You've already forked ci-templates
generated from public/repo-template
104 lines
3.6 KiB
YAML
104 lines
3.6 KiB
YAML
name: Deploy to application version
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
ci_image:
|
|
required: true
|
|
type: string
|
|
description: image to use inside the workflow jobs
|
|
default: git.romalex.cc/public/ci-image:v1
|
|
deploy_repo_server:
|
|
required: true
|
|
type: string
|
|
description: deploy repo server
|
|
default: git.romalex.cc
|
|
deploy_repo_server_port:
|
|
required: true
|
|
type: number
|
|
description: deploy repo server port
|
|
default: 2222
|
|
deploy_repo_server_user:
|
|
required: true
|
|
type: string
|
|
description: username to access the deploy repo server. Typically git for github and gitea for gitea
|
|
default: gitea
|
|
deploy_repo_branch:
|
|
required: true
|
|
type: string
|
|
description: branch to checkout and to update in deploy repo
|
|
default: master
|
|
tag_property_path:
|
|
required: true
|
|
type: string
|
|
description: path to the property containing image tag to update
|
|
version:
|
|
required: true
|
|
type: string
|
|
description: version of the docker image to update the application to
|
|
deploy_repo:
|
|
required: true
|
|
type: string
|
|
description: path to the deploy repo (without server). for example, romalex/deploy
|
|
values_file_path:
|
|
required: true
|
|
type: string
|
|
description: path to the helm values file to update the tag
|
|
secrets:
|
|
deploy_repo_ssh_key:
|
|
required: true
|
|
description: private SSH key to clone from/push to deploy repo
|
|
|
|
jobs:
|
|
get_author_email:
|
|
name: Get author email
|
|
runs-on: romalex-public
|
|
container:
|
|
image: ${{ inputs.ci_image }}
|
|
outputs:
|
|
author_email: ${{ steps.get_email.outputs.author_email }}
|
|
steps:
|
|
- name: Get author email
|
|
id: get_email
|
|
run: |
|
|
email="$(curl -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
|
|
${{ github.api_url }}/users/${{ github.actor }} | \
|
|
jq -r .email)"
|
|
echo "author_email=${email}" >> "${GITHUB_OUTPUT}"
|
|
|
|
update_image_tag:
|
|
name: Update image tag
|
|
runs-on: romalex-public
|
|
container:
|
|
image: ${{ inputs.ci_image }}
|
|
needs: get_author_email
|
|
steps:
|
|
- name: Configure git
|
|
run: |
|
|
git config --global user.email "${{ needs.get_author_email.outputs.author_email }}"
|
|
git config --global user.name "${{ github.actor }}"
|
|
- name: Configure ssh
|
|
run: |
|
|
cat > ~/.ssh/private_key << EOF
|
|
${{ secrets.deploy_repo_ssh_key }}
|
|
EOF
|
|
chmod 600 ~/.ssh/private_key
|
|
cat > ~/.ssh/config << EOF
|
|
Host ${{ inputs.deploy_repo_server }}
|
|
IdentityFile ~/.ssh/private_key
|
|
User ${{ inputs.deploy_repo_server_user }}
|
|
Port ${{ inputs.deploy_repo_server_port }}
|
|
StrictHostKeyChecking no
|
|
EOF
|
|
- name: Clone repo and update image tag
|
|
run: |
|
|
deploy_repo='ssh://${{ inputs.deploy_repo_server_user }}@${{ inputs.deploy_repo_server }}:${{ inputs.deploy_repo_server_port }}/${{ inputs.deploy_repo }}.git'
|
|
git clone --depth 1 "${deploy_repo}"
|
|
directory="${deploy_repo##*/}"
|
|
directory="${directory%.git}"
|
|
cd "${directory}"
|
|
git switch '${{ inputs.deploy_repo_branch }}'
|
|
yq e '${{ inputs.tag_property_path }} = "${{ inputs.version }}"' -i '${{ inputs.values_file_path }}'
|
|
git add .
|
|
git commit -m 'Update ${{ github.repository }} to ${{ inputs.version }}'
|
|
git push origin '${{ inputs.deploy_repo_branch }}'
|