desc: "Environment ${{ env.namespace }} has been deactivated"
name: Production
on:
push:
tags:
- v*
concurrency:
group: preproduction
cancel-in-progress: true
jobs:
##############################################################################
## BUILD APPLICATION
##############################################################################
build:
name: Build application
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Node setup
uses: actions/setup-node@v2
with:
node-version: '14'
- name: Yarn cache setup
uses: c-hive/gha-yarn-cache@v1
- name: Install dependencies
run: yarn --frozen-lockfile --prefer-offline
- name: Build application
run: |
yarn build
yarn export
env:
HASURA_URL: "%%HASURA_URL%%"
- name: Archive application build
uses: actions/upload-artifact@v2
with:
name: out
path: out
##############################################################################
## BUILD AND REGISTER DOCKER IMAGES
##############################################################################
register:
name: Build & Register images
runs-on: ubuntu-latest
needs: build
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Get project name
run: |
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
- name: Download application build
uses: actions/download-artifact@v2
with:
name: out
path: ./out
- run: |
ls -lah
ls -lah ./out
- name: Create image labels and tags
id: docker_meta
uses: "crazy-max/ghaction-docker-meta@2e1a5c7fa42123697f82d479b551a1bbdb1bef88"
with:
images: ghcr.io/socialgouv/fabrique/${{ env.project }}
labels: |
org.opencontainers.image.title=${{ env.project }}
org.opencontainers.image.documentation=https://github.com/SocialGouv/${{ env.project }}/tree/${{ github.sha }}
tags: |
type=sha
type=ref,event=pr
type=ref,event=branch
type=semver,pattern={{version}}
type=raw,value=sha-${{ github.sha }}
type=semver,pattern={{major}}.{{minor}}
- name: Set up Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
install: true
- name: Registry authentication
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ secrets.SOCIALGROOVYBOT_NAME }}
password: ${{ secrets.SOCIALGROOVYBOT_GHCR_PAT }}
- name: Image build and register
uses: docker/build-push-action@v2
with:
context: .
push: 'true'
builder: ${{ steps.buildx.outputs.name }}
tags: "${{ steps.docker_meta.outputs.tags }}"
labels: "${{ steps.docker_meta.outputs.labels }}"
##############################################################################
## GENERATE PREPRODUCTION MANIFESTS
##############################################################################
manifests:
name: Preproduction manifests
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Load preproduction environment variables
run: |
cat ".github/preproduction.env" >> $GITHUB_ENV
- name: Yarn cache setup
uses: c-hive/gha-yarn-cache@v1
- name: Install kosko-charts autodevops
run: |
npx degit SocialGouv/kosko-charts/templates/autodevops#beta /tmp/autodevops
# npx degit SocialGouv/kosko-charts/templates/autodevops#alpha /tmp/autodevops
yarn --cwd /tmp/autodevops
- name: Copy application k8s config to autodevops
run: cp -r .socialgouv/environments .socialgouv/config.json /tmp/autodevops/
- name: Generate k8s manifests
run: |
echo SOCIALGOUV_BASE_DOMAIN: $SOCIALGOUV_BASE_DOMAIN
yarn --cwd /tmp/autodevops --silent generate:preprod > manifests.yml
env:
SOCIALGOUV_PREPRODUCTION: true
SOCIALGOUV_CONFIG_PATH: /tmp/autodevops/config.json
SOCIALGOUV_BASE_DOMAIN: ${{ env.SOCIALGOUV_BASE_DOMAIN }}
- name: Archive k8s manifests
uses: actions/upload-artifact@v2
with:
name: manifests.yml
path: manifests.yml
##############################################################################
## DEPLOY PREPRODUCTION APPLICATION
##############################################################################
deploy:
name: Deploy application
runs-on: ubuntu-latest
needs: [register, manifests]
environment:
name: preproduction
url: https://${{ env.namespace }}.${{ env.SOCIALGOUV_BASE_DOMAIN }}
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Load environment variables
run: |
cat ".github/preproduction.env" >> $GITHUB_ENV
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
echo "namespace=${GITHUB_REPOSITORY#*/}-preprod" >> $GITHUB_ENV
- name: Download k8s manifests
uses: actions/download-artifact@v2
with:
name: manifests.yml
- name: Install Kapp
uses: vmware-tanzu/carvel-setup-action@v1
with:
only: kapp
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create kubernetes config
run: |
mkdir ~/.kube
touch ~/.kube/config
echo ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }} | base64 -d > ~/.kube/config
- name: Create k8s namespace and annotations
run: |
kubectl create ns ${{ env.namespace }} || true
kubectl annotate ns ${{ env.namespace }} azure-pg-admin-user=${{ env.project }} || true
- name: Deploy application
run: kapp --dangerous-override-ownership-of-existing-resources -y deploy -a ${{ env.project }} --namespace ${{ env.namespace }} -f manifests.yml
##############################################################################
