Dev (#1968) #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Frontend Foss Deployment | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - dev | |
| paths: | |
| - frontend/** | |
| # Disable previous workflows for this action. | |
| concurrency: | |
| group: ${{ github.workflow }} #-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Cache node modules | |
| uses: actions/cache@v1 | |
| with: | |
| path: node_modules | |
| key: ${{ runner.OS }}-build-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.OS }}-build- | |
| ${{ runner.OS }}- | |
| - name: Docker login | |
| run: | | |
| docker login ${{ secrets.EE_REGISTRY_URL }} -u ${{ secrets.EE_DOCKER_USERNAME }} -p "${{ secrets.EE_REGISTRY_TOKEN }}" | |
| - uses: azure/k8s-set-context@v1 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.OSS_KUBECONFIG }} # Use content of kubeconfig in secret. | |
| id: setcontext | |
| - name: Building and Pushing frontend image | |
| id: build-image | |
| env: | |
| DOCKER_REPO: ${{ secrets.OSS_REGISTRY_URL }} | |
| IMAGE_TAG: ${{ github.ref_name }}_${{ github.sha }} | |
| ENVIRONMENT: staging | |
| run: | | |
| set -x | |
| cd frontend | |
| mv .env.sample .env | |
| docker run --rm -v /etc/passwd:/etc/passwd -u `id -u`:`id -g` -v $(pwd):/home/${USER} -w /home/${USER} --name node_build node:18-slim /bin/bash -c "yarn && yarn build" | |
| # https://github.com/docker/cli/issues/1134#issuecomment-613516912 | |
| DOCKER_BUILDKIT=1 docker build --target=cicd -t $DOCKER_REPO/frontend:${IMAGE_TAG} . | |
| docker tag $DOCKER_REPO/frontend:${IMAGE_TAG} $DOCKER_REPO/frontend:${IMAGE_TAG}-ee | |
| docker push $DOCKER_REPO/frontend:${IMAGE_TAG} | |
| docker push $DOCKER_REPO/frontend:${IMAGE_TAG}-ee | |
| - name: Deploy to kubernetes foss | |
| run: | | |
| cd scripts/helmcharts/ | |
| set -x | |
| cat <<EOF>>/tmp/image_override.yaml | |
| frontend: | |
| image: | |
| tag: ${IMAGE_TAG} | |
| EOF | |
| ## Update secerts | |
| sed -i "s#openReplayContainerRegistry.*#openReplayContainerRegistry: \"${{ secrets.OSS_REGISTRY_URL }}\"#g" vars.yaml | |
| sed -i "s/postgresqlPassword: \"changeMePassword\"/postgresqlPassword: \"${{ secrets.OSS_PG_PASSWORD }}\"/g" vars.yaml | |
| sed -i "s/accessKey: \"changeMeMinioAccessKey\"/accessKey: \"${{ secrets.OSS_MINIO_ACCESS_KEY }}\"/g" vars.yaml | |
| sed -i "s/secretKey: \"changeMeMinioPassword\"/secretKey: \"${{ secrets.OSS_MINIO_SECRET_KEY }}\"/g" vars.yaml | |
| sed -i "s/jwt_secret: \"SetARandomStringHere\"/jwt_secret: \"${{ secrets.OSS_JWT_SECRET }}\"/g" vars.yaml | |
| sed -i "s/domainName: \"\"/domainName: \"${{ secrets.OSS_DOMAIN_NAME }}\"/g" vars.yaml | |
| # Update changed image tag | |
| sed -i "/frontend/{n;n;s/.*/ tag: ${IMAGE_TAG}/}" /tmp/image_override.yaml | |
| cat /tmp/image_override.yaml | |
| # Deploy command | |
| mv openreplay/charts/{ingress-nginx,frontend,quickwit} /tmp | |
| rm -rf openreplay/charts/* | |
| mv /tmp/{ingress-nginx,frontend,quickwit} openreplay/charts/ | |
| helm template openreplay -n app openreplay -f vars.yaml -f /tmp/image_override.yaml --set ingress-nginx.enabled=false --set skipMigration=true --no-hooks | kubectl apply -n app -f - | |
| env: | |
| DOCKER_REPO: ${{ secrets.OSS_REGISTRY_URL }} | |
| IMAGE_TAG: ${{ github.ref_name }}_${{ github.sha }} | |
| ENVIRONMENT: staging | |
| ### Enterprise code deployment | |
| - uses: azure/k8s-set-context@v1 | |
| with: | |
| method: kubeconfig | |
| kubeconfig: ${{ secrets.EE_KUBECONFIG }} # Use content of kubeconfig in secret. | |
| id: setcontextee | |
| - name: Resetting vars file | |
| run: | | |
| git checkout -- scripts/helmcharts/vars.yaml | |
| - name: Deploy to kubernetes ee | |
| run: | | |
| cd scripts/helmcharts/ | |
| cat <<EOF>/tmp/image_override.yaml | |
| frontend: | |
| image: | |
| # We've to strip off the -ee, as helm will append it. | |
| tag: ${IMAGE_TAG} | |
| EOF | |
| ## Update secerts | |
| sed -i "s#openReplayContainerRegistry.*#openReplayContainerRegistry: \"${{ secrets.OSS_REGISTRY_URL }}\"#g" vars.yaml | |
| sed -i "s/postgresqlPassword: \"changeMePassword\"/postgresqlPassword: \"${{ secrets.EE_PG_PASSWORD }}\"/g" vars.yaml | |
| sed -i "s/accessKey: \"changeMeMinioAccessKey\"/accessKey: \"${{ secrets.EE_MINIO_ACCESS_KEY }}\"/g" vars.yaml | |
| sed -i "s/secretKey: \"changeMeMinioPassword\"/secretKey: \"${{ secrets.EE_MINIO_SECRET_KEY }}\"/g" vars.yaml | |
| sed -i "s/jwt_secret: \"SetARandomStringHere\"/jwt_secret: \"${{ secrets.EE_JWT_SECRET }}\"/g" vars.yaml | |
| sed -i "s/domainName: \"\"/domainName: \"${{ secrets.EE_DOMAIN_NAME }}\"/g" vars.yaml | |
| sed -i "s/enterpriseEditionLicense: \"\"/enterpriseEditionLicense: \"${{ secrets.EE_LICENSE_KEY }}\"/g" vars.yaml | |
| # Update changed image tag | |
| sed -i "/frontend/{n;n;n;s/.*/ tag: ${IMAGE_TAG}/}" /tmp/image_override.yaml | |
| cat /tmp/image_override.yaml | |
| # Deploy command | |
| mv openreplay/charts/{ingress-nginx,frontend,quickwit} /tmp | |
| rm -rf openreplay/charts/* | |
| mv /tmp/{ingress-nginx,frontend,quickwit} openreplay/charts/ | |
| helm template openreplay -n app openreplay -f vars.yaml -f /tmp/image_override.yaml --set ingress-nginx.enabled=false --set skipMigration=true --no-hooks | kubectl apply -n app -f - | |
| env: | |
| DOCKER_REPO: ${{ secrets.EE_REGISTRY_URL }} | |
| # We're not passing -ee flag, because helm will add that. | |
| IMAGE_TAG: ${{ github.ref_name }}_${{ github.sha }} | |
| ENVIRONMENT: staging | |
| # - name: Debug Job | |
| # if: ${{ failure() }} | |
| # uses: mxschmitt/action-tmate@v3 | |
| # env: | |
| # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # AWS_REGION: eu-central-1 | |
| # AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }} |