205 lines
7.5 KiB
YAML
205 lines
7.5 KiB
YAML
name: Build, push and deploy Docker image
|
|
|
|
on:
|
|
push:
|
|
branches: [master, develop]
|
|
release:
|
|
types: [created]
|
|
pull_request:
|
|
types: [ labeled, synchronize ]
|
|
|
|
|
|
# Enables BuildKit
|
|
env:
|
|
DOCKER_BUILDKIT: 1
|
|
|
|
jobs:
|
|
|
|
build-front:
|
|
if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
|
|
# Create a slugified value of the branch
|
|
- uses: rlespinasse/github-slug-action@3.1.0
|
|
|
|
- name: "Build and push front image"
|
|
uses: docker/build-push-action@v1
|
|
with:
|
|
dockerfile: front/Dockerfile
|
|
path: ./
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
repository: thecodingmachine/workadventure-front
|
|
tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
add_git_labels: true
|
|
|
|
build-back:
|
|
if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
# Create a slugified value of the branch
|
|
- uses: rlespinasse/github-slug-action@3.1.0
|
|
|
|
- name: "Build and push back image"
|
|
uses: docker/build-push-action@v1
|
|
with:
|
|
dockerfile: back/Dockerfile
|
|
path: ./
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
repository: thecodingmachine/workadventure-back
|
|
tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
add_git_labels: true
|
|
|
|
build-pusher:
|
|
if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
# Create a slugified value of the branch
|
|
- uses: rlespinasse/github-slug-action@3.1.0
|
|
|
|
- name: "Build and push back image"
|
|
uses: docker/build-push-action@v1
|
|
with:
|
|
dockerfile: pusher/Dockerfile
|
|
path: ./
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
repository: thecodingmachine/workadventure-pusher
|
|
tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
add_git_labels: true
|
|
|
|
build-uploader:
|
|
if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
# Create a slugified value of the branch
|
|
- uses: rlespinasse/github-slug-action@3.1.0
|
|
|
|
- name: "Build and push back image"
|
|
uses: docker/build-push-action@v1
|
|
with:
|
|
dockerfile: uploader/Dockerfile
|
|
path: ./
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
repository: thecodingmachine/workadventure-uploader
|
|
tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
add_git_labels: true
|
|
|
|
build-maps:
|
|
if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
|
|
# Create a slugified value of the branch
|
|
- uses: rlespinasse/github-slug-action@3.1.0
|
|
|
|
- name: "Build and push front image"
|
|
uses: docker/build-push-action@v1
|
|
with:
|
|
dockerfile: maps/Dockerfile
|
|
path: maps/
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
repository: thecodingmachine/workadventure-maps
|
|
tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
add_git_labels: true
|
|
|
|
deeploy:
|
|
needs:
|
|
- build-front
|
|
- build-back
|
|
- build-pusher
|
|
- build-maps
|
|
- build-uploader
|
|
runs-on: ubuntu-latest
|
|
if: ${{ github.event_name == 'push' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
# Create a slugified value of the branch
|
|
- uses: rlespinasse/github-slug-action@3.1.0
|
|
|
|
- name: Write certificate
|
|
run: echo "${CERTS_PRIVATE_KEY}" > secret.key && chmod 0600 secret.key
|
|
env:
|
|
CERTS_PRIVATE_KEY: ${{ secrets.CERTS_PRIVATE_KEY }}
|
|
|
|
- name: Download certificate
|
|
run: mkdir secrets && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i secret.key ubuntu@cert.workadventu.re:./config/live/workadventu.re/* secrets/
|
|
|
|
- name: Create namespace
|
|
uses: steebchen/kubectl@v1.0.0
|
|
env:
|
|
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }}
|
|
with:
|
|
args: create namespace workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
continue-on-error: true
|
|
|
|
- name: Delete old certificates in namespace
|
|
uses: steebchen/kubectl@v1.0.0
|
|
env:
|
|
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }}
|
|
with:
|
|
args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} delete secret certificate-tls
|
|
continue-on-error: true
|
|
|
|
- name: Install certificates in namespace
|
|
uses: steebchen/kubectl@v1.0.0
|
|
env:
|
|
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }}
|
|
with:
|
|
args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} create secret tls certificate-tls --key="secrets/privkey.pem" --cert="secrets/fullchain.pem"
|
|
|
|
- name: Deploy
|
|
uses: thecodingmachine/deeployer-action@master
|
|
env:
|
|
KUBE_CONFIG_FILE: ${{ secrets.KUBE_CONFIG_FILE }}
|
|
ADMIN_API_TOKEN: ${{ secrets.ADMIN_API_TOKEN }}
|
|
JITSI_ISS: ${{ secrets.JITSI_ISS }}
|
|
JITSI_URL: ${{ secrets.JITSI_URL }}
|
|
SECRET_JITSI_KEY: ${{ secrets.SECRET_JITSI_KEY }}
|
|
TURN_STATIC_AUTH_SECRET: ${{ secrets.TURN_STATIC_AUTH_SECRET }}
|
|
DEPLOY_REF: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
POSTHOG_API_KEY: ${{ secrets.POSTHOG_API_KEY }}
|
|
POSTHOG_URL: ${{ secrets.POSTHOG_URL }}
|
|
with:
|
|
namespace: workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
|
|
|
|
- name: Add a comment in PR
|
|
uses: unsplash/comment-on-pr@v1.2.0
|
|
if: ${{ github.event_name == 'pull_request' }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
msg: "Environment deployed at https://play-${{ env.GITHUB_HEAD_REF_SLUG }}.test.workadventu.re \nTests available at https://maps-${{ env.GITHUB_HEAD_REF_SLUG }}.test.workadventu.re/tests"
|