-
Notifications
You must be signed in to change notification settings - Fork 2
95 lines (79 loc) · 2.99 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: Build And Deploy Services
on:
push:
branches:
- "master"
env:
PROJECT_ID: crows-moe
LOCATION: asia-southeast1
IMAGE_LOCATION: "asia-southeast1-docker.pkg.dev/crows-moe/images"
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Google Auth
id: auth
uses: "google-github-actions/auth@v1"
with:
credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}"
token_format: "access_token"
- name: Docker Auth
id: docker-auth
uses: "docker/login-action@v2"
with:
registry: "${{ env.LOCATION }}-docker.pkg.dev"
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Set service tag from datetime
run: echo "TAG=$(date +'%Y%m%d%H%M')" >> $GITHUB_ENV
- name: build blog
run: |-
docker build --platform=linux/amd64 -t "${{ env.IMAGE_LOCATION }}/blog:${{ env.TAG }}" service/blog
docker push "${{ env.IMAGE_LOCATION }}/blog:${{ env.TAG }}"
- name: build ema
run: |-
docker build --platform=linux/amd64 -t "${{ env.IMAGE_LOCATION }}/ema:${{ env.TAG }}" service/ema
docker push "${{ env.IMAGE_LOCATION }}/ema:${{ env.TAG }}"
- name: build urldbot
run: |-
docker build --platform=linux/amd64 -t "${{ env.IMAGE_LOCATION }}/urldbot:${{ env.TAG }}" service/urldbot
docker push "${{ env.IMAGE_LOCATION }}/urldbot:${{ env.TAG }}"
outputs:
tag: ${{ env.TAG }}
deploy:
runs-on: ubuntu-latest
needs: build
defaults:
run:
working-directory: infra
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Make Variables
run: |-
echo '{"deploy_tag":"${{ env.TAG }}",' > deploy.auto.tfvars.json
echo '"urldbot_token":"${{ env.URLDBOT_TOKEN }}",' >> deploy.auto.tfvars.json
echo '"ema_invite_key":"${{ env.EMA_INVITE_KEY }}",' >> deploy.auto.tfvars.json
echo '"ema_jwt_secret":"${{ env.EMA_JWT_SECRET }}",' >> deploy.auto.tfvars.json
echo '"ema_postgres_url":"${{ env.EMA_POSTGRES_URL }}"}' >> deploy.auto.tfvars.json
env:
TAG: ${{needs.build.outputs.tag}}
URLDBOT_TOKEN: ${{ secrets.URLDBOT_TOKEN }}
EMA_INVITE_KEY: ${{ secrets.EMA_INVITE_KEY }}
EMA_JWT_SECRET: ${{ secrets.EMA_JWT_SECRET }}
EMA_POSTGRES_URL: ${{ secrets.EMA_POSTGRES_URL }}
- name: Terraform Setup
uses: hashicorp/setup-terraform@v2
with:
cli_config_credentials_token: ${{ secrets.TF_TOKEN }}
- name: Terraform Format Check
run: terraform fmt -check
- name: Terraform Init
run: terraform init
- name: Terraform Validate
run: terraform validate -no-color
- name: Terraform Apply
if: github.ref == 'refs/heads/master' && github.event_name == 'push'
run: terraform apply -auto-approve