Skip to content

Merge pull request #1940 from NDLANO/fix-race-condition #1024

Merge pull request #1940 from NDLANO/fix-race-condition

Merge pull request #1940 from NDLANO/fix-race-condition #1024

Workflow file for this run

name: Release
on:
push:
branches:
- master
env:
AWS_ACCESS_KEY_ID: ${{ secrets.CI_AWS_CLIENT_ID }}
AWS_DEFAULT_REGION: 'eu-west-1'
AWS_SECRET_ACCESS_KEY: ${{ secrets.CI_AWS_CLIENT_SECRET }}
NDLA_AWS_ECR_REPO: ${{ secrets.NDLA_AWS_ECR_REPO }}
CI_RELEASE_ROLE: ${{ secrets.CI_RELEASE_ROLE }}
CI_GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
NDLA_RELEASES: ${{ secrets.NDLA_RELEASES }}
PACT_BROKER_PASSWORD: ${{ secrets.PACT_BROKER_PASSWORD }}
PACT_BROKER_URL: ${{ secrets.PACT_BROKER_URL }}
PACT_BROKER_USERNAME: ${{ secrets.PACT_BROKER_USERNAME }}
NDLA_ENVIRONMENT: local
NDLA_HOME: ${{ github.workspace }}/ndla
NDLA_DEPLOY: ${{ github.workspace }}/ndla/deploy
NODE_OPTIONS: '--max_old_space_size=4096'
COMPONENT: ${{ github.event.repository.name }}
GPG_KEY: ${{ secrets.DEPLOY_BLACKBOX_GPG_KEY_B64 }}
jobs:
release:
name: 'Release and push to registry'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
path: ndla/${{ github.event.repository.name }}
- uses: actions/checkout@v3
with:
repository: NDLANO/deploy
token: ${{ secrets.CI_GITHUB_TOKEN }}
path: ndla/deploy
- uses: actions/setup-python@v2
with:
python-version: "3.11"
- uses: olafurpg/setup-scala@v13
with:
java-version: [email protected]
- name: "Setup ~/bin directory"
run: |
mkdir -p /home/runner/bin
echo "/home/runner/bin" >> $GITHUB_PATH
- name: 'Login to ECR repo'
run:
RES=$(aws sts assume-role --role-arn $CI_RELEASE_ROLE --role-session-name github-actions-ecr-login)
AWS_ACCESS_KEY_ID=$(echo $RES | jq -r .Credentials.AccessKeyId)
AWS_SECRET_ACCESS_KEY=$(echo $RES | jq -r .Credentials.SecretAccessKey)
AWS_SESSION_TOKEN=$(echo $RES | jq -r .Credentials.SessionToken)
aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin $NDLA_AWS_ECR_REPO
- name: 'Login to dockerhub'
run: echo $DOCKER_HUB_PASSWORD | docker login --username $DOCKER_HUB_USERNAME --password-stdin
- name: 'Cache pip'
uses: actions/cache@v2
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('ndla/deploy/scripts/pyshare/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
${{ runner.os }}-
- name: 'Install python dependencies'
run: |
python -m pip install --upgrade pip
PIP_CONSTRAINT=ndla/deploy/scripts/pyshare/constraints.txt python -m pip install -r ndla/deploy/scripts/pyshare/requirements.txt
- name: "Download blackbox"
uses: actions/checkout@v3
with:
repository: StackExchange/blackbox
path: blackbox
- name: "Install Blackbox and key"
run: |
# Move binaries to path
sudo mv blackbox/bin/* /home/runner/bin/
echo -n "$GPG_KEY" | base64 --decode | gpg --import
- name: 'Install kubectl'
run: |
curl -L https://storage.googleapis.com/kubernetes-release/release/v1.21.11/bin/linux/amd64/kubectl > kubectl
sudo mv kubectl /home/runner/bin/kubectl
sudo chmod +x /home/runner/bin/kubectl
mkdir -p ~/.kube
- name: 'Install aws-iam-authenticator'
run: |
sudo curl -L https://amazon-eks.s3-us-west-2.amazonaws.com/1.12.7/2019-03-27/bin/linux/amd64/aws-iam-authenticator > aws-iam-authenticator
sudo mv aws-iam-authenticator /home/runner/bin/aws-iam-authenticator
sudo chmod +x /home/runner/bin/aws-iam-authenticator
- name: 'Install helm /w push-plugin'
run: |
curl -L https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz > /tmp/helm.tar.gz
tar xvzf /tmp/helm.tar.gz -C /tmp/
sudo mv /tmp/linux-amd64/helm /home/runner/bin/
sudo chmod +x /home/runner/bin/helm
helm plugin install https://github.com/chartmuseum/helm-push.git --version 0.9.0
- name: Build kubernetes config
run: |
eval "$($NDLA_DEPLOY/scripts/bin/ndla init -)"
_ndla_wrapper env kubeconfig test
- name: 'Do release'
shell: bash
run: |
eval "$($NDLA_DEPLOY/scripts/bin/ndla init -)"
_ndla_wrapper release $COMPONENT --update-chart