generated from CloudzillaBot/next-app
-
Notifications
You must be signed in to change notification settings - Fork 0
138 lines (112 loc) · 4.89 KB
/
init-project.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: Deploy to Cloudzilla
on:
push:
branches: [main]
workflow_dispatch:
env:
IMAGE_PREFIX: registry.cloudzilla.ai/lens-local-glenn-project-2522da7a09/
jobs:
build-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: https://registry.cloudzilla.ai/
username: 'robot$lens-local-glenn-project-2522da7a09+imageuser'
password: '${{ secrets.DOCKER_PASSWORD }}'
- name: downcase REPO
run: |
image="${GITHUB_REPOSITORY#*/}"
echo "IMAGE_NAME=${image,,}" >>${GITHUB_ENV}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_PREFIX }}${{ env.IMAGE_NAME }}
- name: Valiate existing .env file
run: |
# Path to your .env file
ENV_FILE=".env"
# Check if the .env file exists
if [ ! -f "$ENV_FILE" ]; then
# If the .env file doesn't exist, exit the script
exit 0
fi
# Read the .env file line by line
while IFS= read -r line || [ -n "$line" ]; do
# Remove leading and trailing whitespace
line="$(echo "$line" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')"
# Skip empty lines
if [ -z "$line" ]; then
continue
fi
# Skip comment lines starting with #
if [[ "$line" == \#* ]]; then
continue
fi
# Check if the line matches KEY=VALUE format
if ! [[ "$line" =~ ^[A-Za-z_][A-Za-z0-9_]*=.*$ ]]; then
echo "Your existing .env file is not valid. Environment variable names (keys) must consist solely of letters, digits, and the underscore ( _ ) and must not begin with a digit according to the .env file specification"
exit 1
fi
done < "$ENV_FILE"
- name: Put down .env file
run: |
echo "writing .env file..."
echo "# This file is generated or updated by the cloudzilla deploy workflow" >> .env
# remove duplicates keeping the items at the bottom of the file
tac .env | awk -F'=' '!seen[$1]++' | tac > .env.tmp2 && mv .env.tmp2 .env
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
file: .github/workflows/cloudzilla/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Deploy on Section
env:
SECTION_K8S_API_URL: '${{ secrets.SECTION_K8S_API_URL }}'
SECTION_API_TOKEN: '${{ secrets.SECTION_API_TOKEN }}'
DOCKER_SERVER: 'registry.cloudzilla.ai'
DOCKER_USERNAME: 'robot$lens-local-glenn-project-2522da7a09+imageuser'
DOCKER_PASSWORD: '${{ secrets.DOCKER_PASSWORD }}'
FULL_IMAGE_WITH_TAG: '${{ env.DOCKER_METADATA_OUTPUT_TAGS }}'
POD_NAME: '${{ env.IMAGE_NAME }}'
DEBUG: 1
run: |
#!/bin/bash
test -z "${DEBUG}" || set -o xtrace
set -o errexit
cd "$(dirname "$0")"
cert=/etc/ssl/certs/ca-certificates.crt
main() {
setCluster
kubectl create secret generic console-project-env-secret --from-env-file=${GITHUB_WORKSPACE}/.env --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret docker-registry regcred --docker-server="${DOCKER_SERVER}" --docker-username="${DOCKER_USERNAME}" --docker-password="${DOCKER_PASSWORD}" --dry-run=client -o yaml | kubectl apply -f -
kubectl apply -f ${GITHUB_WORKSPACE}/.github/workflows/cloudzilla/k8s/ingress-upstream.yaml
envsubst '$FULL_IMAGE_WITH_TAG $POD_NAME' < ${GITHUB_WORKSPACE}/.github/workflows/cloudzilla/k8s/deploy.yaml | kubectl apply -f -
kubectl rollout restart deployment "section-project-deployment"
}
setCluster() {
# Configure kubectl to talk to Section
# change the cert path depending on OS.
if [[ "$OSTYPE" == "darwin"* ]]; then
cert=/usr/local/etc/ca-certificates/cert.pem
fi
kubectl config set-cluster section \
--server=$SECTION_K8S_API_URL \
--certificate-authority=$cert
kubectl config set-credentials section-user --token=$SECTION_API_TOKEN
kubectl config set-context my-section-application --cluster=section --user=section-user --namespace=default
kubectl config use-context my-section-application
kubectl version
}
main
"$@"