Update k8s to enable HTTP ingress to the service #173
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Node.js CI | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
HUSKY: 0 | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
lint: | |
name: ESLint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- run: npm ci | |
- name: Lint | |
run: npm run lint | |
typecheck: | |
name: TypeScript | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- run: npm ci | |
- name: Type check | |
run: npm run typecheck --if-present | |
vitest: | |
name: Vitest | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- run: npm ci | |
- name: Run vitest | |
run: npm run test | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Tag Build | |
uses: docker/metadata-action@v5 | |
id: meta | |
with: | |
images: ghcr.io/${{ github.repository }} | |
# Only tag with latest if we're on main | |
tags: | | |
type=ref,event=pr | |
type=ref,event=branch | |
type=sha | |
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
- name: Build and push Docker images | |
uses: docker/build-push-action@v6 | |
with: | |
push: ${{github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/feature/actions'}} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=registry,ref=user/app:buildcache | |
cache-to: type=registry,ref=user/app:buildcache,mode=max | |
deployment: | |
needs: build | |
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/feature/actions' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout to branch | |
uses: actions/checkout@v4 | |
- name: Tag Build | |
uses: docker/metadata-action@v5 | |
id: meta | |
with: | |
images: ghcr.io/${{ github.repository }} | |
tags: | | |
type=sha | |
- name: Create build context for k8s deployment | |
# There should only be 1 tag, so 'join' will just produce a simple string | |
run: | | |
touch k8s-context | |
echo IMAGE=${{ join(steps.meta.outputs.tags, '') }} > k8s-context | |
cat k8s-context | |
- name: Set up kubectl | |
uses: matootie/[email protected] | |
with: | |
personalAccessToken: ${{ secrets.DIGITALOCEAN_TOKEN }} | |
clusterName: k8s-rf | |
- name: Deploy app | |
run: | | |
kubectl diff -k . || echo \n | |
kubectl delete secret modbot-env || echo \n | |
kubectl create secret generic modbot-env \ | |
--from-literal=SESSION_SECRET=${{ secrets.SESSION_SECRET }} \ | |
--from-literal=DISCORD_PUBLIC_KEY=${{ secrets.DISCORD_PUBLIC_KEY }} \ | |
--from-literal=DISCORD_APP_ID=${{ secrets.DISCORD_APP_ID }} \ | |
--from-literal=DISCORD_SECRET=${{ secrets.DISCORD_SECRET }} \ | |
--from-literal=DISCORD_HASH=${{ secrets.DISCORD_HASH }} \ | |
--from-literal=DISCORD_TEST_GUILD=${{ secrets.DISCORD_TEST_GUILD }} \ | |
--from-literal=DATABASE_URL=${{ secrets.DATABASE_URL }} | |
kubectl apply -k . | |
- name: Set Sentry release | |
run: | | |
curl ${{secrets.SENTRY_RELEASES}} \ | |
-X POST \ | |
-H 'Content-Type: application/json' \ | |
-d '{"version": "${{github.sha}}"}' |