-
Notifications
You must be signed in to change notification settings - Fork 9
87 lines (82 loc) · 3.19 KB
/
cd-to-infra.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: Continuous Deployment to Infra
permissions:
contents: write
on:
push:
branches: [ "main" ]
# Trigger on all release events until we can figure out the optimal selection
release:
env:
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
jobs:
publish:
runs-on: ubuntu-latest
outputs:
deploy_tag: ${{ steps.build.outputs.deploy_tag }}
steps:
-
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to Public ECR
uses: docker/login-action@v2
with:
registry: public.ecr.aws
username: ${{ env.AWS_ACCESS_KEY_ID }}
password: ${{ env.AWS_SECRET_ACCESS_KEY }}
env:
AWS_REGION: us-east-1
-
name: Build and Publish
id: build
run: |
SHA_TAG=$(echo ${{ github.SHA }} | head -c 12)
DEPLOY_TAG=$SHA_TAG
if [[ ${{ contains(github.event.head_commit.message, 'chore: version v') }} == 'true' ]]; then
RELEASE_TAG=$(cargo metadata --format-version=1 --no-deps | jq '.packages[0].version' | tr -d '"')
# Use the release tag to deploy, if one is available.
DEPLOY_TAG=$RELEASE_TAG
fi
make SHA="${{ github.SHA }}" SHA_TAG="$SHA_TAG" RELEASE_TAG="$RELEASE_TAG" publish-docker
echo "Deploy tag:"
echo ${DEPLOY_TAG}
echo "deploy_tag=${DEPLOY_TAG}" >> $GITHUB_OUTPUT
deploy:
runs-on: ubuntu-latest
needs:
- publish
steps:
-
uses: actions/checkout@v3
-
name: Schedule k8s deployment
run: |
echo "Workflow triggered by: ${{ github.event_name }}"
if [[ "${{ github.event_name }}" == "release" ]]; then
echo "Release action: ${{ github.event.action }}"
# For some reason, GitHub won't trigger the "created" or "prereleased" events when a pre-release is created
# from the "publish-release.yml" workflow. This is despite using a PAT to create the pre-release, which is
# the recommended way to trigger one workflow from another.
#
# This would imply that there was some issue with the repo or workflow configuration but GitHub does trigger
# the "published" workflow. Because of this, we're detecting pre-releases through the "published" event and
# its "prerelease" flag.
#
# Strangely enough, the "edited" and "released" events are triggered when promoting the pre-release to a
# release through the GitHub console (╯°□°)╯︵ ┻━┻
if [[ "${{ github.event.action }}" == "published" && "${{ github.event.release.prerelease }}" == "true" ]]; then
DEPLOY_ENV="tnet"
elif [[ "${{ github.event.action }}" == "released" ]]; then
DEPLOY_ENV="prod"
fi
else
DEPLOY_ENV="qa"
fi
echo "DEPLOY_ENV is $DEPLOY_ENV"
if [[ -n "$DEPLOY_ENV" ]]; then
make DEPLOY_ENV="$DEPLOY_ENV" DEPLOY_TAG=${{ needs.publish.outputs.deploy_tag }} schedule-k8s-deployment
fi