argonaut workflow Setup : #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Deploy mqttwrk - rumqtt" | |
on: | |
push: | |
branches: | |
- master | |
paths: | |
- "**" | |
- .github/workflows/argonaut-gcp-rumqtt-mqttwrk.yaml | |
- Dockerfile | |
- .art/argonaut-gcp-rumqtt-mqttwrk.yaml | |
tags: | |
- "v*" # Push events to matching v*, i.e. v1.0, v20.15.10 | |
workflow_dispatch: | |
env: | |
ART_REGISTRY_URL: asia-south1-docker.pkg.dev/rumqtt/argonaut-gar-6af138f9/mqttwrk-rumqtt | |
jobs: | |
build: | |
environment: | |
name: rumqtt | |
runs-on: ubuntu-latest | |
name: Build and Push Img | |
steps: | |
- name: Get the version | |
id: get_version | |
run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/} | |
- name: Fetch repo | |
uses: actions/checkout@v2 | |
with: | |
submodules: 'recursive' | |
- name: Get Short SHA | |
id: get_sha | |
run: echo ::set-output name=SHA_SHORT::$(git rev-parse --short HEAD) | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Download art | |
run: | | |
curl --silent https://github.com/argonautdev/public/releases/latest/download/art-linux -L -o art | |
chmod +x ./art | |
mv ./art /usr/local/bin/art | |
- name: Fetch BuildTime Secrets | |
run: | | |
art configure --key ${{ secrets.a27dgr3fyi4etqlo_ART_KEY }} --secret ${{ secrets.a27dgr3fyi4etqlo_ART_SECRET }} | |
art app envvars get -f .art/argonaut-gcp-rumqtt-mqttwrk.yaml \ | |
--type buildtime \ | |
--format dotenv > art-build-secrets.env | |
echo 'ART_BUILD_SECRETS_FILE<<EOF' >> $GITHUB_ENV | |
cat art-build-secrets.env >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
- name: Set GCP Credentials via art | |
run: | | |
art configure generate-gcp-credentials --project rumqtt >> credentials.json | |
echo "CLOUDSDK_AUTH_ACCESS_TOKEN=$(cat credentials.json | jq --raw-output '.access_token')" >> $GITHUB_ENV | |
echo "CLOUDSDK_CORE_PROJECT=rumqtt" >> $GITHUB_ENV | |
- name: Login to GAR | |
run: echo $CLOUDSDK_AUTH_ACCESS_TOKEN | docker login -u oauth2accesstoken --password-stdin ${{ env.ART_REGISTRY_URL }} | |
- name: Build Image | |
uses: docker/build-push-action@v2 | |
id: build | |
with: | |
context: . | |
file: ./Dockerfile | |
push: true | |
tags: ${{ env.ART_REGISTRY_URL }}:${{ steps.get_sha.outputs.SHA_SHORT }} | |
build-args: | | |
${{ env.ART_BUILD_SECRETS_FILE }} | |
outputs: type=registry | |
deploy: | |
environment: | |
name: rumqtt | |
runs-on: ubuntu-latest | |
name: Deploy to Argonaut | |
needs: build | |
steps: | |
- name: Fetch repo | |
uses: actions/checkout@v2 | |
- name: Fetch branch name | |
shell: bash | |
run: echo ::set-output name=BRANCH_NAME::${GITHUB_REF#refs/heads/} | |
id: get_branch_name | |
- name: Get Short SHA | |
id: get_sha | |
run: echo ::set-output name=SHA_SHORT::$(git rev-parse --short HEAD) | |
- name: Download art | |
run: curl --silent https://github.com/argonautdev/public/releases/latest/download/art-linux -L -o art | |
- name: Configure art | |
run: | | |
chmod +x ./art | |
sudo mv ./art /usr/local/bin/art | |
art configure --key ${{ secrets.a27dgr3fyi4etqlo_ART_KEY }} --secret ${{ secrets.a27dgr3fyi4etqlo_ART_SECRET }} | |
art app deploy -f .art/argonaut-gcp-rumqtt-mqttwrk.yaml \ | |
--set imageTag="${{ steps.get_sha.outputs.SHA_SHORT }}" |