-
Notifications
You must be signed in to change notification settings - Fork 1
166 lines (137 loc) · 5.61 KB
/
prod-ci-cd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: prod-ci-cd
on:
push:
tags:
- '[0-9]+.[0-9]+.[0-9]+' # Follow semantic versioning
- '[0-9]+.[0-9]+.[0-9]+-hotfix[0-9]' # For hotfix
workflow_dispatch: # for manual trigger
permissions:
contents: write
id-token: write
jobs:
backend-ci:
runs-on: ubuntu-latest
services:
postgresql:
image: postgis/postgis:14-3.4-alpine
ports:
- 15432:5432
env:
POSTGRES_USER: test
POSTGRES_PASSWORD: test
POSTGRES_DB: scc_test
defaults:
run:
working-directory: app-server
steps:
- uses: actions/checkout@v3
- name: Set RELEASE_VERSION
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: adopt
java-version: 19
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
# https://github.com/actions/cache/blob/main/examples.md#java---gradle
- uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Gradle Check
run: ./gradlew clean check
- uses: actions/upload-artifact@v3
name: Upload Check Report If Failed
if: failure()
with:
name: test report
path: "**/build/reports"
retention-days: 1
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::291889421067:role/github-action-ci-cd
aws-region: ap-northeast-2
- name: Build and Push Docker Image
run: ./gradlew jib -Pversion=$RELEASE_VERSION
- name: Notify CI failure to slack
if: failure()
run: |
CURRENT_GITHUB_ACTION_RUN_URL="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
curl -X POST -H 'Content-type: application/json' --data "{\"attachments\":[{\"color\":\"#FF0000\",\"title\":\"[PROD] Backend CI Failed\", \"text\":\"<!subteam^S052B9W7129> (<$CURRENT_GITHUB_ACTION_RUN_URL|github action run url>)\"}]}" ${{ secrets.SLACK_URL_SCC_SERVER_CHANNEL }} -v
cd:
runs-on: ubuntu-latest
needs:
- backend-ci
steps:
- uses: actions/checkout@v3
- name: Set RELEASE_VERSION
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Notify CD start to slack
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}"
curl -X POST -H 'Content-type: application/json' --data "{\"attachments\":[{\"color\":\"#46AE74\",\"title\":\"[PROD] Scc-Server Deploy Started\", \"text\":\"version - $RELEASE_VERSION\"}]}" ${{ secrets.SLACK_URL_SCC_SERVER_CHANNEL }} -v
- name: Install kubeconfig
env:
SCC_K3S_KUBECONFIG: ${{ secrets.SCC_K3S_KUBECONFIG }}
run: |
mkdir -p ~/.kube && echo "$SCC_K3S_KUBECONFIG" > ~/.kube/config
- uses: azure/setup-helm@v1
with:
version: '3.8.2'
id: install-helm
- uses: azure/setup-kubectl@v3
with:
version: 'v1.24.1'
id: install-kubectl
- name: Update image tag for scc-server
uses: mikefarah/yq@master
with:
cmd: yq -i '.image.tag = strenv(RELEASE_VERSION)' 'infra/helm/scc-server/values-prod.yaml'
- name: Upgrade scc-server helm chart
working-directory: infra/helm/scc-server
run: |
helm upgrade --install --namespace scc -f values-prod.yaml scc-server ./
- name: Wait for scc-server rollout
timeout-minutes: 10
run: |
kubectl rollout status deployment scc-server -n scc
- name: Notify CD failure to slack
if: failure()
run: |
CURRENT_GITHUB_ACTION_RUN_URL="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
curl -X POST -H 'Content-type: application/json' --data "{\"attachments\":[{\"color\":\"#FF0000\",\"title\":\"[PROD] Scc-Server Deployment Failed\", \"text\":\"<!subteam^S052B9W7129> (<$CURRENT_GITHUB_ACTION_RUN_URL|github action run url>)\"}]}" ${{ secrets.SLACK_URL_SCC_SERVER_CHANNEL }} -v
- name: Notify CD success to slack
if: success()
run: |
CURRENT_GITHUB_ACTION_RUN_URL="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
curl -X POST -H 'Content-type: application/json' --data "{\"attachments\":[{\"color\":\"#0000FF\",\"title\":\"[PROD] Scc-Server Deploy Success\"}]}" ${{ secrets.SLACK_URL_SCC_SERVER_CHANNEL }} -v
update-main-branch:
runs-on: ubuntu-latest
needs:
- cd
steps:
- uses: actions/checkout@v3
- name: Set RELEASE_VERSION
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- uses: actions/checkout@v3
with:
ref: refs/heads/main
token: ${{ secrets.STAIRCRUSHERCLUB_ACCOUNT_GH_TOKEN }}
- name: Update image tag for scc-server
uses: mikefarah/yq@master
with:
cmd: yq -i '.image.tag = strenv(RELEASE_VERSION)' 'infra/helm/scc-server/values-prod.yaml'
- name: Commit and push image tag for main branch
run: |
git config --global user.email "[email protected]"
git config --global user.name "Stair-Crusher-Club"
git diff
git add .
git commit -m "[skip ci] Prod deploy: $RELEASE_VERSION"
git push