From c490c2fd4b3d78c8f83c9c5fef978e5a4c08b93d Mon Sep 17 00:00:00 2001
From: Roman Khabarov <roman@globalart.dev>
Date: Tue, 28 May 2024 12:15:22 +0200
Subject: [PATCH] chore: deploy

---
 .github/workflows/deploy-k8s.yml | 50 ++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 .github/workflows/deploy-k8s.yml

diff --git a/.github/workflows/deploy-k8s.yml b/.github/workflows/deploy-k8s.yml
new file mode 100644
index 0000000..4e4c933
--- /dev/null
+++ b/.github/workflows/deploy-k8s.yml
@@ -0,0 +1,50 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+    - master
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    env:
+      NAMESPACE: globalart-prod
+      HARBOR_PROJECT: gitlab-prod
+      HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
+      HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}
+      HARBOR_HOST: ${{ secrets.HARBOR_HOST }}
+      KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Setup kubectl
+      uses: azure/setup-kubectl@v1
+
+    - name: Setup helm
+      uses: azure/setup-helm@v1
+
+    - name: Copy kubeconfig
+      run: |
+        mkdir -p ~/.kube
+        echo "$KUBE_CONFIG" > ~/.kube/config
+
+    - name: Setup trdl and werf
+      run: |
+        curl -sSL https://werf.io/install.sh | bash -s -- --version 1.2 --channel stable
+        source $("$HOME/bin/trdl" use werf "1.2" "stable")
+
+    - name: Login to Harbor
+      run: "werf cr login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD $HARBOR_HOST"
+    - name: Deploy with werf
+      run: |
+        werf converge --namespace=$NAMESPACE \
+                      --env prod \
+                      --kube-config=~/.kube/config \
+                      --skip-tls-verify-registry=true \
+                      --repo-container-registry=harbor \
+                      --repo=$HARBOR_HOST/${HARBOR_PROJECT}/$GITHUB_REPOSITORY \
+                      --repo-harbor-username=$HARBOR_USERNAME \
+                      --repo-harbor-password=$HARBOR_PASSWORD \
+                      --atomic=true