letsencrypt nginx #92
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Go | |
on: | |
push: | |
branches: | |
- digitalocean | |
pull_request: | |
types: [opened, synchronize, reopened] | |
workflow_dispatch: | |
jobs: | |
# This workflow contains a single job called "build". | |
build: | |
# The type of runner that the job will run on. | |
runs-on: ubuntu-latest | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it. | |
- name: Checkout master | |
uses: actions/checkout@main | |
- name: Setup-Golang | |
uses: actions/setup-go@v4 | |
with: | |
go-version: '1.23' | |
check-latest: true | |
- run: go version | |
- name: Build-Golang-App | |
run: GOOS=linux CGO_ENABLED=0 go build web.go | |
- name: Display-Build-Golang-App | |
run: ls -l web | |
# Install doctl. | |
- name: Install doctl | |
uses: digitalocean/action-doctl@v2 | |
with: | |
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
# Build a Docker image of your application in your registry and tag the image with the $GITHUB_SHA. | |
- name: Build container image | |
run: docker build -t ${{ secrets.REGISTRY_NAME }}/golang-web:$(echo $GITHUB_SHA | head -c7) . | |
- name: Log in to DigitalOcean Container Registry with short-lived credentials | |
run: doctl registry login --expiry-seconds 1200 | |
- name: Push image to DigitalOcean Container Registry | |
run: docker push ${{ secrets.REGISTRY_NAME }}/golang-web:$(echo $GITHUB_SHA | head -c7) | |
# Deploy to DigitalOCcean Kubernetes. | |
- name: Update deployment file | |
run: TAG=$(echo $GITHUB_SHA | head -c7) && sed -i 's|<IMAGE>|${{ secrets.REGISTRY_NAME }}/golang-web:'${TAG}'|' $GITHUB_WORKSPACE/deployment.yml | |
- name: Save DigitalOcean kubeconfig with short-lived credentials | |
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 ${{ secrets.CLUSTER_NAME }} | |
# If you haven't already integrated with your registry and only want workloads in a particular namespace to be able to pull | |
# from your registry, uncomment the next two commands. | |
#- name: Upload credentials of your registry to your DigitalOcean Kubernetes cluster | |
# run: doctl registry kubernetes-manifest | kubectl apply -f - | |
#- name: Reference the secret you just uploaded as an imagePullSecrets | |
# run: "kubectl patch serviceaccount default -p '{\"imagePullSecrets\": [{\"name\": \"registry-<your-registry-name>`\"}]}'" | |
- name: Deploy to DigitalOcean Kubernetes | |
run: kubectl apply -f $GITHUB_WORKSPACE/deployment.yml | |
- name: Verify deployment | |
run: kubectl rollout status deployment/golang-web -n backend |