Skip to content

Commit

Permalink
Change Github token used in secret
Browse files Browse the repository at this point in the history
  • Loading branch information
@cicerow-weni
cicerow-weni committed Dec 2, 2021
1 parent b6931f9 commit fa4ae89
Show file tree
Hide file tree
Showing 11 changed files with 629 additions and 347 deletions.
123 changes: 123 additions & 0 deletions .github/workflows/build-courier-dispatch-shared.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
name: Build Rapidpro Courier in Shared (Dispatch)

on:
workflow_dispatch:
inputs:

source-branch:
description: 'Source branch in Courier repository (main, staging, develop, fix/sentry etc.)'
required: true
default: 'main'

tag-name:
description: 'Tag id (v0.0.1-develop, v0.0.2, etc.)'
required: true

destination-env:
description: 'Destination environment (develop, production, staging)'
required: true

jobs:
docker:
runs-on: ubuntu-latest
steps:

- name: Check out the repo
uses: actions/checkout@v2
with:
ref: ${{github.event.inputs.source-branch}}

- name: Set up QEMU
uses: docker/setup-qemu-action@v1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Login to ECR
uses: docker/login-action@v1
with:
registry: 869898323958.dkr.ecr.us-east-1.amazonaws.com
username: ${{ secrets.AWS_ACCESS_KEY_ID_SHARED }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY_SHARED }}

- name: Build and push - Rapidpro Archiver Image
id: docker_build1
uses: docker/build-push-action@v2
with:
context: .
labels: branch=${{github.event.inputs.source-branch}},commit=${{env.GITHUB_SHA}},repository=https://github.com/Ilhasoft/courier
file: ./docker/Dockerfile
push: true
tags: 869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:${{github.event.inputs.tag-name}}
no-cache: true

- name: Check out Kubernetes Manifests
uses: actions/checkout@master
with:
ref: main
repository: Ilhasoft/kubernetes-manifests-platform
token: ${{ secrets.DEVOPS_GITHUB_PERMANENT_TOKEN }}
path: ./kubernetes-manifests/

- name: Set variable tag for jq
run: |
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:${{github.event.inputs.tag-name}}" >> $GITHUB_ENV
- name: Update image on deployment
run: |
which jq > /dev/null 2>&1 || ( sudo apt update ; sudo apt install -y jq )
# Dep: coreutils
verlte() {
[ "$1" = "`echo -e "$1\n$2" | sort -V | head -n1`" ]
}
verlt(){
[ "$1" = "$2" ] && return 1 || verlte $1 $2
}
export PROJECT_DIR="weni-flows/courier" PATCH_TARGET="deployment.json"
for e in ${{github.event.inputs.destination-env}}; do
echo "Update ${e}:"
if [ ! -d "kubernetes-manifests/${PROJECT_DIR}/${e}" ] ; then
echo "kubernetes-manifests/${PROJECT_DIR}/${e}: Does not exist, skipping"
elif [ ! -r "kubernetes-manifests/${PROJECT_DIR}/${e}/kustomization.yaml" ] ; then
echo "kubernetes-manifests/${PROJECT_DIR}/${e}/kustomization.yaml: Does not readable, skipping"
elif [ ! -r "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}" ] ; then
echo "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}: Does not readable, skipping"
else
OLD_IMAGE=$(
cat "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}" \
| jq '.[] | select(.path == "/spec/template/spec/containers/0/image") | .value'
)
echo "Old image to replace: ${OLD_IMAGE}"
OLD_VERSION=$(
echo "${OLD_IMAGE}" \
| sed s'/^.*[v:-]\([0-9]*\.[0-9]*\.[0-9]*\).*$/\1/'g \
| head -n1
)
NEW_VERSION=$(echo ${{github.event.inputs.tag-name}}|grep -o -e '[0-9]*\.[0-9]*\.[0-9]*')
echo "Old image version to compare: ${OLD_VERSION}<=${NEW_VERSION}"
if verlte "${OLD_VERSION}" "${NEW_VERSION}" ; then
echo 'New configurations:'
new_configuration=$(
cat "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}" \
| jq '(..|select(.path == "/spec/template/spec/containers/0/image")?) += {value: "'"${{env.IMAGE_TAG}}"'"}'
)
echo "${new_configuration}"
echo "${new_configuration}" > "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}"
else
echo "Version in file is greater than build, skiping update yaml"
fi
fi
done
- name: Commit & Push changes
uses: actions-js/push@master
with:
github_token: ${{ secrets.DEVOPS_GITHUB_PERMANENT_TOKEN }}
repository: Ilhasoft/kubernetes-manifests-platform
directory: ./kubernetes-manifests/
branch: main
message: "From Rapidpro Courier Build (Dispatch)"

