Merge pull request #170 from NetSepio/main #191
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Build and Push to GHCR" | |
| on: | |
| push: | |
| branches: | |
| - prod | |
| jobs: | |
| build_push: | |
| runs-on: ubuntu-latest | |
| environment: Production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ secrets.GHCR_USERNAME }} | |
| password: ${{ secrets.GHCR_TOKEN }} | |
| - name: Build and Push Docker Image | |
| env: | |
| PROD_ENV_FILE: ${{ vars.PROD_EREBRUS_ENV }} | |
| run: | | |
| echo "$PROD_ENV_FILE" > .env | |
| cat .env | |
| export CURRENT_BRANCH=${GITHUB_REF#refs/heads/} | |
| export TAG=$([[ $CURRENT_BRANCH == $(basename ${{ github.ref }}) ]] && echo $CURRENT_BRANCH || echo "latest") | |
| echo $TAG | |
| export GITHUB_REF_IMAGE=ghcr.io/$GITHUB_REPOSITORY:$GITHUB_SHA | |
| export GITHUB_BRANCH_IMAGE=ghcr.io/$GITHUB_REPOSITORY:$TAG | |
| export GITHUB_REF_IMAGE=$(echo $GITHUB_REF_IMAGE | tr '[:upper:]' '[:lower:]') | |
| export GITHUB_BRANCH_IMAGE=$(echo $GITHUB_BRANCH_IMAGE | tr '[:upper:]' '[:lower:]') | |
| docker build --build-arg version=$GITHUB_SHA -t $GITHUB_REF_IMAGE -t $GITHUB_BRANCH_IMAGE . | |
| echo "Pushing Image to GitHub Container Registry" | |
| docker push $GITHUB_REF_IMAGE | |
| docker push $GITHUB_BRANCH_IMAGE | |
| rm -rf .env | |
| deploy_prod: | |
| needs: build_push | |
| runs-on: self-hosted | |
| steps: | |
| - name: Update image in cloun run | |
| run: | | |
| docker pull ghcr.io/netsepio/erebrus-frontend:prod | |
| docker tag ghcr.io/netsepio/erebrus-frontend:prod us-west4-docker.pkg.dev/erebrus-prod/erebrus/erebrus-frontend:prod | |
| gcloud auth activate-service-account --key-file=${{ secrets.SERVICE_ACCOUNT_KEY_FILE_PATH }} --project=${{ secrets.PROJECT }} | |
| gcloud config set account ${{ secrets.SERVICE_ACCOUNT }} | |
| gcloud auth print-access-token | docker login -u oauth2accesstoken --password-stdin https://us-west4-docker.pkg.dev | |
| docker push us-west4-docker.pkg.dev/erebrus-prod/erebrus/erebrus-frontend:prod | |
| gcloud run deploy erebrus-frontend --image us-west4-docker.pkg.dev/erebrus-prod/erebrus/erebrus-frontend:prod --region us-west4 |