-
Notifications
You must be signed in to change notification settings - Fork 1
156 lines (141 loc) · 5.7 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Python Continuous Integration
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
#env:
# PYTHON_VERSION: 3.11
# NODE_VERSION: 18
permissions:
id-token: write
contents: write
packages: write
jobs:
tags:
runs-on: ubuntu-latest
outputs:
new_version: ${{ steps.tag.outputs.new_version }}
steps:
- uses: actions/checkout@v4
- name: Bump version and push tag
id: tag_version
if: github.ref == 'refs/heads/main'
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Add tag to output step for main branch
id: tag
run: |
if [ '${{ github.ref }}' = 'refs/heads/main' ]; then
echo "new_version=${{ steps.tag_version.outputs.new_version }}" >> $GITHUB_OUTPUT
else
echo "new_version=pr-${{ github.event.number }}-${{ github.run_number }}" >> $GITHUB_OUTPUT
fi
build_docker_api:
needs: [tags]
uses: ./.github/workflows/docker.yml
with:
image_name: "transcriptor-api"
image_version: ${{ needs.tags.outputs.new_version }}
image_build_args: ""
image_context: ./production/api
image_file: "./production/api/Dockerfile"
docker_registry: "ghcr.io"
docker_repository: "guillaume-chervet"
secrets:
DOCKER_USERNAME: ${{ github.actor }}
DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
build_docker_ia_worker:
needs: [ tags ]
uses: ./.github/workflows/docker.yml
with:
image_name: "transcriptor-ia-worker"
image_version: ${{ needs.tags.outputs.new_version }}
image_build_args: ""
image_context: ./production/ia-worker
image_file: "./production/ia-worker/Dockerfile"
docker_registry: "ghcr.io"
docker_repository: "guillaume-chervet"
secrets:
DOCKER_USERNAME: ${{ github.actor }}
DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
build_docker_webapp:
needs: [tags]
uses: ./.github/workflows/docker.yml
with:
image_name: "transcriptor-webapp"
image_version: ${{ needs.tags.outputs.new_version }}
image_build_args: ""
image_context: ./production/webapp
image_file: "./production/webapp/Dockerfile"
docker_registry: "ghcr.io"
docker_repository: "guillaume-chervet"
secrets:
DOCKER_USERNAME: ${{ github.actor }}
DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
deploy:
runs-on: ubuntu-latest
needs: [tags, build_docker_api, build_docker_webapp, build_docker_ia_worker]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
- name: Terraform Init
working-directory: deploy/terraform
env:
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
run: terraform init
- name: Import Terraform Resource if Exists
working-directory: deploy/terraform
run: |
if az group show --name aks-resource-group --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }}; then
# Array des ressources à vérifier pour importation
resources=(
"azurerm_resource_group.aks_rg /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/aks-resource-group"
"azurerm_kubernetes_cluster.aks /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/aks-resource-group/providers/Microsoft.ContainerService/managedClusters/aks-cluster"
)
# Boucle pour chaque ressource dans la liste
for resource in "${resources[@]}"; do
# Sépare la ressource et son ID
res_type=$(echo $resource | awk '{print $1}')
res_id=$(echo $resource | awk '{print $2}')
# Vérifie si la ressource est déjà dans l'état Terraform
terraform state list -var="subscription_id=${{ secrets.AZURE_SUBSCRIPTION_ID }}" | grep "$res_type" || terraform import -var="subscription_id=${{ secrets.AZURE_SUBSCRIPTION_ID }}" $res_type $res_id
done
else
echo "Le groupe de ressources n'existe pas. Aucune importation effectuée."
fi
- name: Terraform Apply
run: terraform apply -auto-approve -var="subscription_id=${{ secrets.AZURE_SUBSCRIPTION_ID }}"
working-directory: deploy/terraform
- name: Setup kubectl
env:
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
run: |
az aks get-credentials --resource-group "aks-resource-group" --name "aks-cluster"
- name: Apply Kubernetes Deployment
working-directory: deploy/kubernetes
run: |
kubectl apply -f namespace.yaml
sed -i 's/:latest/:${{ needs.tags.outputs.new_version }}/g' api-deployment.yaml
sed -i 's/:latest/:${{ needs.tags.outputs.new_version }}/g' webapp-deployment.yaml
sed -i 's/:latest/:${{ needs.tags.outputs.new_version }}/g' ia-worker-deployment.yaml
kubectl apply -f webapp-deployment.yaml
kubectl apply -f webapp-service.yaml
kubectl apply -f webapp-ingress.yaml
kubectl apply -f api-deployment.yaml
kubectl apply -f api-service.yaml
kubectl apply -f ia-worker-deployment.yaml
kubectl apply -f ia-worker-service.yaml
kubectl apply -f slimfaas-deployment.yaml
kubectl apply -f slimfaas-ingress.yaml
kubectl apply -f redis-deployment.yaml
kubectl apply -f hpas.yaml