-
Notifications
You must be signed in to change notification settings - Fork 0
205 lines (177 loc) · 7.11 KB
/
cicd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
# https://docs.github.com/en/actions/using-workflows/reusing-workflows
name: CI/CD build, test and deploy using github registry and nomad
on:
workflow_call:
secrets:
NOMAD_TOKEN:
description: 'nomad cluster credentials - store in your repo GitHub Secrets - required to deploy'
required: false
NOMAD_TOKEN_PROD:
description: 'nomad archive.org production cluster credentials - store in your repo GitHub Secrets'
required: false
NOMAD_SECRETS:
# NOTE: requires '=' char key/val separator instead of ':' (which would be actual JSON).
# NOTE: the values *in reality* should all be like the last value.
# Example: {"A"="xxx", "STRINGY"="i'm \"json-like\"", "MY_TOKEN"="${{ secrets.MY_TOKEN }}"}
description: 'json-like key/value string which become env vars in your running deployment shell'
required: false
inputs:
PLATFORMS:
description: 'can set to: "linux/amd64, linux/arm64" for linux + mac arm'
required: false
type: string
default: 'linux/amd64'
BASE_DOMAIN:
description: 'nomad cluster wildcard DNS domain name, eg: example.com'
required: false
type: string
default: 'dev.archive.org'
NOMAD_ADDR:
description: 'nomad cluster API endpoint - archive.org deploys automate this but you can override'
required: false
type: string
TEST_SCRIPT:
description: 'default looks for [WORKDIR]/test.sh in docker image and runs it. pass in alt pathname'
default: './test.sh'
required: false
type: string
NOMAD_VAR_CHECK_PATH:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_CHECK_PROTOCOL:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_CHECK_TIMEOUT:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_COUNT:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_COUNT_CANARIES:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_CPU:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_FORCE_PULL:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_HEALTH_TIMEOUT:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_HOME:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_HOSTNAMES:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_IS_BATCH:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_MEMORY:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_MULTI_CONTAINER:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_NETWORK_MODE:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_NO_DEPLOY:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_PERSISTENT_VOLUME:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
NOMAD_VAR_PORTS:
description: '@see https://gitlab.com/internetarchive/nomad#customizing'
required: false
type: string
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
lfs: true
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup docker buildx
uses: docker/setup-buildx-action@v3
- name: Extract branch name
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
id: extract_branch
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
platforms: ${{ inputs.PLATFORMS }}
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/${{ github.repository }}:${{ steps.extract_branch.outputs.branch }}
cache-from: type=gha # chexxx
cache-to: type=gha,mode=max # chexxx
test:
# https://github.com/internetarchive/test/blob/main/action.yml
runs-on: ubuntu-latest
needs: build
steps:
- uses: internetarchive/test@v1
with:
TEST_SCRIPT: ${{ inputs.TEST_SCRIPT }}
deploy:
runs-on: ubuntu-latest
needs: test
container:
# https://gitlab.com/internetarchive/nomad
image: docker://registry.gitlab.com/internetarchive/nomad/master
env:
BASE_DOMAIN: ${{ inputs.BASE_DOMAIN }}
NOMAD_ADDR: ${{ inputs.NOMAD_ADDR }}
NOMAD_TOKEN: ${{ secrets.NOMAD_TOKEN }}
NOMAD_TOKEN_PROD: ${{ secrets.NOMAD_TOKEN_PROD }}
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NOMAD_SECRETS: ${{ secrets.NOMAD_SECRETS }}
PRIVATE_REPO: ${{ github.event.repository.private }}
NOMAD_VAR_CHECK_PATH: ${{ inputs.NOMAD_VAR_CHECK_PATH }}
NOMAD_VAR_CHECK_PROTOCOL: ${{ inputs.NOMAD_VAR_CHECK_PROTOCOL }}
NOMAD_VAR_CHECK_TIMEOUT: ${{ inputs.NOMAD_VAR_CHECK_TIMEOUT }}
NOMAD_VAR_COUNT: ${{ inputs.NOMAD_VAR_COUNT }}
NOMAD_VAR_COUNT_CANARIES: ${{ inputs.NOMAD_VAR_COUNT_CANARIES }}
NOMAD_VAR_CPU: ${{ inputs.NOMAD_VAR_CPU }}
NOMAD_VAR_FORCE_PULL: ${{ inputs.NOMAD_VAR_FORCE_PULL }}
NOMAD_VAR_HEALTH_TIMEOUT: ${{ inputs.NOMAD_VAR_HEALTH_TIMEOUT }}
NOMAD_VAR_HOME: ${{ inputs.NOMAD_VAR_HOME }}
NOMAD_VAR_HOSTNAMES: ${{ inputs.NOMAD_VAR_HOSTNAMES }}
NOMAD_VAR_IS_BATCH: ${{ inputs.NOMAD_VAR_IS_BATCH }}
NOMAD_VAR_MEMORY: ${{ inputs.NOMAD_VAR_MEMORY }}
NOMAD_VAR_MULTI_CONTAINER: ${{ inputs.NOMAD_VAR_MULTI_CONTAINER }}
NOMAD_VAR_NETWORK_MODE: ${{ inputs.NOMAD_VAR_NETWORK_MODE }}
NOMAD_VAR_NO_DEPLOY: ${{ inputs.NOMAD_VAR_NO_DEPLOY }}
NOMAD_VAR_PERSISTENT_VOLUME: ${{ inputs.NOMAD_VAR_PERSISTENT_VOLUME }}
NOMAD_VAR_PORTS: ${{ inputs.NOMAD_VAR_PORTS }}
# https://gitlab.com/internetarchive/nomad/-/blob/master/deploy.sh
options: --entrypoint=/deploy.sh