forked from orb-community/orb
-
Notifications
You must be signed in to change notification settings - Fork 0
186 lines (160 loc) · 6.12 KB
/
deploy-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
name: Deploy Production
on:
workflow_dispatch:
inputs:
develop_image_id:
description: 'The docker image tag that you want to promote to production'
required: true
default: 'develop'
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
agent:
- 'agent/**'
- 'cmd/agent/**'
orb:
- 'fleet/**'
- 'cmd/fleet/**'
- 'policies/**'
- 'cmd/policies/**'
- 'sinks/**'
- 'cmd/sinks/**'
- 'sinker/**'
- 'cmd/sinker/**'
ui:
- 'ui/**'
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.16
- name: Build services (go build only)
run: make services
- name: Build orb agent (go build only)
run: make agent_bin
- name: Go unit tests
run: make test
- name: Build UI
if: steps.filter.outputs.ui == 'true'
run: make ui
update-image-tag-push:
needs: check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
agent:
- 'agent/**'
- 'cmd/agent/**'
orb:
- 'fleet/**'
- 'cmd/fleet/**'
- 'policies/**'
- 'cmd/policies/**'
- 'sinks/**'
- 'cmd/sinks/**'
- 'sinker/**'
- 'cmd/sinker/**'
ui:
- 'ui/**'
- name: Set branch name
shell: bash
run: |
echo "BRANCH_NAME=production" >> $GITHUB_ENV
- name: Generate ref tag (production)
run: |
echo "REF_TAG=production" >> $GITHUB_ENV
- name: Append suffix on VERSION file for production build
run: |
echo "`cat ${{github.workspace}}/VERSION`-${{ env.REF_TAG }}" > VERSION
- name: Get VERSION
run: |
echo "VERSION=`cat ${{github.workspace}}/VERSION`" >> $GITHUB_ENV
- name: Get short commit hash to a variable
id: commit_hash
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Debug VERSION
run: |
echo ${{ env.VERSION }}
echo ${{ env.VERSION }}-${{ steps.commit_hash.outputs.sha_short }}
- name: Commit orb-ui-live on orb-live repo production
run: |
git config --global user.email "${{secrets.GH_ORB_EMAIL}}"
git config --global user.name "${{secrets.GH_ORB_USER}}"
git config --global credential.helper cache
git clone -b main https://${{secrets.GH_ORB_USER}}:${{secrets.GH_ORB_ACCESS_TOKEN}}@github.com/ns1labs/orb-live.git
cd orb-live
rm -rf ui
git add .
git commit -m "[NS1 Orb Bot] clean ui folder"
cp -rf ../ui .
cp -rf ../VERSION .
echo "${{ steps.commit_hash.outputs.sha_short }}" > COMMIT_HASH
git add .
git commit -m "[NS1 Orb Bot] Update Orb Live UI for production"
git push origin main
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build orb-agent
# make this as "latest" tag
shell: bash
env:
IMAGE_NAME: ns1labs/orb-agent
run: |
if [ "${{ github.event.inputs.pktvisor_tag }}" == "" ]; then
make agent_production
make agent_debug_production
else
PKTVISOR_TAG=${{ github.event.inputs.pktvisor_tag }} make agent_production
PKTVISOR_TAG=${{ github.event.inputs.pktvisor_tag }} make agent_debug_production
fi
- name: Update
run: |
${{ env.VERSION }}
docker push -a ns1labs/orb-agent
docker pull ns1labs/orb-fleet:develop
eval FLEET_IMG_ID=$(docker images ns1labs/orb-fleet:develop --format "{{.ID}}")
docker tag $(FLEET_IMG_ID) ns1labs/orb-fleet:production
docker push ns1labs/orb-fleet:production
docker pull ns1labs/orb-policies:develop
eval POLICIES_IMG_ID=$(docker images ns1labs/orb-policies:develop --format "{{.ID}}")
docker tag $(POLICIES_IMG_ID) ns1labs/orb-policies:production
docker push ns1labs/orb-policies:production
docker pull ns1labs/orb-sinks:develop
eval SINKS_IMG_ID=$(docker images ns1labs/orb-sinks:develop --format "{{.ID}}")
docker tag $(SINKS_IMG_ID) ns1labs/orb-sinks:production
docker push ns1labs/orb-sinks:production
docker pull ns1labs/orb-sinker:develop
eval SINKER_IMG_ID=$(docker images ns1labs/orb-sinker:develop --format "{{.ID}}")
docker tag $(SINKER_IMG_ID) ns1labs/orb-sinker:production
docker push -a ns1labs/orb-sinker:production
docker pull ns1labs/orb-ui:develop
eval UI_IMG_ID=$(docker images ns1labs/orb-ui:develop --format "{{.ID}}")
docker tag $(UI_IMG_ID) ns1labs/orb-ui:production
docker push -a ns1labs/orb-ui:production
- name: Commit image tag on orb-live-manifest environment prod
run: |
git config --global user.email "${{secrets.GH_ORB_EMAIL}}"
git config --global user.name "${{secrets.GH_ORB_USER}}"
git config --global credential.helper cache
git clone https://${{secrets.GH_ORB_USER}}:${{secrets.GH_ORB_ACCESS_TOKEN}}@github.com/ns1labs/orb-live-manifest.git
cd orb-live-manifest/stg
mv values.yaml .template/values.old
cat .template/values.yaml.tpl >> values.yaml
sed -i -e "s/IMAGE_TAG/${{ env.VERSION }}-${{ steps.commit_hash.outputs.sha_short }}/g" values.yaml
git add values.yaml
git add .template/values.old
git commit -m "[NS1 Orb Bot] Update image tag on prod environment"
git push origin main