Mark sensitive fields #17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: π« CI | |
| on: | |
| push: | |
| branches: [master] | |
| concurrency: | |
| group: environment-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| setup_env: | |
| name: βοΈ Setup environment | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Add SHORT_SHA env property | |
| run: echo "SHORT_SHA=`echo ${GITHUB_SHA::7}`" >> $GITHUB_ENV | |
| - name: Put commit msg in environment | |
| run: echo "COMMIT_MSG=${{ github.event.head_commit.message }}" >> $GITHUB_ENV | |
| - name: Escape commit message | |
| run: | | |
| echo "COMMIT_MSG=$(echo $COMMIT_MSG | tr -d \'\\\")" >> $GITHUB_ENV | |
| - name: Get branch name (merge) | |
| if: github.event_name != 'pull_request' | |
| shell: bash | |
| run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV | |
| - name: Get branch name (pull request) | |
| if: github.event_name == 'pull_request' | |
| shell: bash | |
| run: echo "BRANCH_NAME=$(echo ${GITHUB_HEAD_REF} | tr / -)" >> $GITHUB_ENV | |
| outputs: | |
| short_sha: ${{ env.SHORT_SHA }} | |
| commit_msg: ${{ env.COMMIT_MSG }} | |
| branch_name: ${{ env.BRANCH_NAME }} | |
| build: | |
| name: π¨ Build Binaries and Docker Image | |
| runs-on: ubuntu-latest | |
| needs: setup_env | |
| env: | |
| GITHUB_RUN_ID: ${{ github.run_id }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set build start in env variable | |
| run: echo "BUILD_START=$(date +%s)" >> $GITHUB_ENV | |
| - name: Cache Go modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Setup Go with cache | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version-file: ./go.mod | |
| - name: Login to registry | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USER }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build GO Server Binary | |
| run: | | |
| cd cmd && GOARCH=arm64 go build -ldflags "-s -w -X main.Version=${{ needs.setup_env.outputs.short_sha }} -X \"main.CommitMsg=${{ needs.setup_env.outputs.commit_msg }}\" -X main.BuildStart=${{ env.BUILD_START }}" -o server && cd .. | |
| - name: Build and push image | |
| if: success() | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| platforms: linux/arm64 | |
| push: true | |
| file: ./Dockerfile.ci | |
| tags: unbindapp/unbind-api:${{ needs.setup_env.outputs.branch_name }}-${{ env.GITHUB_RUN_ID }} | |
| deploy_prod: | |
| name: π Deploy Apps (PROD) | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup_env | |
| - build | |
| env: | |
| GITHUB_RUN_ID: ${{ github.run_id }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Deploy | |
| uses: ./.github/actions/k8s-deploy | |
| with: | |
| image: unbindapp/unbind-api:${{ needs.setup_env.outputs.branch_name}}-${{ env.GITHUB_RUN_ID }} | |
| kube_config: ${{ secrets.K3S_KUBE_CONFIG }} |