Skip to content

Commit e19c7c0

Browse files
ben851ben851
authored
API using staging vpn (#2202)
* API using staging vpn * Pinning to sha * Adding SA token * VPN update * Adding celeries
1 parent ac0d64f commit e19c7c0

File tree

1 file changed

+45
-2
lines changed

1 file changed

+45
-2
lines changed

.github/workflows/docker.yaml

Lines changed: 45 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ env:
1010
DOCKER_SLUG: public.ecr.aws/v6b8u5o6/notify-api
1111
KUBECTL_VERSION: '1.23.6'
1212
WORKFLOW_PAT: ${{ secrets.WORKFLOW_GITHUB_PAT }}
13+
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
1314

1415
permissions:
1516
id-token: write # This is required for requesting the OIDC JWT
@@ -55,9 +56,51 @@ jobs:
5556
run: |
5657
docker push $DOCKER_SLUG:latest && docker push $DOCKER_SLUG:${GITHUB_SHA::7}
5758
58-
- name: Rollout in Kubernetes
59+
- name: Configure AWS credentials
60+
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0
61+
with:
62+
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
63+
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
64+
aws-region: ca-central-1
65+
66+
- name: Install OpenVPN
67+
run: |
68+
sudo apt update
69+
sudo apt install -y openvpn openvpn-systemd-resolved
70+
71+
- name: Install 1Pass CLI
72+
run: |
73+
curl -o 1pass.deb https://downloads.1password.com/linux/debian/amd64/stable/1password-cli-amd64-latest.deb
74+
sudo dpkg -i 1pass.deb
75+
76+
- name: One Password Fetch
5977
run: |
60-
./scripts/callManifestsRollout.sh ${GITHUB_SHA::7}
78+
op read op://4eyyuwddp6w4vxlabrr2i2duxm/"Staging Github Actions VPN"/notesPlain > /var/tmp/staging.ovpn
79+
80+
- name: Connect to VPN
81+
uses: "kota65535/github-openvpn-connect-action@cd2ed8a90cc7b060dc4e001143e811b5f7ea0af5"
82+
with:
83+
config_file: /var/tmp/staging.ovpn
84+
client_key: ${{ secrets.STAGING_OVPN_CLIENT_KEY }}
85+
echo_config: false
86+
87+
- name: Configure kubeconfig
88+
run: |
89+
aws eks update-kubeconfig --name notification-canada-ca-staging-eks-cluster
90+
91+
- name: Update images in staging
92+
run: |
93+
DOCKER_TAG=${GITHUB_SHA::7}
94+
kubectl set image deployment.apps/api api=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
95+
kubectl set image deployment.apps/celery-beat celery-beat=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
96+
kubectl set image deployment.apps/celery-sms celery-sms=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
97+
kubectl set image deployment.apps/celery-primary celery-primary=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
98+
kubectl set image deployment.apps/celery-scalable celery-scalable=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
99+
kubectl set image deployment.apps/celery-sms-send-primary celery-sms-send-primary=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
100+
kubectl set image deployment.apps/celery-sms-send-scalable celery-sms-send-scalable=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
101+
kubectl set image deployment.apps/celery-email-send-primary celery-email-send-primary=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
102+
kubectl set image deployment.apps/celery-email-send-scalable celery-email-send-scalable=$DOCKER_SLUG:$DOCKER_TAG -n=notification-canada-ca --kubeconfig=$HOME/.kube/config
103+
61104
62105
- name: my-app-install token
63106
id: notify-pr-bot

0 commit comments

Comments
 (0)