-
Notifications
You must be signed in to change notification settings - Fork 0
91 lines (90 loc) · 4 KB
/
request-grav.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
name: Demander un site web GRAV
on:
workflow_dispatch:
inputs:
domaine:
type: string
required: true
description: Domaine à utiliser (eg cedille.etsmtl.ca)
nom_club:
type: string
required: true
description: Nom du club. Pas de caractères spéciaux ou d'espaces outre - et _
contexte:
type: string
required: false
description: Contexte sur la demande
jobs:
create_pr:
runs-on: ubuntu-latest
env:
j2_vars: |
deployment_prefix=${{inputs.nom_club}}
repo_name=${{inputs.domaine}}
repo_url=https://github.com/ClubCedille/${{inputs.domaine}}.git
namespace=${{inputs.nom_club}}-grav
hostname=${{inputs.domaine}}
requester=${{github.event.sender.name}}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create folders
run: mkdir -p apps/${{inputs.nom_club}}/grav/prod
- name: Create kustomize
uses: cuchi/[email protected]
with:
template: bases/grav/prod-templates/kustomization.yaml.jinja2
output_file: apps/${{inputs.nom_club}}/grav/prod/kustomization.yaml
strict: true
variables: ${{ env.j2_vars }}
- name: Create vault-patch
uses: cuchi/[email protected]
with:
template: bases/grav/prod-templates/vault-patch.yaml.jinja2
output_file: apps/${{inputs.nom_club}}/grav/prod/vault-patch.yaml
strict: true
variables: ${{ env.j2_vars }}
- name: Create terraform repo
uses: cuchi/[email protected]
with:
template: bases/grav/prod-templates/grav-repo.tf.jinja2
output_file: terraform/github/apps-repos/${{inputs.nom_club}}-grav.tf
strict: true
variables: ${{ env.j2_vars }}
- name: Create GH auth set
uses: cuchi/[email protected]
with:
template: bases/grav/prod-templates/gh-role.yaml.jinja2
output_file: system/vault/configs/gh-roles/${{inputs.nom_club}}-grav.yaml
strict: true
variables: ${{ env.j2_vars }}
- name: Create argo app
uses: cuchi/[email protected]
with:
template: bases/grav/prod-templates/argo.yaml.jinja2
output_file: apps/${{inputs.nom_club}}/grav/argo.yaml
strict: true
variables: ${{ env.j2_vars }}
- name: Update kustomize files
run: |
cd $GITHUB_WORKSPACE/apps/${{inputs.nom_club}}/grav
kustomize create --resources argo.yaml
cd $GITHUB_WORKSPACE/system/vault/configs/gh-roles
kustomize edit add resource ${{inputs.nom_club}}-grav.yaml
cd $GITHUB_WORKSPACE/apps/argo-apps
kustomize edit add resource ../${{inputs.nom_club}}/grav/
- name: Create Pull Request
uses: peter-evans/create-pull-request@v5
with:
title: Create a GRAV website for ${{inputs.nom_club}}
branch: grav/${{inputs.nom_club}}
team-reviewers: |
SRE
body: |
Nom du club: ${{inputs.nom_club}}
Domaine: ${{inputs.domaine}}
Contexte: ${{inputs.contexte}}
Mot de passe par defaut:
> `kubectl port-forward -n vault svc/vault-ui 8200`
> https://localhost:8200/ui/vault/secrets/kv/show/${{inputs.nom_club}}-grav/default/grav/${{inputs.nom_club}}-grav-init-pwd
token: ${{ secrets.PULL_REQUEST_TOKEN }}