- name: Generated Image URL to Copy
run: |
echo ${{ env.IMAGE_TAG }}
159 changes: 159 additions & 0 deletions .github/workflows/build-courier-push-tag-shared.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
name: Build Rapidpro Courier in Shared (Push Tag)

on:
push:
tags:
- 'v*.*.*-develop*'
- 'v*.*.*-staging*'
- 'v*.*.*'

jobs:
docker:
runs-on: ubuntu-latest
steps:

- name: Set variables
run: |
TAG=$(echo $GITHUB_REF|cut -d"/" -f3)
if $(echo $TAG|grep --silent -e 'v*.*.*-develop*')
then
echo "Found environment: DEVELOP - $TAG"
echo "MANIFESTS_ENVIRONMENT=develop" >> $GITHUB_ENV
echo "MANIFESTS_ENVIRONMENT=develop"
echo "TAG=$TAG" >> $GITHUB_ENV
echo "TAG=$TAG"
VERSION=${TAG#v}
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "VERSION=$VERSION"
echo "COMMIT_SHA=$GITHUB_SHA" >> $GITHUB_ENV
echo "COMMIT_SHA=$GITHUB_SHA"
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:$TAG" >> $GITHUB_ENV
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:$TAG"
elif $(echo $TAG|grep --silent -e 'v*.*.*-staging*')
then
echo "Found environment: STAGING - $TAG"
echo "MANIFESTS_ENVIRONMENT=staging" >> $GITHUB_ENV
echo "MANIFESTS_ENVIRONMENT=staging"
echo "TAG=$TAG" >> $GITHUB_ENV
echo "TAG=$TAG"
VERSION=${TAG#v}
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "VERSION=$VERSION"
echo "COMMIT_SHA=$GITHUB_SHA" >> $GITHUB_ENV
echo "COMMIT_SHA=$GITHUB_SHA"
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:$TAG" >> $GITHUB_ENV
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:$TAG"
elif $(echo $TAG|grep --silent -e 'v*.*.*')
then
echo "No environment found, assuming: PRODUCTION - $TAG"
echo "MANIFESTS_ENVIRONMENT=production" >> $GITHUB_ENV
echo "MANIFESTS_ENVIRONMENT=production"
echo "TAG=$TAG" >> $GITHUB_ENV
echo "TAG=$TAG"
VERSION=${TAG#v}
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "VERSION=$VERSION"
echo "COMMIT_SHA=$GITHUB_SHA" >> $GITHUB_ENV
echo "COMMIT_SHA=$GITHUB_SHA"
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:$TAG" >> $GITHUB_ENV
echo "IMAGE_TAG=869898323958.dkr.ecr.us-east-1.amazonaws.com/courier:$TAG"
else
echo 'Not a valid tag. Skipping...'
exit 1
fi
- name: Check out the repo
uses: actions/checkout@v2
with:
ref: ${{env.GITHUB_SHA}}
repository: Ilhasoft/courier

- name: Set up QEMU
uses: docker/setup-qemu-action@v1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Login to ECR
uses: docker/login-action@v1
with:
registry: 869898323958.dkr.ecr.us-east-1.amazonaws.com
username: ${{secrets.AWS_ACCESS_KEY_ID_SHARED}}
password: ${{secrets.AWS_SECRET_ACCESS_KEY_SHARED}}

- name: Build and push - Rapidpro Archiver Image
id: docker_build1
uses: docker/build-push-action@v2
with:
context: .
labels: branch=${{env.TAG}},commit=${{env.COMMIT_SHA}},repository=https://github.com/Ilhasoft/courier
file: ./docker/Dockerfile
push: true
tags: ${{env.IMAGE_TAG}}
no-cache: true

- name: Check out Kubernetes Manifests
uses: actions/checkout@master
with:
ref: main
repository: Ilhasoft/kubernetes-manifests-platform
token: ${{secrets.DEVOPS_GITHUB_PERMANENT_TOKEN}}
path: ./kubernetes-manifests/

