diff --git a/.github/workflows/deploy-on-demand-v2.yml b/.github/workflows/deploy-on-demand-v2.yml index 8e6b13e..880d6a1 100644 --- a/.github/workflows/deploy-on-demand-v2.yml +++ b/.github/workflows/deploy-on-demand-v2.yml @@ -9,6 +9,7 @@ on: type: choice options: - dev + - preprod env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} @@ -21,11 +22,13 @@ env: PROJECT: ota-admin-portal-v2 REGISTRY: fiskercloud.azurecr.io +permissions: + id-token: write + contents: read + jobs: build: runs-on: ubuntu-latest - outputs: - build-env: ${{ steps.set-env.outputs.ENVIRONMENT }} steps: - name: Slack Notification uses: rtCamp/action-slack-notify@v2 @@ -34,7 +37,7 @@ jobs: uses: actions/checkout@v4 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -48,22 +51,6 @@ jobs: - name: JFrog Auth run: echo ${JFROG_NPMRC} | base64 -d > .npmrc - - name: Set Env - env: - ENV: ${{ inputs.environment }} - id: set-env - run: | - case ${ENV} in - dev) - ENVIRONMENT=dev;; - preprod) - ENVIRONMENT=prd;; - *) - ENVIRONMENT=dev;; - esac - echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_ENV - echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_OUTPUT - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -71,7 +58,7 @@ jobs: uses: docker/build-push-action@v5 with: context: . - build-args: ENVIRONMENT=${{ env.ENVIRONMENT }} + build-args: ENVIRONMENT=${{ inputs.environment }} push: true tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}:${{ env.TAG }} cache-from: type=gha @@ -82,30 +69,49 @@ jobs: uses: rtCamp/action-slack-notify@v2 env: SLACK_COLOR: ${{ job.status }} - SLACK_MESSAGE: "Failed to build ${{ env.PROJECT }} ${{ inputs.environment }}! :this-is-fine:" + SLACK_MESSAGE: "Failed to build ${{ env.PROJECT }} in ${{ inputs.environment }}! :this-is-fine:" deploy: needs: build - runs-on: [self-hosted, azure] - env: - ENVIRONMENT: ${{ needs.build.outputs.build-env }} + runs-on: arc-azure-${{ inputs.environment }} steps: - name: Checkout uses: actions/checkout@v4 - - uses: rtCamp/action-slack-notify@v2 + - name: Notify deploy + uses: rtCamp/action-slack-notify@v2 env: MSG_MINIMAL: true SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to ${{ inputs.environment }}... :partydeploy:" - - name: Deploy - run: |- - helm upgrade \ - --kube-context $ENVIRONMENT \ - --set image.registry=$REGISTRY \ - --set image.name=$PROJECT \ - --set image.tag=$TAG \ - --wait -i -f k8s/values-$ENVIRONMENT.yaml $PROJECT k8s/ + - name: Set env + run: | + case ${{ inputs.environment }} in + dev) + KUBECONFIG=${{ secrets.KUBECONFIG_AZURE_DEV }};; + preprod) + KUBECONFIG=${{ secrets.KUBECONFIG_AZURE_PREPROD }};; + *) + KUBECONFIG=${{ secrets.KUBECONFIG_AZURE_DEV }};; + esac + + echo "KUBECONFIG=${KUBECONFIG}" >> $GITHUB_ENV + + - name: Deploy to env + id: deploy + uses: koslib/helm-eks-action@v1.28.0 + env: + KUBE_CONFIG_DATA: ${{ env.KUBECONFIG }} + with: + command: | + helm upgrade \ + --atomic \ + --create-namespace \ + --namespace default \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG \ + --wait -i -f k8s/values-${{ inputs.environment }}.yaml $PROJECT k8s/ - name: Notify deploy failure if: ${{ failure() }}