Update deployment submodule to add ansible change #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Lifelike GCP deployment | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| environment_name: | ||
| description: Environment nme (prod, staging, qa or demo) | ||
| required: true | ||
| type: string | ||
| client_config: | ||
| description: Client Runtime configuration preset | ||
| required: true | ||
| default: production | ||
| type: string | ||
| container_registry: | ||
| description: Container registry name | ||
| required: false | ||
| default: ***ARANGO_DB_NAME***.azurecr.io | ||
| type: string | ||
| cloud_sql_instance_name: | ||
| description: Google Cloud SQL instance name | ||
| required: true | ||
| type: string | ||
| cloud_sql_force_backup: | ||
| description: Backup before deploying even if no migrations need to be run | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
| secrets: | ||
| CONTAINER_REGISTRY_USERNAME: | ||
| required: true | ||
| CONTAINER_REGISTRY_PASSWORD: | ||
| required: true | ||
| VAULT_PASSWORD: | ||
| required: true | ||
| SSH_KEY: | ||
| required: true | ||
| GCP_CREDENTIALS: | ||
| required: true | ||
| INFRA_PAT: | ||
| required: true | ||
| jobs: | ||
| # ------------------------------------------------------------- | ||
| # JOB: Build Docker images | ||
| # ------------------------------------------------------------- | ||
| build: | ||
| name: Build | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| include: | ||
| - image: kg-webserver | ||
| path: ./client | ||
| build_extra_args: --build-arg ANGULAR_CONFIG=${{ inputs.client_config }} --build-arg CLIENT_VERSION=${{ github.sha }} | ||
| - image: kg-appserver | ||
| path: ./appserver | ||
| - image: kg-cache-service | ||
| path: ./cache-invalidator | ||
| - image: kg-statistical-enrichment | ||
| path: ./statistical-enrichment | ||
| - image: filebeat | ||
| path: ./filebeat | ||
| - image: metricbeat | ||
| path: ./metricbeat | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: Build and push ${{ matrix.image }} image | ||
| uses: whoan/docker-build-with-cache-action@v5 | ||
| with: | ||
| context: ${{ matrix.path }} | ||
| image_name: ${{ matrix.image }} | ||
| image_tag: ${{ github.sha }},${{ inputs.environment_name }},latest | ||
| build_extra_args: ${{ matrix.build_extra_args }} | ||
| registry: ${{ inputs.container_registry }} | ||
| username: ${{ secrets.CONTAINER_REGISTRY_USERNAME }} | ||
| password: ${{ secrets.CONTAINER_REGISTRY_PASSWORD }} | ||
| dockerfile: ./Dockerfile | ||
| # --------------------------------------------- | ||
| # JOB: Backup DB | ||
| # --------------------------------------------- | ||
| cloud-sql-backup: | ||
| name: Backup Cloud SQL instance | ||
| needs: build | ||
| outputs: | ||
| backup_id: ${{ steps.backup.outputs.backup_id }} | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: Create a new Clod SQL instance backup | ||
| id: backup | ||
| uses: ./.github/actions/cloud-sql-backup | ||
| with: | ||
| gcp_credentials: "${{ secrets.GCP_CREDENTIALS }}" | ||
| cloud_sql_instance_name: "${{ inputs.cloud_sql_instance_name }}" | ||
| backup_description: "Automated backup from GitHub workflow. Run ID: ${{ github.run_id }}" | ||
| # ------------------------------------------------------------- | ||
| # JOB: Deploy to GCP environment using Ansible playbook | ||
| # pointed by the Git submodule: /deployment | ||
| # ------------------------------------------------------------- | ||
| deploy: | ||
| name: Deploy | ||
| needs: | ||
| - build | ||
| - cloud-sql-backup | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| token: ${{ secrets.INFRA_PAT }} | ||
| submodules: recursive | ||
| - name: Set git metadata | ||
| id: git-meta | ||
| run: | | ||
| echo ::set-output name=commit_timestamp::$(git log -1 --format=%cI) | ||
| echo ::set-output name=build_number::$(git rev-list --count HEAD) | ||
| echo ::set-output name=build_version::$(echo "${GITHUB_REF#refs/*/}") | ||
| - name: Authenticate to GCP | ||
| id: auth | ||
| uses: google-github-actions/auth@v0 | ||
| with: | ||
| credentials_json: "${{ secrets.GCP_CREDENTIALS }}" | ||
| - uses: google-github-actions/setup-gcloud@v0 | ||
| - name: Get Cloud SQL instance private IP address | ||
| id: database-host | ||
| run: | | ||
| echo ::set-output name=ip_address::$( \ | ||
| gcloud sql instances describe --format=json \ | ||
| ${{ inputs.cloud_sql_instance_name }} \ | ||
| | jq -r '.ipAddresses[] | select(.type == "PRIVATE").ipAddress') | ||
| - name: Run Ansible deployment action | ||
| uses: ./.github/actions/ansible | ||
| with: | ||
| workspace_dir: deployment/ansible | ||
| playbook_file_path: playbooks/deploy-gcloud.yml | ||
| inventory_file_path: inventories/hosts.yml | ||
| vault_password: ${{ secrets.VAULT_PASSWORD }} | ||
| ssh_key: ${{ secrets.SSH_KEY }} | ||
| options: | | ||
| --extra-vars environment_name=${{ inputs.environment_name }} | ||
| --extra-vars client_config=${{ inputs.client_config }} | ||
| --extra-vars docker_img_hash=${{ github.sha }} | ||
| --extra-vars git_timestamp=${{ steps.git-meta.outputs.commit_timestamp }} | ||
| --extra-vars app_build_number=${{ steps.git-meta.outputs.build_number }} | ||
| --extra-vars app_version=${{ steps.git-meta.outputs.build_version }} | ||
| --extra-vars github_run_id=${{ github.run_id }} | ||
| --extra-vars postgres_host=${{ steps.database-host.outputs.ip_address }} | ||
| --user ansible | ||
| --verbose | ||
