diff --git a/.github/workflows/deploy-on-demand.yml b/.github/workflows/deploy-on-demand.yml index d60a444..f7ff110 100644 --- a/.github/workflows/deploy-on-demand.yml +++ b/.github/workflows/deploy-on-demand.yml @@ -21,11 +21,13 @@ env: PROJECT: ota-admin-portal REGISTRY: fiskercloud.azurecr.io +permissions: + id-token: write + contents: read + jobs: build: runs-on: ubuntu-latest - outputs: - build-env: ${{ steps.set-env.outputs.ENVIRONMENT }} steps: - name: Slack Notification uses: rtCamp/action-slack-notify@v2 @@ -34,7 +36,7 @@ jobs: uses: actions/checkout@v4 - name: Azure Login - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -45,21 +47,6 @@ jobs: username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} - - name: Set Env - env: - ENV: ${{ inputs.environment }} - id: set-env - run: | - case ${ENV} in - dev) - ENVIRONMENT=dev;; - preprod) - ENVIRONMENT=prd;; - *) - ENVIRONMENT=dev;; - esac - echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_ENV - echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_OUTPUT - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -68,44 +55,70 @@ jobs: uses: docker/build-push-action@v5 with: context: . - build-args: ENVIRONMENT=${{ env.ENVIRONMENT }} + build-args: ENVIRONMENT=${{ inputs.environment }} push: true - tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}:${{ env.TAG }}-${{ env.ENVIRONMENT }} + tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}:${{ env.TAG }}-${{ inputs.environment }} cache-from: type=gha cache-to: type=gha,mode=max - deploy: - needs: build - runs-on: [self-hosted, azure] - env: - ENVIRONMENT: ${{ needs.build.outputs.build-env }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - uses: rtCamp/action-slack-notify@v2 - env: - MSG_MINIMAL: true - SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to ${{ inputs.environment }}... :partydeploy:" - - - name: Deploy - run: |- - helm upgrade \ - --kube-context $ENVIRONMENT \ - --set image.registry=$REGISTRY \ - --set image.name=$PROJECT \ - --set image.tag=$TAG-$ENVIRONMENT \ - --wait -i -f k8s/values-$ENVIRONMENT.yaml $PROJECT k8s/ - - - name: Notify deploy - uses: rtCamp/action-slack-notify@v2 - env: - MSG_MINIMAL: true - SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to ${{ inputs.environment }}! :gopher_party:" - - name: Notify if failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_COLOR: ${{ job.status }} + SLACK_MESSAGE: "Failed to build ${{ env.PROJECT }} in ${{ inputs.environment }}! :this-is-fine:" + + deploy: + needs: build + runs-on: arc-azure-${{ inputs.environment }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Notify deploy + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Deploying ${{ env.PROJECT }} to ${{ inputs.environment }}... :partydeploy:" + + - name: Set env + run: | + case ${{ inputs.environment }} in + dev) + KUBECONFIG=${{ secrets.KUBECONFIG_AZURE_DEV }};; + preprod) + KUBECONFIG=${{ secrets.KUBECONFIG_AZURE_PREPROD }};; + *) + KUBECONFIG=${{ secrets.KUBECONFIG_AZURE_DEV }};; + esac + + echo "KUBECONFIG=${KUBECONFIG}" >> $GITHUB_ENV + + - name: Deploy to env + id: deploy + uses: koslib/helm-eks-action@v1.28.0 + env: + KUBE_CONFIG_DATA: ${{ env.KUBECONFIG }} + with: + command: | + helm upgrade \ + --atomic \ + --create-namespace \ + --namespace default \ + --set image.registry=$REGISTRY \ + --set image.name=$PROJECT \ + --set image.tag=$TAG-${{ inputs.environment }} \ + --wait -i -f k8s/values-${{ inputs.environment }}.yaml $PROJECT k8s/ + + - name: Notify deploy failure if: ${{ failure() }} uses: rtCamp/action-slack-notify@v2 env: SLACK_COLOR: ${{ job.status }} SLACK_MESSAGE: "Failed to deploy ${{ env.PROJECT }} to ${{ inputs.environment }}! :this-is-fine:" + + - name: Notify deploy success + uses: rtCamp/action-slack-notify@v2 + env: + MSG_MINIMAL: true + SLACK_MESSAGE: "Successfully deployed ${{ env.PROJECT }} to ${{ inputs.environment }}! :gopher_party:" \ No newline at end of file