Skip to content

refactor publish-docker-images.yml and deploy-to-kubernetes.yml to ge… #1675

refactor publish-docker-images.yml and deploy-to-kubernetes.yml to ge…

refactor publish-docker-images.yml and deploy-to-kubernetes.yml to ge… #1675

name: Publish Docker images
env:
PROJECT_ID: ${{ secrets.GCP_PROJECT }}
REGION: ${{ secrets.GCP_REGION }}
on:
push:
branches:
- 'main'
- 'staging'
- 'test'
- 'expo'
- 'gcp'
- 'dev'
- 'demo'
- 'pilot'
paths:
- 'api/**'
- 'client/**'
- 'marketing/**'
- 'tiler/**'
- 'data/**'
- '.github/**'
workflow_dispatch:
inputs:
waitForTest:
description: 'Set to "false" to skip waiting for the test to pass.'
required: true
default: true
jobs:
set_env_name:
name: Set Environment Name
runs-on: ubuntu-20.04
outputs:
env_name: ${{ steps.set_env.outputs.env_name }}
env_name_upper: ${{ steps.set_env.outputs.env_name_upper }}
steps:
- name: Set environment name
shell: bash
run: |
branch_name=$(echo "${GITHUB_REF#refs/heads/}")
secret_name=$(echo "$branch_name" | tr '[:lower:]' '[:upper:]')
mapped_name=${!secret_name}
if [ -z "$mapped_name" ]; then
echo "Warning: No secret found for branch '$branch_name'. Falling back to branch name."
mapped_name=$branch_name
fi
mapped_name_upper=$(echo "$mapped_name" | tr '[:lower:]' '[:upper:]')
echo "Environment name used: $mapped_name"
echo "##[set-output name=env_name;]$mapped_name"
echo "##[set-output name=env_name_upper;]$mapped_name_upper"
id: set_env
env:
PILOT: ${{ secrets.PILOT }}
wait_for_tests:
name: Wait for tests to finish running
runs-on: ubuntu-20.04
steps:
- name: Wait for API E2E tests to run
if: ${{ github.event.inputs.waitForTest == 'true' }}
uses: fountainhead/[email protected]
with:
token: ${{ secrets.REPO_ACCESS_TOKEN }}
checkName: E2E Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: Wait for API Integration tests to run
if: ${{ github.event.inputs.waitForTest == 'true' }}
uses: fountainhead/[email protected]
with:
token: ${{ secrets.REPO_ACCESS_TOKEN }}
checkName: Integration Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: Wait for Client tests to run
if: ${{ github.event.inputs.waitForTest == 'true' }}
uses: fountainhead/[email protected]
with:
token: ${{ secrets.REPO_ACCESS_TOKEN }}
checkName: Client Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
push_api_to_registry:
name: Push API Docker image to Docker Hub
runs-on: ubuntu-20.04
needs: [ set_env_name, wait_for_tests ]
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Get ECR Registry
id: ecr-login
uses: aws-actions/amazon-ecr-login@v1
- name: 'Authenticate to Google Cloud'
uses: google-github-actions/auth@v1
with:
workload_identity_provider: 'projects/168301767246/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
service_account: '[email protected]'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v1
- name: Authorize Docker push
run: gcloud auth configure-docker europe-west1-docker.pkg.dev
- name: Build API Docker image
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: api
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/api/main:${{ github.sha }} \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/api/main:latest \
api
- name: Push API Docker image to AWS and GCP
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: api
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/api/main:${{ github.sha }}
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/api/main:latest
push_client_to_registry:
name: Push Client Docker image to Docker Hub
runs-on: ubuntu-20.04
needs: [ set_env_name, wait_for_tests ]
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Get ECR Registry
id: ecr-login
uses: aws-actions/amazon-ecr-login@v1
- name: 'Authenticate to Google Cloud'
uses: google-github-actions/auth@v1
with:
workload_identity_provider: 'projects/168301767246/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
service_account: '[email protected]'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v1
- name: Authorize Docker push
run: gcloud auth configure-docker europe-west1-docker.pkg.dev
- name: Build Client Docker image
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: client
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker build \
--build-arg NEXTAUTH_URL=${{ secrets[format('NEXTAUTH_URL_{0}', needs.set_env_name.outputs.env_name_upper )] }} \
--build-arg NEXTAUTH_SECRET=${{ secrets[format('NEXTAUTH_SECRET_{0}', needs.set_env_name.outputs.env_name_upper )] }} \
--build-arg NEXT_PUBLIC_MAPBOX_API_TOKEN=${{ secrets.NEXT_PUBLIC_MAPBOX_API_TOKEN }} \
--build-arg NEXT_PUBLIC_API_URL=${{ secrets[format('NEXTAUTH_URL_{0}', needs.set_env_name.outputs.env_name_upper )] }} \
--build-arg CYPRESS_USERNAME=${{ secrets.CYPRESS_USERNAME }} \
--build-arg CYPRESS_PASSWORD=${{ secrets.CYPRESS_PASSWORD }} \
-t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/client/main:${{ github.sha }} \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/client/main:latest \
client
- name: Push Client Docker image to AWS and GCP
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: client
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/client/main:${{ github.sha }}
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/client/main:latest
push_data_import_to_registry:
name: Push Data Import Docker image to Docker Hub
runs-on: ubuntu-20.04
needs: [ set_env_name, wait_for_tests ]
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Get ECR Registry
id: ecr-login
uses: aws-actions/amazon-ecr-login@v1
- name: 'Authenticate to Google Cloud'
uses: google-github-actions/auth@v1
with:
workload_identity_provider: 'projects/168301767246/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
service_account: '[email protected]'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v1
- name: Authorize Docker push
run: gcloud auth configure-docker europe-west1-docker.pkg.dev
- name: Build Data Import Docker image
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: data_import
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/data-import/main:${{ github.sha }} \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/data-import/main:latest \
data
- name: Push Data Import Docker image to AWS and GCP
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: data_import
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/data-import/main:${{ github.sha }}
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/data-import/main:latest
push_tiler_to_registry:
name: Push Tiler Docker image to AWS and GCP
runs-on: ubuntu-20.04
needs: [ set_env_name, wait_for_tests ]
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Get ECR Registry
id: ecr-login
uses: aws-actions/amazon-ecr-login@v1
- name: 'Authenticate to Google Cloud'
uses: google-github-actions/auth@v1
with:
workload_identity_provider: 'projects/168301767246/locations/global/workloadIdentityPools/github-pool/providers/github-provider'
service_account: '[email protected]'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v1
- name: Authorize Docker push
run: gcloud auth configure-docker europe-west1-docker.pkg.dev
- name: Build Tiler Docker image
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: tiler
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/tiler/main:${{ github.sha }} \
-t europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/tiler/main:latest \
tiler
- name: Push Tiler Docker image to AWS and GCP
env:
ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }}
ECR_REPOSITORY: tiler
IMAGE_TAG: ${{ needs.set_env_name.outputs.env_name }}
run: |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/tiler/main:${{ github.sha }}
docker push europe-west1-docker.pkg.dev/${{ env.PROJECT_ID }}/tiler/main:latest