From 12dad92f4ec7292cd1c130af8eaebd26591995b4 Mon Sep 17 00:00:00 2001 From: Milamary Date: Tue, 2 Apr 2024 21:39:03 -0700 Subject: [PATCH] ARC runners: deploy.yml --- .github/workflows/deploy.yml | 136 ++++++++++++++++++++++++----------- 1 file changed, 94 insertions(+), 42 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e2301d8..108e579 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,6 +15,10 @@ env: PROJECT: ota-admin-portal REGISTRY: fiskercloud.azurecr.io +permissions: + id-token: write + contents: read + jobs: build-dev: runs-on: ubuntu-latest @@ -27,7 +31,7 @@ jobs: uses: actions/checkout@v4 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -60,25 +64,37 @@ jobs: deploy-dev: needs: [build-dev] - runs-on: [self-hosted, azure] + runs-on: [ arc-azure-dev ] environment: dev steps: - name: Checkout uses: actions/checkout@v4 - - uses: rtCamp/action-slack-notify@v2 + - name: Notify deploy + uses: rtCamp/action-slack-notify@v2 env: MSG_MINIMAL: true SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to dev... :partydeploy:" - name: Deploy to dev - run: |- - helm upgrade \ - --kube-context dev \ - --set image.registry=$REGISTRY \ - --set image.name=$PROJECT \ - --set image.tag=$TAG-dev \ - --wait -i -f k8s/values-dev.yaml $PROJECT k8s/ + id: deploy + uses: koslib/helm-eks-action@v1.28.0 + env: + KUBE_CONFIG_DATA: ${{ secrets.KUBECONFIG_AZURE_DEV }} + with: + command: | + helm upgrade \ + --atomic \ + --create-namespace \ + --namespace default \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG-dev \ + --wait -i -f k8s/values-dev.yaml $PROJECT k8s/ + + - name: Deploy Response + run: echo "Response was ${{ steps.deploy.outputs.response }}" + - name: Notify deploy failure if: ${{ failure() }} @@ -104,7 +120,7 @@ jobs: uses: actions/checkout@v4 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -137,26 +153,38 @@ jobs: deploy-preprod: needs: [deploy-dev, build-preprod] - runs-on: [self-hosted, azure] - environment: stg + runs-on: [ arc-azure-preprod ] + environment: preprod steps: + - name: Checkout uses: actions/checkout@v4 - - uses: rtCamp/action-slack-notify@v2 + - name: Notify deploy + uses: rtCamp/action-slack-notify@v2 env: MSG_MINIMAL: true SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to preprod... :partydeploy:" - name: Deploy to preprod - run: |- - helm upgrade \ - --kube-context prd \ - --set image.registry=$REGISTRY \ - --set image.name=$PROJECT \ - --set image.tag=$TAG-prd \ - --wait -i -f k8s/values-prd.yaml $PROJECT k8s/ - + id: deploy + uses: koslib/helm-eks-action@v1.28.0 + env: + KUBE_CONFIG_DATA: ${{ secrets.KUBECONFIG_AZURE_PREPROD }} + with: + command: | + helm upgrade \ + --atomic \ + --create-namespace \ + --namespace default \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG-prd \ + --wait -i -f k8s/values-prd.yaml $PROJECT k8s/ + + - name: Deploy Response + run: echo "Response was ${{ steps.deploy.outputs.response }}" + - name: Notify deploy failure if: ${{ failure() }} uses: rtCamp/action-slack-notify@v2 @@ -181,7 +209,7 @@ jobs: uses: actions/checkout@v4 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -214,26 +242,38 @@ jobs: deploy-cec-prd: needs: [deploy-dev, deploy-preprod, build-cec-prd] - runs-on: [self-hosted, azure] + runs-on: [ arc-azure-cec-prd ] environment: prd steps: + - name: Checkout uses: actions/checkout@v4 - - uses: rtCamp/action-slack-notify@v2 + - name: Notify deploy + uses: rtCamp/action-slack-notify@v2 env: MSG_MINIMAL: true SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to cec-prd... :partydeploy:" - name: Deploy to cec-prd - run: |- - helm upgrade \ - --kube-context cec-prd-cluster-1 \ - --set image.registry=$REGISTRY \ - --set image.name=$PROJECT \ - --set image.tag=$TAG-cec-prd \ - --wait -i -f k8s/values-cec-prd.yaml $PROJECT k8s/ + id: deploy + uses: koslib/helm-eks-action@v1.28.0 + env: + KUBE_CONFIG_DATA: ${{ secrets.KUBECONFIG_AZURE_CEC_PRD }} + with: + command: | + helm upgrade \ + --atomic \ + --create-namespace \ + --namespace default \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG-cec-prd \ + --wait -i -f k8s/values-cec-prd.yaml $PROJECT k8s/ + - name: Deploy Response + run: echo "Response was ${{ steps.deploy.outputs.response }}" + - name: Notify deploy failure if: ${{ failure() }} uses: rtCamp/action-slack-notify@v2 @@ -258,7 +298,7 @@ jobs: uses: actions/checkout@v4 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -291,25 +331,37 @@ jobs: deploy-cec-euprd: needs: [deploy-dev, deploy-preprod, build-cec-euprd] - runs-on: [self-hosted, azure] + runs-on: [ arc-azure-cec-euprd ] environment: prd steps: - name: Checkout uses: actions/checkout@v4 - - uses: rtCamp/action-slack-notify@v2 + - name: Notify deploy + uses: rtCamp/action-slack-notify@v2 env: MSG_MINIMAL: true SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to cec-euprd... :partydeploy:" - name: Deploy to cec-euprd - run: |- - helm upgrade \ - --kube-context cec-euprd-cluster-1 \ - --set image.registry=$REGISTRY \ - --set image.name=$PROJECT \ - --set image.tag=$TAG-cec-euprd \ - --wait -i -f k8s/values-cec-euprd.yaml $PROJECT k8s/ + id: deploy + uses: koslib/helm-eks-action@v1.28.0 + env: + KUBE_CONFIG_DATA: ${{ secrets.KUBECONFIG_AZURE_CEC_EUPRD }} + with: + command: | + helm upgrade \ + --atomic \ + --create-namespace \ + --namespace default \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG-cec-euprd \ + --wait -i -f k8s/values-cec-euprd.yaml $PROJECT k8s/ + + - name: Deploy Response + run: echo "Response was ${{ steps.deploy.outputs.response }}" + - name: Notify deploy failure if: ${{ failure() }}