@@ -2,6 +2,11 @@ name: 'K8: Deploy'
2
2
3
3
on :
4
4
workflow_call :
5
+ inputs :
6
+ environment :
7
+ required : true
8
+ type : string
9
+
5
10
6
11
# Special permissions required for OIDC authentication
7
12
permissions :
@@ -10,86 +15,87 @@ permissions:
10
15
actions : read
11
16
12
17
jobs :
13
- az-acr-push :
14
- name : " Docker: Build & Push "
18
+ k8-deploy :
19
+ name : ' K8: Deploy '
15
20
runs-on : ubuntu-latest
16
- environment : ${{ github.event_name == 'release' && 'prod' || 'dev' }}
21
+ environment : ${{ inputs.environment }}
17
22
env :
18
- DOCKERFILE : ${{ vars.DOCKERFILE }}
19
- AZURE_CONTAINER_REGISTRY : ${{ vars.AZURE_CONTAINER_REGISTRY }}
20
- ACR_LOGIN_USERNAME : ${{ secrets.ACR_LOGIN_USERNAME }}
21
- ACR_LOGIN_PASSWORD : ${{ secrets.ACR_LOGIN_PASSWORD }}
23
+ KUBELOGIN_VERSION : " v0.0.25"
24
+ KUBERNETES_CLUSTER_REPO_NAME : " ${{ vars.KUBERNETES_CLUSTER_REPO_NAME }}"
25
+ KUBERNETES_CLUSTER_NAME : " ${{ vars.KUBERNETES_CLUSTER_NAME }}"
26
+ KUBERNETES_NAMESPACE : " ${{ vars.KUBERNETES_NAMESPACE }}"
27
+ KUBERNETES_MANIFEST_PATH : " ${{ vars.KUBERNETES_MANIFEST_PATH }}"
28
+ AZURE_RESOURCE_GROUP : " ${{ vars.AZURE_RESOURCE_GROUP }}"
29
+ AZURE_CONTAINER_REGISTRY : " ${{ vars.AZURE_CONTAINER_REGISTRY }}"
22
30
IMAGE_TAG : ${{ github.event_name == 'release' && github.event.release.tag_name || 'amd64' }}
23
31
steps :
24
- - name : Checkout repository
25
- uses : actions/checkout@v4
26
- - name : Set up Docker Buildx
27
- uses : docker/setup-buildx-action@v3
28
- - name : Log into registry
29
- uses : docker/login-action@v3
30
- with :
31
- registry : " ${{ env.AZURE_CONTAINER_REGISTRY }}"
32
- username : " ${{ env.ACR_LOGIN_USERNAME }}"
33
- password : " ${{ env.ACR_LOGIN_PASSWORD }}"
34
-
35
- - name : Build & Push :${{ env.IMAGE_TAG }}
36
- uses : docker/build-push-action@v5
37
- with :
38
- cache-from : type=gha
39
- cache-to : type=gha,mode=max
40
- file : ${{ env.DOCKERFILE }}
41
- tags : ${{ env.AZURE_CONTAINER_REGISTRY }}/${{ github.event.repository.name }}:${{ env.IMAGE_TAG }}
42
- push : true
43
- build-args : platform=linux/amd64
32
+ # Checkout the repository to the GitHub Actions runner
33
+ - name : Checkout
34
+ uses : actions/checkout@v4
35
+ with :
36
+ token : ${{ secrets.TOKEN_GITHUB }}
37
+ repository : ${{ github.repository_owner }}/${{ env.KUBERNETES_CLUSTER_REPO_NAME }}
38
+ ref : refs/heads/dev
44
39
45
- - name : Build & Push :latest
46
- uses : docker/build-push-action@v5
47
- with :
48
- cache-from : type=gha
49
- cache-to : type=gha,mode=max
50
- file : ${{ env.DOCKERFILE }}
51
- tags : ${{ env.AZURE_CONTAINER_REGISTRY }}/${{ github.event.repository.name }}:latest
52
- push : true
53
- build-args : platform=linux/amd64
40
+ # Install the latest version of Kubernetes CLI and configure the Kubernetes CLI configuration file with a Kubernetes Cloud user API token
41
+ - name : Azure Cloud Login
42
+ uses : Azure/login@v2
43
+ with :
44
+ client-id : ${{ secrets.AZURE_CLIENT_ID }}
45
+ tenant-id : ${{ secrets.AZURE_TENANT_ID }}
46
+ subscription-id : ${{ secrets.AZURE_SUBSCRIPTION_ID }}
