name: Build, push and deploy Docker image on: push: branches: [master, develop] release: types: [created] pull_request: types: [labeled, synchronize] jobs: build-front: if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Setup NodeJS uses: actions/setup-node@v2 with: node-version: '14' # messages - name: Install messages dependencies run: yarn install working-directory: messages - name: Build proto messages run: yarn run ts-proto && yarn run copy-to-front-ts-proto && yarn run json-copy-to-front working-directory: messages # docker - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - uses: rlespinasse/github-slug-action@3.1.0 - name: Docker meta id: meta uses: docker/metadata-action@v3 with: images: thecodingmachine/workadventure-front - name: Build and push uses: docker/build-push-action@v2 with: context: . file: front/Dockerfile platforms: linux/amd64,linux/arm64 push: true tags: thecodingmachine/workadventure-front:${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} labels: ${{ steps.meta.outputs.labels }} build-back: if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Setup NodeJS uses: actions/setup-node@v2 with: node-version: '14' # messages - name: Install messages dependencies run: yarn install working-directory: messages - name: Build proto messages run: yarn run proto && yarn run copy-to-back && yarn run json-copy-to-back working-directory: messages # docker - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - uses: rlespinasse/github-slug-action@3.1.0 - name: Docker meta id: meta uses: docker/metadata-action@v3 with: images: thecodingmachine/workadventure-back - name: Build and push uses: docker/build-push-action@v2 with: context: . file: back/Dockerfile platforms: linux/amd64,linux/arm64 push: true tags: thecodingmachine/workadventure-back:${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} labels: ${{ steps.meta.outputs.labels }} build-pusher: if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Setup NodeJS uses: actions/setup-node@v2 with: node-version: '14' # messages - name: Install messages dependencies run: yarn install working-directory: messages - name: Build proto messages run: yarn run proto && yarn run copy-to-pusher && yarn run json-copy-to-pusher working-directory: messages # docker - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - uses: rlespinasse/github-slug-action@3.1.0 - name: Docker meta id: meta uses: docker/metadata-action@v3 with: images: thecodingmachine/workadventure-pusher - name: Build and push uses: docker/build-push-action@v2 with: context: . file: pusher/Dockerfile platforms: linux/amd64,linux/arm64 push: true tags: thecodingmachine/workadventure-pusher:${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} labels: ${{ steps.meta.outputs.labels }} build-uploader: if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} runs-on: ubuntu-latest steps: - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - uses: rlespinasse/github-slug-action@3.1.0 - name: Docker meta id: meta uses: docker/metadata-action@v3 with: images: thecodingmachine/workadventure-uploader - name: Build and push uses: docker/build-push-action@v2 with: file: uploader/Dockerfile push: true tags: thecodingmachine/workadventure-uploader:${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} labels: ${{ steps.meta.outputs.labels }} build-maps: if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - uses: rlespinasse/github-slug-action@3.1.0 - name: Docker meta id: meta uses: docker/metadata-action@v3 with: images: thecodingmachine/workadventure-maps - name: Build and push uses: docker/build-push-action@v2 with: context: maps/ file: maps/Dockerfile push: true tags: thecodingmachine/workadventure-maps:${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} labels: ${{ steps.meta.outputs.labels }} deeploy: needs: - build-front - build-back - build-pusher - build-maps - build-uploader runs-on: ubuntu-latest if: ${{ github.event_name == 'push' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} steps: - name: Checkout uses: actions/checkout@v2 # Create a slugified value of the branch - uses: rlespinasse/github-slug-action@3.1.0 - name: Set ADMIN_URL if "deploy-connect-to-admin" label is set run: echo "ADMIN_API_URL=https://${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}.test.workadventu.re" >> $GITHUB_ENV if: ${{ github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy-connect-to-admin') }} - name: Write certificate run: echo "${CERTS_PRIVATE_KEY}" > secret.key && chmod 0600 secret.key env: CERTS_PRIVATE_KEY: ${{ secrets.CERTS_PRIVATE_KEY }} - name: Download certificate run: mkdir secrets && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i secret.key ubuntu@cert.workadventu.re:./config/live/workadventu.re/* secrets/ - name: Create namespace uses: steebchen/kubectl@v1.0.0 env: KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }} with: args: create namespace workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} continue-on-error: true - name: Delete old certificates in namespace uses: steebchen/kubectl@v1.0.0 env: KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }} with: args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} delete secret certificate-tls continue-on-error: true - name: Install certificates in namespace uses: steebchen/kubectl@v1.0.0 env: KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }} with: args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} create secret tls certificate-tls --key="secrets/privkey.pem" --cert="secrets/fullchain.pem" - name: Deploy uses: thecodingmachine/deeployer-action@master env: KUBE_CONFIG_FILE: ${{ secrets.KUBE_CONFIG_FILE }} ADMIN_API_TOKEN: ${{ secrets.ADMIN_API_TOKEN }} ADMIN_SOCKETS_TOKEN: ${{ secrets.ADMIN_SOCKETS_TOKEN }} JITSI_ISS: ${{ secrets.JITSI_ISS }} JITSI_URL: ${{ secrets.JITSI_URL }} SECRET_JITSI_KEY: ${{ secrets.SECRET_JITSI_KEY }} TURN_STATIC_AUTH_SECRET: ${{ secrets.TURN_STATIC_AUTH_SECRET }} DEPLOY_REF: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} POSTHOG_API_KEY: ${{ secrets.POSTHOG_API_KEY }} POSTHOG_URL: ${{ secrets.POSTHOG_URL }} with: namespace: workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} - name: Add a comment in PR uses: unsplash/comment-on-pr@v1.2.0 if: ${{ github.event_name == 'pull_request' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: msg: "Environment deployed at https://play-${{ env.GITHUB_HEAD_REF_SLUG }}.test.workadventu.re \nTests available at https://maps-${{ env.GITHUB_HEAD_REF_SLUG }}.test.workadventu.re/tests"