- name: Update image on deployment
run: |
which jq > /dev/null 2>&1 || ( sudo apt update ; sudo apt install -y jq )
# Dep: coreutils
verlte() {
[ "$1" = "`echo -e "$1\n$2" | sort -V | head -n1`" ]
}
verlt(){
[ "$1" = "$2" ] && return 1 || verlte $1 $2
}
export PROJECT_DIR="weni-flows/courier" PATCH_TARGET="deployment.json"
for e in ${{env.MANIFESTS_ENVIRONMENT}}; do
echo "Update ${e}:"
if [ ! -d "kubernetes-manifests/${PROJECT_DIR}/${e}" ] ; then
echo "kubernetes-manifests/${PROJECT_DIR}/${e}: Does not exist, skipping"
elif [ ! -r "kubernetes-manifests/${PROJECT_DIR}/${e}/kustomization.yaml" ] ; then
echo "kubernetes-manifests/${PROJECT_DIR}/${e}/kustomization.yaml: Does not readable, skipping"
elif [ ! -r "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}" ] ; then
echo "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}: Does not readable, skipping"
else
OLD_IMAGE=$(
cat "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}" \
| jq '.[] | select(.path == "/spec/template/spec/containers/0/image") | .value'
)
echo "Old image to replace: ${OLD_IMAGE}"
OLD_VERSION=$(
echo "${OLD_IMAGE}" \
| sed s'/^.*[v:-]\([0-9]*\.[0-9]*\.[0-9]*\).*$/\1/'g \
| head -n1
)
echo "Old image version to compare: ${OLD_VERSION}<=${{env.VERSION}}"
if verlte "${OLD_VERSION}" "${{env.VERSION}}" ; then
echo 'New configurations:'
new_configuration=$(
cat "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}" \
| jq '(..|select(.path == "/spec/template/spec/containers/0/image")?) += {value: "'"${{env.IMAGE_TAG}}"'"}'
)
echo "${new_configuration}"
echo "${new_configuration}" > "kubernetes-manifests/${PROJECT_DIR}/${e}/${PATCH_TARGET}"
else
echo "Version in file is greater than build, skiping update yaml"
fi
fi
done
- name: Commit & Push changes
uses: actions-js/push@master
with:
github_token: ${{ secrets.DEVOPS_GITHUB_PERMANENT_TOKEN }}
repository: Ilhasoft/kubernetes-manifests-platform
directory: ./kubernetes-manifests/
branch: main
message: "From Rapidpro Archiver Build (Push-Tag)"

- name: Generated Image
run: |
echo "IMAGE: " ${{env.IMAGE_TAG}}
78 changes: 39 additions & 39 deletions .github/workflows/build-develop-india-courier.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,39 +1,39 @@
name: Build Develop India RP-courier
on:
push:
tags:
- 'v*.*.*-develop*'
jobs:
docker:
runs-on: ubuntu-latest
environment:
name: develop-india
steps:
- name: Set output
id: vars
run: |
echo ::set-output name=branch::$(echo ${GITHUB_REF#refs/heads/}|cut -d'-' -f3-4|tr -s '-' '/');
echo ::set-output name=tag::$(echo ${GITHUB_REF#refs/heads/}|cut -d'/' -f3-|cut -d'-' -f1-2);
- name: Check out the repo
uses: actions/checkout@v2
with:
ref: feature/build
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to ECR
uses: docker/login-action@v1
with:
registry: 242357350604.dkr.ecr.ap-south-1.amazonaws.com
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: Build and push - Courier Image
id: docker_build1
uses: docker/build-push-action@v2
with:
context: .
file: docker/Dockerfile
push: true
tags: 242357350604.dkr.ecr.ap-south-1.amazonaws.com/courier:${{ steps.vars.outputs.tag }}
no-cache: true
# name: Build Develop India RP-courier
# on:
# push:
# tags:
# - 'v*.*.*-develop*'
# jobs:
# docker:
# runs-on: ubuntu-latest
# environment:
# name: develop-india
# steps:
# - name: Set output
# id: vars
# run: |
# echo ::set-output name=branch::$(echo ${GITHUB_REF#refs/heads/}|cut -d'-' -f3-4|tr -s '-' '/');
# echo ::set-output name=tag::$(echo ${GITHUB_REF#refs/heads/}|cut -d'/' -f3-|cut -d'-' -f1-2);
# - name: Check out the repo
# uses: actions/checkout@v2
# with:
# ref: feature/build
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v1
# - name: Set up Docker Buildx
# uses: docker/setup-buildx-action@v1
# - name: Login to ECR
# uses: docker/login-action@v1
# with:
# registry: 242357350604.dkr.ecr.ap-south-1.amazonaws.com
# username: ${{ secrets.AWS_ACCESS_KEY_ID }}
# password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# - name: Build and push - Courier Image
# id: docker_build1
# uses: docker/build-push-action@v2
# with:
# context: .
# file: docker/Dockerfile
# push: true
# tags: 242357350604.dkr.ecr.ap-south-1.amazonaws.com/courier:${{ steps.vars.outputs.tag }}
# no-cache: true
Loading

0 comments on commit fa4ae89

Please sign in to comment.