Merge pull request #244 from serguun42/implement-keycloak #159
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build on push to master | |
on: | |
push: | |
branches: | |
- master | |
workflow_dispatch: | |
jobs: | |
configure: | |
name: Configure | |
runs-on: self-hosted | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Copy configs | |
env: | |
CONFIGS_LOCATION_BASE: ${{ secrets.CONFIGS_LOCATION_BASE }} | |
run: | | |
cp $CONFIGS_LOCATION_BASE/notifier-and-logger.config.json ./notifier/; | |
cp $CONFIGS_LOCATION_BASE/scrapper.config.json ./scrapper/; | |
cp $CONFIGS_LOCATION_BASE/backend.config.json ./backend/; | |
cp $CONFIGS_LOCATION_BASE/healthcheck.config.json ./healthcheck/; | |
cp $CONFIGS_LOCATION_BASE/telegram-bot.config.json ./telegram/ | |
[[ -f $CONFIGS_LOCATION_BASE/tag-manager.html ]] && | |
cp $CONFIGS_LOCATION_BASE/tag-manager.html ./frontend/src/config/tag-manager.html || | |
echo "" > ./frontend/src/config/tag-manager.html; | |
[[ -f $CONFIGS_LOCATION_BASE/apps-links.json ]] && | |
cp $CONFIGS_LOCATION_BASE/apps-links.json ./frontend/src/config/apps-links.json || | |
echo "[]" > ./frontend/src/config/apps-links.json; | |
[[ -d $CONFIGS_LOCATION_BASE/platforms/ ]] && | |
cp -r $CONFIGS_LOCATION_BASE/platforms ./frontend/public/img/ | |
build: | |
name: Local Docker build | |
runs-on: self-hosted | |
needs: configure | |
steps: | |
- name: Build Docker images | |
env: | |
CONFIGS_LOCATION_BASE: ${{ secrets.CONFIGS_LOCATION_BASE }} | |
run: docker compose -f docker-compose.yml --env-file $CONFIGS_LOCATION_BASE/docker.env build --no-cache | |
testing: | |
name: Unit and integration tests | |
runs-on: self-hosted | |
needs: configure | |
steps: | |
- name: Build & test Docker images | |
env: | |
CONFIGS_LOCATION_BASE: ${{ secrets.CONFIGS_LOCATION_BASE }} | |
run: docker compose -f docker-compose.testing.yml --env-file $CONFIGS_LOCATION_BASE/docker.env build --no-cache | |
deploy: | |
name: Local Docker deploy | |
runs-on: self-hosted | |
needs: | |
- build | |
- testing | |
steps: | |
- name: Deploy Docker images | |
env: | |
CONFIGS_LOCATION_BASE: ${{ secrets.CONFIGS_LOCATION_BASE }} | |
run: docker compose -f docker-compose.yml --env-file $CONFIGS_LOCATION_BASE/docker.env up -d --force-recreate --no-deps | |
docker-hub: | |
name: Push to Docker Hub | |
runs-on: self-hosted | |
env: | |
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} | |
DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
needs: | |
- build | |
- testing | |
steps: | |
- name: Retag container | |
run: docker tag mss-backend:latest $DOCKER_HUB_USERNAME/mss-backend:latest | |
- name: Log into Docker Hub | |
run: | | |
echo "$DOCKER_HUB_ACCESS_TOKEN" | docker login --username "$DOCKER_HUB_USERNAME" --password-stdin | |
- name: Push to Docker Hub | |
run: docker push $DOCKER_HUB_USERNAME/mss-backend:latest | |
- name: Docker logout | |
run: docker logout | |
yandex-cloud: | |
name: Yandex Cloud build & deploy | |
runs-on: self-hosted | |
env: | |
YANDEX_CLOUD_REGISTRY_ID: ${{ secrets.YANDEX_CLOUD_REGISTRY_ID }} | |
YANDEX_CLOUD_IMAGE_NAME: ${{ secrets.YANDEX_CLOUD_IMAGE_NAME }} | |
CONFIGS_LOCATION_BASE: ${{ secrets.CONFIGS_LOCATION_BASE }} | |
YANDEX_CLOUD_JSON_KEYS_FILENAME: ${{ secrets.YANDEX_CLOUD_JSON_KEYS_FILENAME }} | |
needs: | |
- build | |
- testing | |
- docker-hub | |
steps: | |
- name: Build Docker image | |
run: cd healthcheck && docker build . -t cr.yandex/$YANDEX_CLOUD_REGISTRY_ID/$YANDEX_CLOUD_IMAGE_NAME:latest | |
- name: Log into Yandex Cloud | |
run: | | |
cat $CONFIGS_LOCATION_BASE/$YANDEX_CLOUD_JSON_KEYS_FILENAME | docker login --username json_key --password-stdin cr.yandex | |
- name: Push to Yandex Cloud | |
run: | | |
docker push cr.yandex/$YANDEX_CLOUD_REGISTRY_ID/$YANDEX_CLOUD_IMAGE_NAME:latest | |
- name: Deploy serverless container | |
uses: yc-actions/yc-sls-container-deploy@v2 | |
with: | |
yc-sa-json-credentials: ${{ secrets.YANDEX_CLOUD_JSON_KEYS }} | |
container-name: ${{ secrets.YANDEX_CLOUD_IMAGE_NAME }} | |
folder-id: ${{ secrets.YANDEX_CLOUD_FOLDER_ID }} | |
revision-service-account-id: ${{ secrets.YANDEX_CLOUD_SERVICE_ACCOUNT_ID }} | |
revision-image-url: cr.yandex/${{ secrets.YANDEX_CLOUD_REGISTRY_ID }}/${{ secrets.YANDEX_CLOUD_IMAGE_NAME }}:latest | |
revision-cores: 1 | |
revision-memory: 256Mb | |
revision-env: | | |
CHECKING_ORIGIN=https://mirea.xyz | |
API_VERSION=1.3 | |
- name: Docker logout | |
run: docker logout | |
clean: | |
name: Clean unused images | |
runs-on: self-hosted | |
needs: | |
- deploy | |
- yandex-cloud | |
steps: | |
- name: Clean local images | |
run: | | |
DANGLING_IMAGES=$(docker images -qf "dangling=true"); | |
[[ ! -z "$DANGLING_IMAGES" ]] && docker rmi $DANGLING_IMAGES || echo "No dangling images" | |
- name: Clean testing images | |
run: | | |
TESTING_IMAGES=$(docker images -qf "reference=mss-*:testing"); | |
[[ ! -z "$TESTING_IMAGES" ]] && docker rmi $TESTING_IMAGES || echo "No testing images" | |
notify: | |
name: Logging | |
runs-on: self-hosted | |
needs: | |
- deploy | |
- yandex-cloud | |
steps: | |
- name: Send logs via notifier | |
env: | |
CONFIGS_LOCATION_BASE: ${{ secrets.CONFIGS_LOCATION_BASE }} | |
run: | | |
source $CONFIGS_LOCATION_BASE/docker.env; | |
curl http://127.0.0.1:$NOTIFIER_PUBLISH_PORT -d "{\"error\":false,\"args\":[\"Done merge into master, initiator – $GITHUB_ACTOR\"],\"tag\":\"ci\"}" || | |
echo "Done merge into master, initiator – $GITHUB_ACTOR" |