-
Notifications
You must be signed in to change notification settings - Fork 1
94 lines (77 loc) · 3.47 KB
/
hetzner-prd-workflow.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: hetzner development workflow
# Controls when the workflow will run
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows
on:
# Triggers the workflow on push or pull request events but only for the "master" branch
push:
branches: [ develop ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
permissions: write-all
env:
VALUE_FILE: bd-automation-prd/deployment.yaml
REGISTRY: quay.io/bot_detector/bd-automation
ENVIRONMENT: prd
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains two jobs: build_image and update_image_version
build_image:
# The type of runner that the job will run on
runs-on: [self-hosted, "hetzner"]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: git checkout
uses: actions/checkout@v3
- name: Set vars
id: vars
run: |
echo "GIT_HASH=$(git rev-parse --short "$GITHUB_SHA")" >> $GITHUB_OUTPUT
- name: Docker Build
run: |
docker build . --file Dockerfile --network=host -t "${REGISTRY}:${{ steps.vars.outputs.GIT_HASH }}"
- name: Login to Quay registry
run: echo "${{ secrets.QUAY_REGISTERY_PASSWORD }}" | docker login -u "bot_detector+quay_robot" quay.io --password-stdin
- name: Tag image
run: |
docker tag "${REGISTRY}:${{ steps.vars.outputs.GIT_HASH }}" "${REGISTRY}:${ENVIRONMENT}"
- name: Docker Push image to Quay registry
run: |
docker push "${REGISTRY}:${{ steps.vars.outputs.GIT_HASH }}"
docker push "${REGISTRY}:${ENVIRONMENT}"
update_image_version:
runs-on: [self-hosted, "hetzner"]
needs: build_image # This ensures that the build_image job is completed before running this job
steps:
- name: Checkout Target Repository
uses: actions/checkout@v3
with:
repository: Bot-detector/bot-detector-k8s
- name: Set vars
id: vars
run: |
echo "GIT_HASH=$(git rev-parse --short "$GITHUB_SHA")" >> $GITHUB_OUTPUT
- name: Update Image Version
uses: fjogeleit/yaml-update-action@main
with:
repository: Bot-detector/bot-detector-k8s
token: "${{ secrets.HETZNER_ACTIONS_RUNNER_TOKEN }}"
commitChange: true
title: "automation-${{ steps.vars.outputs.GIT_HASH }}"
branch: "automation-${{ steps.vars.outputs.GIT_HASH }}"
targetBranch: develop
masterBranchName: develop
createPR: true
# {"filepath":{"propertyPath":"value"}}
changes: |
{
"bd-automation-prd/broadcaster-job.yaml": {
"spec.jobTemplate.spec.template.spec.containers[0].image": "${{ env.REGISTRY }}:${{ steps.vars.outputs.GIT_HASH }}"
},
"bd-automation-prd/kafka-job.yaml": {
"spec.jobTemplate.spec.template.spec.containers[0].image": "${{ env.REGISTRY }}:${{ steps.vars.outputs.GIT_HASH }}"
},
"bd-automation-prd/tipoff-job.yaml": {
"spec.jobTemplate.spec.template.spec.containers[0].image": "${{ env.REGISTRY }}:${{ steps.vars.outputs.GIT_HASH }}"
}
}