## GENERATE PRODUCTION MANIFESTS
##############################################################################
manifests-prod:
name: Production manifests
runs-on: ubuntu-latest
needs: deploy
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Load production environment variables
run: |
cat ".github/production.env" >> $GITHUB_ENV
- name: Yarn cache setup
uses: c-hive/gha-yarn-cache@v1
- name: Install kosko-charts autodevops
run: |
npx degit SocialGouv/kosko-charts/templates/autodevops#beta /tmp/autodevops
# npx degit SocialGouv/kosko-charts/templates/autodevops#alpha /tmp/autodevops
yarn --cwd /tmp/autodevops
- name: Copy application k8s config to autodevops
run: cp -r .socialgouv/environments .socialgouv/config.json /tmp/autodevops/
- name: Generate k8s manifests
run: |
echo SOCIALGOUV_BASE_DOMAIN: $SOCIALGOUV_BASE_DOMAIN
yarn --cwd /tmp/autodevops --silent generate:prod > manifests-prod.yml
env:
SOCIALGOUV_PRODUCTION: true
SOCIALGOUV_CONFIG_PATH: /tmp/autodevops/config.json
SOCIALGOUV_BASE_DOMAIN: ${{ env.SOCIALGOUV_BASE_DOMAIN }}
- name: Archive k8s manifests
uses: actions/upload-artifact@v2
with:
name: manifests-prod.yml
path: manifests-prod.yml
##############################################################################
## DEPLOY PRODUCTION APPLICATION
##############################################################################
deploy-prod:
name: Deploy application
runs-on: ubuntu-latest
needs: manifests-prod
environment:
name: production
url: https://${{ env.namespace }}.${{ env.SOCIALGOUV_BASE_DOMAIN }}
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Load environment variables
run: |
cat ".github/production.env" >> $GITHUB_ENV
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
echo "namespace=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
- name: Download k8s manifests
uses: actions/download-artifact@v2
with:
name: manifests-prod.yml
- name: Install Kapp
uses: vmware-tanzu/carvel-setup-action@v1
with:
only: kapp
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create kubernetes config
run: |
mkdir ~/.kube
touch ~/.kube/config
echo ${{ secrets.SOCIALGOUV_KUBE_CONFIG_PROD }} | base64 -d > ~/.kube/config
- name: Create k8s namespace and annotations
run: |
kubectl create ns ${{ env.namespace }} || true
kubectl annotate ns ${{ env.namespace }} azure-pg-admin-user=${{ env.project }} || true
- name: Deploy application
run: kapp --dangerous-override-ownership-of-existing-resources -y deploy -a ${{ env.project }} --namespace ${{ env.namespace }} -f manifests-prod.yml
name: Release
on:
workflow_dispatch:
push:
branches: [master, alpha, beta, next]
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
fetch-depth: 0
persist-credentials: false
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v2
with:
semantic_version: 17
extra_plugins: |
@semantic-release/changelog@5.0.1
@semantic-release/git@9.0.0
env:
GITHUB_TOKEN: ${{ secrets.SOCIALGROOVYBOT_BOTO_PAT }}
name: Review
on:
push:
branches:
- '**'
tags-ignore:
- v*
concurrency:
cancel-in-progress: true
group: ${{ github.ref }}
jobs:
##############################################################################
## BUILD APPLICATION
##############################################################################
build:
name: Build application
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Node setup
uses: actions/setup-node@v2
with:
node-version: '14'
- name: Yarn cache setup
uses: c-hive/gha-yarn-cache@v1
- name: Install dependencies
run: yarn --frozen-lockfile --prefer-offline
- name: Build application
run: |
yarn build
yarn export
env:
HASURA_URL: "%%HASURA_URL%%"
- name: Archive application build
uses: actions/upload-artifact@v2
with:
name: out
path: out
##############################################################################
## BUILD AND REGISTER DOCKER IMAGES
##############################################################################
register:
name: Build & Register images
runs-on: ubuntu-latest
needs: build
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Get project name
run: |
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
- name: Download application build
uses: actions/download-artifact@v2
with:
name: out
path: ./out
- run: |
ls -lah
ls -lah ./out
- name: Create image labels and tags
id: docker_meta
uses: "crazy-max/ghaction-docker-meta@2e1a5c7fa42123697f82d479b551a1bbdb1bef88"
with:
images: ghcr.io/socialgouv/fabrique/${{ env.project }}
labels: |
org.opencontainers.image.title=${{ env.project }}
org.opencontainers.image.documentation=https://github.com/SocialGouv/${{ env.project }}/tree/${{ github.sha }}
tags: |
type=sha
type=ref,event=pr
type=ref,event=branch
type=semver,pattern={{version}}
type=raw,value=sha-${{ github.sha }}
type=semver,pattern={{major}}.{{minor}}
- name: Set up Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
install: true
- name: Registry authentication
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ secrets.SOCIALGROOVYBOT_NAME }}
password: ${{ secrets.SOCIALGROOVYBOT_GHCR_PAT }}
- name: Image build and register
uses: docker/build-push-action@v2
with:
context: .
