103 lines
3.9 KiB
YAML
103 lines
3.9 KiB
YAML
name: Build & Deploy to K3s
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
|
|
env:
|
|
REGISTRY: git.arthurbarre.fr
|
|
BACKEND_IMAGE: git.arthurbarre.fr/ordinarthur/freedge-backend
|
|
FRONTEND_IMAGE: git.arthurbarre.fr/ordinarthur/freedge-frontend
|
|
REGISTRY_USER: ordinarthur
|
|
|
|
jobs:
|
|
build-and-deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Login to Gitea Container Registry
|
|
run: |
|
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
|
docker login ${{ env.REGISTRY }} -u ${{ env.REGISTRY_USER }} --password-stdin
|
|
|
|
- name: Build backend image
|
|
run: |
|
|
docker build \
|
|
-t ${{ env.BACKEND_IMAGE }}:${{ github.sha }} \
|
|
-t ${{ env.BACKEND_IMAGE }}:latest \
|
|
./backend
|
|
|
|
- name: Build frontend image
|
|
run: |
|
|
docker build \
|
|
--build-arg VITE_API_BASE_URL=https://freedge.app/api \
|
|
--build-arg VITE_GOOGLE_CLIENT_ID=173866668387-i18igc0e1avqtsaqq6nig898bv6pvuk6.apps.googleusercontent.com \
|
|
-t ${{ env.FRONTEND_IMAGE }}:${{ github.sha }} \
|
|
-t ${{ env.FRONTEND_IMAGE }}:latest \
|
|
./frontend
|
|
|
|
- name: Push backend image
|
|
run: |
|
|
docker push ${{ env.BACKEND_IMAGE }}:${{ github.sha }}
|
|
docker push ${{ env.BACKEND_IMAGE }}:latest
|
|
|
|
- name: Push frontend image
|
|
run: |
|
|
docker push ${{ env.FRONTEND_IMAGE }}:${{ github.sha }}
|
|
docker push ${{ env.FRONTEND_IMAGE }}:latest
|
|
|
|
- name: Install kubectl
|
|
run: |
|
|
curl -LO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
|
chmod +x kubectl
|
|
mv kubectl /usr/local/bin/kubectl
|
|
|
|
- name: Configure kubeconfig
|
|
run: |
|
|
mkdir -p ~/.kube
|
|
echo "${{ secrets.KUBECONFIG }}" | base64 -d > ~/.kube/config
|
|
|
|
- name: Apply namespace and shared resources
|
|
run: |
|
|
kubectl apply -f k8s/namespace.yml
|
|
kubectl apply -f k8s/configmap.yml
|
|
kubectl apply -f k8s/pvc.yml
|
|
kubectl apply -f k8s/service.yml
|
|
|
|
- name: Create image pull secret
|
|
run: |
|
|
kubectl -n freedge create secret docker-registry gitea-registry-secret \
|
|
--docker-server=${{ env.REGISTRY }} \
|
|
--docker-username=${{ env.REGISTRY_USER }} \
|
|
--docker-password="${{ secrets.REGISTRY_PASSWORD }}" \
|
|
--dry-run=client -o yaml | kubectl apply -f -
|
|
|
|
- name: Create app secrets
|
|
run: |
|
|
kubectl -n freedge create secret generic freedge-secrets \
|
|
--from-literal=DATABASE_URL="${{ secrets.DATABASE_URL }}" \
|
|
--from-literal=JWT_SECRET="${{ secrets.JWT_SECRET }}" \
|
|
--from-literal=OPENAI_API_KEY="${{ secrets.OPENAI_API_KEY }}" \
|
|
--from-literal=STRIPE_SECRET_KEY="${{ secrets.STRIPE_SECRET_KEY }}" \
|
|
--from-literal=STRIPE_WEBHOOK_SECRET="${{ secrets.STRIPE_WEBHOOK_SECRET }}" \
|
|
--from-literal=STRIPE_PRICE_ID_ESSENTIAL="${{ secrets.STRIPE_PRICE_ID_ESSENTIAL }}" \
|
|
--from-literal=STRIPE_PRICE_ID_PREMIUM="${{ secrets.STRIPE_PRICE_ID_PREMIUM }}" \
|
|
--dry-run=client -o yaml | kubectl apply -f -
|
|
|
|
- name: Deploy workloads
|
|
run: |
|
|
kubectl apply -f k8s/deployment.yml
|
|
kubectl -n freedge set image deployment/freedge-backend \
|
|
freedge-backend=${{ env.BACKEND_IMAGE }}:${{ github.sha }}
|
|
kubectl -n freedge set image deployment/freedge-frontend \
|
|
freedge-frontend=${{ env.FRONTEND_IMAGE }}:${{ github.sha }}
|
|
kubectl -n freedge rollout status deployment/freedge-backend --timeout=180s
|
|
kubectl -n freedge rollout status deployment/freedge-frontend --timeout=180s
|
|
kubectl -n freedge rollout status deployment/freedge-proxy --timeout=180s
|
|
|
|
- name: Cleanup old images
|
|
run: |
|
|
docker image prune -f
|