deploy #40
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| on: | |
| workflow_dispatch: | |
| concurrency: | |
| group: deploy-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| ecr: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 | |
| with: | |
| global-json-file: global.json | |
| - name: Restore dependencies | |
| run: dotnet restore | |
| - name: Install dotnet sql package | |
| run: dotnet tool install --global microsoft.sqlpackage --version 170.3.93 | |
| - name: Build | |
| run: dotnet build --configuration Release --no-restore | |
| - name: Test | |
| run: dotnet test --configuration Release --no-build --verbosity normal | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@56d6a583f00f6bad6d19d91d53a7bc3b8143d0e9 | |
| with: | |
| role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }} | |
| aws-region: ${{ vars.ECR_REGION }} | |
| - name: Login to ECR | |
| uses: aws-actions/amazon-ecr-login@33f92af657bba1882ab79d8621debd2f6769a0c9 | |
| id: login-ecr | |
| - name: Build and Push Server.UI Container | |
| run: | | |
| dotnet publish src/Server.UI/Server.UI.csproj \ | |
| --configuration Release \ | |
| --no-build \ | |
| /t:PublishContainer \ | |
| /p:ContainerRegistry=${{ steps.login-ecr.outputs.registry }} \ | |
| /p:ContainerRepository=${{ vars.ECR_REPOSITORY }} \ | |
| /p:ContainerImageTag=cats-${{ github.sha }} | |
| - name: Build and Push Worker Container | |
| run: | | |
| dotnet publish src/Worker/Worker.csproj \ | |
| --configuration Release \ | |
| --no-build \ | |
| /t:PublishContainer \ | |
| /p:ContainerRegistry=${{ steps.login-ecr.outputs.registry }} \ | |
| /p:ContainerRepository=${{ vars.ECR_REPOSITORY }} \ | |
| /p:ContainerImageTag=worker-${{ github.sha }} | |
| - name: Build and Push DatabaseSeeding Container | |
| run: | | |
| dotnet publish src/DatabaseSeeding/DatabaseSeeding.csproj \ | |
| --configuration Release \ | |
| --no-build \ | |
| /t:PublishContainer \ | |
| /p:ContainerRegistry=${{ steps.login-ecr.outputs.registry }} \ | |
| /p:ContainerRepository=${{ vars.ECR_REPOSITORY }} \ | |
| /p:ContainerImageTag=seeder-${{ github.sha }} | |
| - name: Build and Push DatabaseMigrator Container | |
| run: | | |
| docker build \ | |
| -f src/Database/Dockerfile \ | |
| -t ${{ steps.login-ecr.outputs.registry }}/${{ vars.ECR_REPOSITORY }}:migrator-${{ github.sha }} \ | |
| . | |
| docker push ${{ steps.login-ecr.outputs.registry }}/${{ vars.ECR_REPOSITORY }}:migrator-${{ github.sha }} | |
| - name: Generate app version | |
| id: version | |
| run: echo "app_version=$(date +'%Y.%m').${{ github.run_number }}" >> $GITHUB_OUTPUT | |
| - name: Generate Kubernetes Manifests | |
| run: | | |
| mkdir -p deploy | |
| for file in infra/*.yml; do | |
| envsubst < "$file" > "deploy/$(basename "$file")" | |
| done | |
| env: | |
| IMAGE_TAG: ${{ github.sha }} | |
| APP_VERSION: ${{ steps.version.outputs.app_version }} | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: ${{ vars.ECR_REPOSITORY }} | |
| NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| DOTNET_ENVIRONMENT: "Development" | |
| - name: Configure kubectl | |
| run: | | |
| echo "${{ secrets.KUBE_CERT }}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${{ secrets.KUBE_TOKEN }} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| - name: Run database migration | |
| run: | | |
| kubectl -n ${KUBE_NAMESPACE} delete pod -l app=migrator --wait=false || true | |
| kubectl -n ${KUBE_NAMESPACE} apply -f deploy/migrator-pod.yml | |
| if ! kubectl -n ${KUBE_NAMESPACE} wait --for=jsonpath='{.status.phase}'=Succeeded --timeout=300s pod/migrator-${{ github.sha }}; then | |
| echo "Migration pod did not succeed within timeout." | |
| kubectl -n ${KUBE_NAMESPACE} describe pod/migrator-${{ github.sha }} || true | |
| exit 1 | |
| fi | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| - name: Run database seeding | |
| run: | | |
| kubectl -n ${KUBE_NAMESPACE} delete pod -l app=seeder --wait=false || true | |
| kubectl -n ${KUBE_NAMESPACE} apply -f deploy/seeder-pod.yml | |
| if ! kubectl -n ${KUBE_NAMESPACE} wait --for=jsonpath='{.status.phase}'=Succeeded --timeout=300s pod/seeder-${{ github.sha }}; then | |
| echo "Seeder pod did not succeed within timeout." | |
| kubectl -n ${KUBE_NAMESPACE} describe pod/seeder-${{ github.sha }} || true | |
| exit 1 | |
| fi | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| - name: Deploy to Kubernetes | |
| run: | | |
| rm -f deploy/migrator-pod.yml deploy/seeder-pod.yml | |
| kubectl -n ${KUBE_NAMESPACE} apply -f deploy/ | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} |