forked from github/safe-settings
-
Notifications
You must be signed in to change notification settings - Fork 0
70 lines (68 loc) · 2.45 KB
/
deploy-k8s.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Deploy to Kubernetes
on:
workflow_dispatch:
inputs:
status:
description: 'Status of the previous workflow'
required: true
default: 'passed'
release:
description: 'Release tag from the previous workflow'
required: true
env:
DOCKER_IMAGE_NAME: yadhav/safe-settings
#IMAGE_REGISTRY_URL: docker.pkg.github.com
IMAGE_REGISTRY_URL: docker.io
AZURE_RESOURCE_GROUP: decyjphr-aks
AZURE_AKS_CLUSTER: decyjphr-aks
AZURE_LOCATION: '"East US"'
AZURE_AKS_NAMESPACE: default
permissions:
id-token: write
jobs:
deploy-to-k8s:
if: ${{ github.event.inputs.status == 'passed' }}
name: Deploy to Kubernetes
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- uses: azure/aks-set-context@v3
with:
resource-group: ${{env.AZURE_RESOURCE_GROUP}}
cluster-name: ${{env.AZURE_AKS_CLUSTER}}
id: login
- run: |
kubectl get deployment
- name: app-env
uses: azure/k8s-create-secret@v4
with:
namespace: 'default'
secret-type: 'generic'
arguments: --from-literal=APP_ID=${{ secrets.APP_ID }} --from-literal=PRIVATE_KEY=${{ secrets.PRIVATE_KEY }} --from-literal=WEBHOOK_SECRET=${{ secrets.WEBHOOK_SECRET }}
secret-name: app-env
- name: Set imagePullSecret
uses: azure/k8s-create-secret@v4
with:
namespace: ${{env.AZURE_AKS_NAMESPACE}}
container-registry-url: ${{env.IMAGE_REGISTRY_URL}}
container-registry-username: ${{ secrets.DOCKER_USERNAME }}
container-registry-password: ${{ secrets.DOCKER_PASSWORD }}
secret-name: 'image-pull-secret'
id: create-secret
- uses: Azure/[email protected]
with:
namespace: ${{env.AZURE_AKS_NAMESPACE}}
manifests: |
safe-settings.yaml
svc-safe-settings.yaml
#images: ${{env.IMAGE_REGISTRY_URL}}/${{ github.repository }}/${{env.DOCKER_IMAGE_NAME}}:${{ github.sha }}
images: ${{env.IMAGE_REGISTRY_URL}}/yadhav/safe-settings:${{ github.event.inputs.release }}
imagepullsecrets: |
image-pull-secret
kubectl-version: 'latest'