Globals release 29 Oct 2024 #474
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build DC-analytics image, deploy it to GCR. Run GKE. Run DC-analytics in GKE | |
on: | |
push: | |
branches: | |
- master | |
release: | |
types: | |
- published | |
# Environment variables. | |
# ${{ secrets }} are taken from GitHub -> Settings -> Secrets | |
# ${{ github.sha }} is the commit hash | |
env: | |
PROJECT_ID: iris-community-demos | |
SERVICE_ACCOUNT_KEY: ${{ secrets.SERVICE_ACCOUNT_KEY }} | |
GOOGLE_CREDENTIALS: ${{ secrets.TF_SERVICE_ACCOUNT_KEY }} | |
GITHUB_SHA: ${{ github.sha }} | |
GCR_LOCATION: eu.gcr.io | |
IMAGE_NAME: dc-analytics-image | |
GKE_CLUSTER: dc-analytics-cluster | |
GKE_ZONE: europe-west1-b | |
K8S_NAMESPACE: iris | |
STATEFULSET_NAME: dc-analytics | |
jobs: | |
gcloud-setup-and-build-and-publish-to-GCR: | |
name: Setup gcloud utility, Build DC-ANALYTICS image and Publish it to Container Registry | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Google Authentication | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.SERVICE_ACCOUNT_KEY }} | |
- name: Setup gcloud cli | |
uses: google-github-actions/[email protected] | |
with: | |
version: '496.0.0' | |
- name: Configure docker to use the gcloud as a credential helper | |
run: | | |
gcloud --quiet auth configure-docker | |
- name: Build DC-ANALYTICS image | |
working-directory: iris | |
run: | | |
docker build -t ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA} . | |
- name: Publish DC-ANALYTICS image to Google Container Registry | |
working-directory: iris | |
run: | | |
docker push ${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}:${GITHUB_SHA} | |
# gke-provisioner: | |
# # Inspired by: | |
# ## https://www.terraform.io/docs/github-actions/getting-started.html | |
# ## https://github.com/hashicorp/terraform-github-actions | |
# name: Provision GKE cluster | |
# runs-on: ubuntu-20.04 | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@v3 | |
# - name: Terraform init | |
# uses: hashicorp/terraform-github-actions@master | |
# with: | |
# tf_actions_version: 0.12.17 | |
# tf_actions_subcommand: 'init' | |
# tf_actions_working_dir: 'terraform' | |
# - name: Terraform validate | |
# uses: hashicorp/terraform-github-actions@master | |
# with: | |
# tf_actions_version: 0.12.17 | |
# tf_actions_subcommand: 'validate' | |
# tf_actions_working_dir: 'terraform' | |
# - name: Terraform plan | |
# uses: hashicorp/terraform-github-actions@master | |
# with: | |
# tf_actions_version: 0.12.17 | |
# tf_actions_subcommand: 'plan' | |
# tf_actions_working_dir: 'terraform' | |
# - name: Terraform apply | |
# uses: hashicorp/terraform-github-actions@master | |
# with: | |
# tf_actions_version: 0.12.17 | |
# tf_actions_subcommand: 'apply' | |
# tf_actions_working_dir: 'terraform' | |
kubernetes-deploy: | |
name: Deploy Kubernetes manifests to GKE cluster | |
needs: | |
- gcloud-setup-and-build-and-publish-to-GCR | |
# - gke-provisioner | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Replace placeholders with values in statefulset template | |
working-directory: ./k8s/ | |
run: | | |
cat statefulset.tpl |\ | |
sed "s|DOCKER_REPO_NAME|${GCR_LOCATION}/${PROJECT_ID}/${IMAGE_NAME}|" |\ | |
sed "s|DOCKER_IMAGE_TAG|${GITHUB_SHA}|" > statefulset.yaml | |
cat statefulset.yaml | |
- name: Google Authentication | |
uses: google-github-actions/[email protected] | |
with: | |
credentials_json: ${{ secrets.SERVICE_ACCOUNT_KEY }} | |
- name: Setup gcloud cli | |
uses: google-github-actions/[email protected] | |
with: | |
version: '496.0.0' | |
- name: Apply Kubernetes manifests | |
working-directory: ./k8s/ | |
run: | | |
gcloud components install gke-gcloud-auth-plugin | |
export USE_GKE_GCLOUD_AUTH_PLUGIN=True | |
gcloud container clusters get-credentials ${GKE_CLUSTER} --zone ${GKE_ZONE} --project ${PROJECT_ID} | |
kubectl apply -f namespace.yaml | |
kubectl apply -f managed-certificate.yaml | |
kubectl apply -f service.yaml | |
kubectl apply -f ingress.yaml | |
kubectl apply -f statefulset.yaml | |
kubectl -n ${K8S_NAMESPACE} rollout status statefulset/${STATEFULSET_NAME} |