54
47
55
- k8-deploy :
56
- uses : code-kern-ai/cicd-deployment-scripts/.github/workflows/_k8s_deploy.yml@dev
57
- needs : [az-acr-push]
58
- secrets : inherit
59
- with :
60
- environment : ${{ github.event_name == 'release' && 'prod' || 'dev' }}
61
-
62
- gh-release-publish :
63
- name : ' GitHub: Publish Release'
64
- runs-on : ubuntu-latest
65
- needs : [k8-deploy]
66
- if : github.event_name == 'release' && success()
67
- env :
68
- GH_TOKEN : ${{ secrets.TOKEN_GITHUB }}
69
- steps :
70
- - name : Publish Release
71
- run : |
72
- gh release edit ${{ github.event.release.tag_name }} \
73
- --prerelease=false \
74
- --draft=false \
75
- --latest \
76
- --repo ${{ github.repository }}
77
-
78
- echo "::notice::Release Published"
48
+ # Use kubelogin to configure your kubeconfig for Azure auth
49
+ - name : Set up kubelogin for non-interactive login
50
+ uses : azure/use-kubelogin@v1
51
+ with :
52
+ kubelogin-version : ${{ env.KUBELOGIN_VERSION }}
79
53
80
- gh-release-delete :
81
- name : ' GitHub: Delete Prerelease'
82
- runs-on : ubuntu-latest
83
- needs : [k8-deploy]
84
- if : github.event_name == 'release' && failure() || cancelled()
85
- env :
86
- GH_TOKEN : ${{ secrets.TOKEN_GITHUB }}
87
- steps :
88
- - name : Delete Prerelease
89
- run : |
90
- gh release delete ${{ github.event.release.tag_name }} \
91
- --cleanup-tag \
92
- --yes \
93
- --repo ${{ github.repository }}
94
-
95
- echo "::error::Prerelease and Tag Deleted"
54
+ - uses : azure/aks-set-context@v3
55
+ with :
56
+ resource-group : ${{ env.AZURE_RESOURCE_GROUP }}
57
+ cluster-name : ${{ env.KUBERNETES_CLUSTER_NAME }}
58
+ admin : ' false'
59
+ use-kubelogin : ' true'
60
+
61
+ - name : Generate Kustomization
62
+ shell : bash
63
+ env :
64
+ KUBECTL_EXTERNAL_DIFF : " colordiff -N -u"
65
+ run : |
66
+ kubectl kustomize ${{ env.KUBERNETES_MANIFEST_PATH }} --output apply.yml
67
+ kubectl diff --filename apply.yml || true
68
+
69
+ - name : Generate Deployment
70
+ uses : Azure/k8s-deploy@v5
71
+ timeout-minutes : 10
72
+ with :
73
+ namespace : ${{ env.KUBERNETES_NAMESPACE }}
74
+ manifests : apply.yml
75
+ pull-images : false
76
+ images : ${{ env.AZURE_CONTAINER_REGISTRY }}/${{ github.event.repository.name }}:${{ env.IMAGE_TAG }}
77
+ strategy : canary
78
+ action : deploy
79
+ percentage : 20
80
+
81
+ - name : Promote Deployment
82
+ uses : Azure/k8s-deploy@v5
83
+ if : success()
84
+ with :
85
+ namespace : ${{ env.KUBERNETES_NAMESPACE }}
86
+ manifests : apply.yml
87
+ pull-images : false
88
+ images : ${{ env.AZURE_CONTAINER_REGISTRY }}/${{ github.event.repository.name }}:${{ env.IMAGE_TAG }}
89
+ strategy : canary
90
+ action : promote
91
+
92
+ - name : Reject Deployment
93
+ uses : Azure/k8s-deploy@v5
94
+ if : failure() || cancelled()
95
+ with :
96
+ namespace : ${{ env.KUBERNETES_NAMESPACE }}
97
+ manifests : apply.yml
98
+ pull-images : false
99
+ images : ${{ env.AZURE_CONTAINER_REGISTRY }}/${{ github.event.repository.name }}:${{ env.IMAGE_TAG }}
100
+ strategy : canary
101
+ action : reject
0 commit comments