-
Notifications
You must be signed in to change notification settings - Fork 2
72 lines (62 loc) · 2.25 KB
/
deploy-review.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
name: Deploy Review App
on:
pull_request:
types: [opened, synchronize, reopened]
permissions:
id-token: write
contents: read
packages: write
pull-requests: write
concurrency:
group: ${{ github.event.pull_request.number }}
jobs:
package:
uses: Chia-Network/actions/.github/workflows/docker-build.yaml@main
deploy:
needs:
- package
runs-on: k8s-public-msp
container:
image: registry.gitlab.com/cmmarslender/kubectl-helm:v3
environment:
name: Review ${{ github.event.pull_request.number }}
url: https://${{ github.event.pull_request.number }}.dashboard.chia.net
steps:
- uses: actions/checkout@v4
- name: Vault Login
uses: Chia-Network/actions/vault/login@main
with:
vault_url: ${{ secrets.VAULT_URL }}
role_name: github-pub-metrics-grafana
- name: Get secrets from vault
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
token: ${{ env.VAULT_TOKEN }}
secrets: |
secret/data/msp/k8s/k8s-msp api_server_url | K8S_API_SERVER_URL;
secret/data/msp/mysql/db-info host | DB_HOST;
secret/data/msp/mysql/users/grafana-read-pub username | GRAFANA_PUB_READ_USERNAME;
secret/data/msp/mysql/users/grafana-read-pub password | GRAFANA_PUB_READ_PASSWORD;
- name: Template grafana configs
run: |
j2 templates/datasources.yaml.j2 -o helm/pub-metrics-grafana/datasources
- name: Login to k8s cluster
uses: Chia-Network/actions/vault/k8s-login@main
with:
vault_url: ${{ secrets.VAULT_URL }}
vault_token: ${{ env.VAULT_TOKEN }}
backend_name: k8s-msp
role_name: github-actions
cluster_url: ${{ env.K8S_API_SERVER_URL }}
- uses: Chia-Network/actions/helm/deploy@main
env:
REPLICAS: 1
HOSTNAME: "${{ github.event.pull_request.number }}.dashboard.chia.net"
IMAGE_TAG: "sha-${{ github.sha }}"
REVIEW_SLUG: ${{ github.event.pull_request.number }}
with:
namespace: grafana-pub
app_name: "grafana-${{ env.REVIEW_SLUG }}"
helm_chart: "./helm/pub-metrics-grafana"
helm_values: "./helm/values.yaml"