-
Notifications
You must be signed in to change notification settings - Fork 198
134 lines (126 loc) · 5.47 KB
/
forms-flow-root-config-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Push Forms flow root config to registry
on:
workflow_dispatch:
push:
branches: [ master, develop, release/* ]
paths:
- "forms-flow-web-root-config/**"
- "VERSION"
defaults:
run:
shell: bash
working-directory: ./forms-flow-web-root-config
jobs:
build-and-push-image-to-dockerhub:
if: github.repository == 'AOT-Technologies/forms-flow-ai'
runs-on: ubuntu-latest
strategy:
matrix:
include:
- image: formsflow/forms-flow-web
context: forms-flow-web-root-config
dockerfile: Dockerfile
name: forms-flow-web
permissions:
contents: read
packages: write
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
install: true
- name: Set version
if: ${{ github.ref != 'refs/heads/master' }}
working-directory: .
run: |
VER=$(cat VERSION)
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set version
if: ${{ github.ref == 'refs/heads/master' }}
working-directory: .
run: |
VER=$(cat VERSION)
VER=${VER/-alpha/''}
echo "VERSION=$VER" >> $GITHUB_ENV
- run: echo ${{ env.VERSION }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ matrix.image }}
tags: ${{ env.VERSION }}
- name: Log in to the Container registry
uses: docker/login-action@v1
with:
# registry: ${{ env.REGISTRY }}
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ matrix.name }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-${{ matrix.name }}
- name: Build and push Docker image
if: ${{ github.ref != 'refs/heads/master' }}
uses: docker/build-push-action@v4
with:
context: forms-flow-web-root-config
platforms: linux/amd64,linux/arm64/v8
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
MF_FORMSFLOW_WEB_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-web@${{ env.VERSION }}/forms-flow-web.gz.js
MF_FORMSFLOW_NAV_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-nav@${{ env.VERSION }}/forms-flow-nav.gz.js
MF_FORMSFLOW_SERVICE_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-service@${{ env.VERSION }}/forms-flow-service.gz.js
MF_FORMSFLOW_ADMIN_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-admin@${{ env.VERSION }}/forms-flow-admin.gz.js
- name: Build and push Docker image
if: ${{ github.ref == 'refs/heads/master' }}
uses: docker/build-push-action@v4
with:
context: forms-flow-web-root-config
platforms: linux/amd64,linux/arm64/v8
push: true
tags: ${{ steps.meta.outputs.tags }}, formsflow/forms-flow-web:latest
labels: ${{ steps.meta.outputs.labels }}
build-args: |
MF_FORMSFLOW_WEB_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-web@${{ env.VERSION }}/forms-flow-web.gz.js
MF_FORMSFLOW_NAV_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-nav@${{ env.VERSION }}/forms-flow-nav.gz.js
MF_FORMSFLOW_SERVICE_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-service@${{ env.VERSION }}/forms-flow-service.gz.js
MF_FORMSFLOW_ADMIN_URL=https://forms-flow-microfrontends.aot-technologies.com/forms-flow-admin@${{ env.VERSION }}/forms-flow-admin.gz.js
- name: Scan Docker image 🐳
uses: snyk/actions/docker@master
continue-on-error: true
with:
image: ${{ steps.meta.outputs.tags }}
args: --severity-threshold=high --sarif-file-output=snyk.sarif
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload Snyk report as sarif 📦
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif
#####
- name: Set up AWS CLI
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_DEPLOYMENT_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_DEPLOYMENT_SECRET_ACCESS_KEY }}
aws-region: ca-central-1 # Change this to your desired region
- name: Install kubectl
run: |
curl -LO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/
- name: Update Kube config
run: aws eks update-kubeconfig --region ca-central-1 --name ${{ secrets.DEV_EKS_CLUSTER }}
- name: Deploy to eks
run: |
kubectl -n ${{ secrets.DEV_OPENSOURCE_NAMESPACE }} patch deployment forms-flow-web -p '{"spec":{"template":{"spec":{"containers":[{"name":"forms-flow-web","image":"docker.io/formsflow/forms-flow-web:${{ env.VERSION }}"}]}}}}'
kubectl -n ${{ secrets.DEV_OPENSOURCE_NAMESPACE }} rollout restart deployment forms-flow-web