push: 'true'
builder: ${{ steps.buildx.outputs.name }}
tags: "${{ steps.docker_meta.outputs.tags }}"
labels: "${{ steps.docker_meta.outputs.labels }}"
##############################################################################
## GENERATE KUBERNETES MANIFESTS
##############################################################################
manifests:
name: Generate k8s manifests
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Load review environment variables
run: |
cat ".github/review.env" >> $GITHUB_ENV
- name: Yarn cache setup
uses: c-hive/gha-yarn-cache@v1
- name: Install kosko-charts autodevops
run: |
npx degit SocialGouv/kosko-charts/templates/autodevops#beta /tmp/autodevops
# npx degit SocialGouv/kosko-charts/templates/autodevops#alpha /tmp/autodevops
yarn --cwd /tmp/autodevops
- name: Copy application k8s config to autodevops
run: cp -r .socialgouv/environments .socialgouv/config.json /tmp/autodevops/
- name: Generate k8s manifests
run: |
echo SOCIALGOUV_BASE_DOMAIN: $SOCIALGOUV_BASE_DOMAIN
yarn --cwd /tmp/autodevops --silent generate:dev > manifests.yml
env:
SOCIALGOUV_CONFIG_PATH: /tmp/autodevops/config.json
SOCIALGOUV_BASE_DOMAIN: ${{ env.SOCIALGOUV_BASE_DOMAIN }}
- name: Archive k8s manifests
uses: actions/upload-artifact@v2
with:
name: manifests.yml
path: manifests.yml
##############################################################################
## DEPLOY APPLICATION OVER KUBERNETES
##############################################################################
deploy:
name: Deploy application
runs-on: ubuntu-latest
needs: [register, manifests]
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Get project and namespace names
run: |
cat ".github/review.env" >> $GITHUB_ENV
echo "project=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
echo "namespace=${GITHUB_REPOSITORY#*/}-${GITHUB_REF##*/}" >> $GITHUB_ENV
- name: Download k8s manifests
uses: actions/download-artifact@v2
with:
name: manifests.yml
- name: Notify deployment start
uses: bobheadxi/deployments@v0.4.3
id: deployment
with:
step: start
env: ${{ env.namespace }}
token: ${{ secrets.GITHUB_TOKEN }}
desc: "Deploying environment: ${{ env.namespace }}"
- name: Install Kapp
uses: vmware-tanzu/carvel-setup-action@v1
with:
only: kapp
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create kubernetes config
run: |
mkdir ~/.kube
touch ~/.kube/config
echo ${{ secrets.SOCIALGOUV_KUBE_CONFIG_DEV }} | base64 -d > ~/.kube/config
- name: Create k8s namespace and annotations
run: |
kubectl create ns ${{ env.namespace }} || true
kubectl annotate ns ${{ env.namespace }} azure-pg-admin-user=${{ env.project }} || true
- name: Deploy application
run: kapp --dangerous-override-ownership-of-existing-resources -y deploy -a ${{ env.project }} --namespace ${{ env.namespace }} -f manifests.yml
- name: Notify deployment end
uses: bobheadxi/deployments@v0.4.3
if: always()
with:
step: finish
status: ${{ job.status }}
token: ${{ secrets.GITHUB_TOKEN }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
env_url: https://${{ env.namespace }}.${{ env.SOCIALGOUV_BASE_DOMAIN }}
name: Tests
on:
pull_request:
branches:
- '**'
concurrency:
cancel-in-progress: true
group: ${{ github.head_ref }}
jobs:
##############################################################################
## TEST APPLICATION
##############################################################################
test:
name: Test application
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Node setup
uses: actions/setup-node@v2
with:
node-version: '14'
- name: Yarn cache setup
uses: c-hive/gha-yarn-cache@v1
- name: Install dependencies
run: yarn --frozen-lockfile --prefer-offline
- name: Run tests
run: yarn test --coverage
livenessProbe:
path: "/health"
readinessProbe:
path: "/health"