servala/servala-portal
3
0
Fork 0
Code Issues 22 Pull requests 1 Projects 1 Releases Packages 2 Activity Actions
servala-portal/.forgejo/workflows/build-deploy-prod.yaml
Renovate Bot 9ee826eb50 Update docker/build-push-action action to v6
2025-05-27 13:17:06 +00:00

128 lines
4.3 KiB
YAML
Raw Blame History

name: Build and Deploy Production
on:
push:
tags:
- "*"
paths:
- "deployment/**"
- "docker/**"
- "src/**"
- "Dockerfile"
- "pyproject.toml"
- "uv.lock"
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.CONTAINER_REGISTRY }}
username: ${{ secrets.CONTAINER_REGISTRY_USERNAME }}
password: ${{ secrets.CONTAINER_REGISTRY_TOKEN }}
- name: Determine image tag
id: determine-tag
run: |
case "${{ github.ref }}" in
refs/tags/*)
TAG_NAME=${{ github.ref }}
TAG_NAME=${TAG_NAME##*/}
echo "::set-output name=tag::${TAG_NAME}"
;;
*)
echo "Unsupported ref: ${{ github.ref }}"
exit 1
;;
esac
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ vars.CONTAINER_REGISTRY }}/${{ vars.CONTAINER_IMAGE_NAME }}:${{ steps.determine-tag.outputs.tag }}
cache-from: type=gha
cache-to: type=gha,mode=max
deploy:
needs: build
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-latest
environment:
name: production
url: https://portal.servala.com/
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Determine image tag
id: determine-tag
run: |
case "${{ github.ref }}" in
refs/tags/*)
TAG_NAME=${{ github.ref }}
TAG_NAME=${TAG_NAME##*/}
echo "::set-output name=tag::${TAG_NAME}"
;;
*)
echo "Unsupported ref: ${{ github.ref }}"
exit 1
;;
esac
- name: Deploy to OpenShift
uses: docker://quay.io/appuio/oc:v4.16
with:
entrypoint: /bin/bash
args: |
-c "set -e && oc login --token=${OPENSHIFT_TOKEN} --server=${OPENSHIFT_URL} && \
pushd deployment/kustomize/overlays/production && \
kustomize edit set image ${{ vars.CONTAINER_REGISTRY }}/${{ vars.CONTAINER_IMAGE_NAME }}:${{ steps.determine-tag.outputs.tag }} && \
cat kustomization.yaml && popd && \
oc -n ${NAMESPACE} apply --overwrite -k deployment/kustomize/overlays/production && \
oc -n ${NAMESPACE} rollout restart deployment/servala"
env:
NAMESPACE: ${{ vars.NAMESPACE_PORTAL_PRODUCTION }}
KUBECONFIG: /tmp/kube_config
OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN_PRODUCTION }}
OPENSHIFT_URL: ${{ secrets.OPENSHIFT_URL }}
- name: Verify deployment
uses: docker://quay.io/appuio/oc:v4.16
with:
entrypoint: /bin/bash
args: |
-c "set -e && oc login --token=${OPENSHIFT_TOKEN} --server=${OPENSHIFT_URL} && \
echo 'Waiting for deployment to complete...' && \
oc -n ${NAMESPACE} rollout status deployment/servala --timeout=300s && \
echo 'Checking pod status...' && \
oc -n ${NAMESPACE} get pods -l app=servala && \
READY_PODS=$(oc -n ${NAMESPACE} get pods -l app=servala -o jsonpath='{.items[*].status.containerStatuses[0].ready}' | grep -o 'true' | wc -l) && \
TOTAL_PODS=$(oc -n ${NAMESPACE} get pods -l app=servala --no-headers | wc -l) && \
echo \"Ready pods: $READY_PODS/$TOTAL_PODS\" && \
if [ \"$READY_PODS\" -eq \"$TOTAL_PODS\" ]; then \
echo '✅ Deployment verified successfully!' && exit 0; \
else \
echo '❌ Deployment verification failed!' && exit 1; \
fi"
env:
NAMESPACE: ${{ vars.NAMESPACE_PORTAL_PRODUCTION }}
KUBECONFIG: /tmp/kube_config
OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN_PRODUCTION }}
OPENSHIFT_URL: ${{ secrets.OPENSHIFT_URL }}
Reference in a new issue View git blame Copy permalink