Deploy Server to k8s #66
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Server to k8s | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
# paths: | |
# - 'server/**' | |
permissions: | |
id-token: write | |
contents: read | |
packages: write | |
jobs: | |
build: | |
environment: k8deploy | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@master | |
- name: Log in to the Container registry | |
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and rollout to CI | |
working-directory: server | |
run: | | |
docker build . \ | |
-t ghcr.io/jmandel/vaxxlink:$GITHUB_SHA \ | |
-t ghcr.io/jmandel/vaxxlink:latest | |
docker push ghcr.io/jmandel/vaxxlink | |
# kubectl -n vaxxlink rollout restart deployment/vaxxlink | |
- name: Configure Kubectl | |
env: | |
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} | |
run: | | |
mkdir -p $HOME/.kube | |
KUBE_TOKEN=$(echo $KUBE_CONFIG | jq -r .KUBE_TOKEN) | |
KUBE_CERTIFICATE=$(echo $KUBE_CONFIG | jq -r .KUBE_CERTIFICATE) | |
KUBE_SERVER=$(echo $KUBE_CONFIG | jq -r .KUBE_SERVER) | |
echo "$KUBE_CERTIFICATE" | base64 --decode > $HOME/.kube/ca.crt | |
kubectl config set-cluster mycluster --server="$KUBE_SERVER" --certificate-authority=$HOME/.kube/ca.crt | |
kubectl config set-credentials github-actions-deployer --token="$KUBE_TOKEN" | |
kubectl config set-context mycontext --cluster=mycluster --user=github-actions-deployer --namespace=vaxxlink | |
kubectl config use-context mycontext | |
- name: Restart Deployment | |
run: | | |
kubectl rollout restart deployment/vaxxlink -n vaxxlink |