Refactor chrome options #77

Workflow file for this run

.github/workflows/juridical-worker-deploy.yaml at d51edb9

	name: juridical-worker-deploy

	on:
	workflow_dispatch:

	pull_request:
	branches:
	- main
	paths-ignore:
	- "**/README.md"
	push:
	branches:
	- main
	paths-ignore:
	- "**/README.md"

	env:
	DOTNET_VERSION: 7.0.x
	LEGAL_PROCESS_IMAGE: juridical-legal-process-worker
	MESSAGE_IMAGE: juridical-message-worker
	IMAGE_ID: $GITHUB_RUN_ATTEMPT
	GKE_CLUSTER: juridical-cluster
	GKE_ZONE: us-east1-b
	K8S_NAMESPACE: juridical
	K8S_LEGAL_PROCESS_SECRET: juridical-legal-process-secret
	K8S_MESSAGE_SECRET: juridical-message-secret

	TERRAFORM_CREDENTIALS: ${{ secrets.TERRAFORM_CREDENTIALS }}
	WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
	JURIDICAL_SERVICE_ACCOUNT: ${{ secrets.JURIDICAL_SERVICE_ACCOUNT }}
	PROJECT_ID: ${{ secrets.PROJECT_ID }}

	K8S_LEGAL_PROCESS_USER: ${{ secrets.K8S_LEGAL_PROCESS_USER }}
	K8S_LEGAL_PROCESS_PASSWORD: ${{ secrets.K8S_LEGAL_PROCESS_PASSWORD }}
	K8S_MESSAGE_SERVICE_API_TOKEN: ${{ secrets.K8S_MESSAGE_SERVICE_API_TOKEN }}
	K8S_MESSAGE_SERVICE_FROM: ${{ secrets.K8S_MESSAGE_SERVICE_FROM }}
	K8S_MESSAGE_SERVICE_TO: ${{ secrets.K8S_MESSAGE_SERVICE_TO }}

	jobs:
	build:
	name: Build
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- name: Setup
	uses: actions/setup-dotnet@v2
	with:
	dotnet-version: ${{ env.DOTNET_VERSION }}

	- name: Restore dependencies
	run: dotnet restore

	- name: Build
	run: dotnet build --no-restore

	terraform:
	name: Terraform
	runs-on: ubuntu-latest

	needs: [build]
	if: ${{ github.event_name == 'workflow_dispatch' \|\| github.event_name == 'push' }}

	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- name: Setup
	uses: hashicorp/setup-terraform@v2

	- name: Init
	working-directory: infra
	run: terraform init
	env:
	GOOGLE_CREDENTIALS: ${{ env.TERRAFORM_CREDENTIALS }}

	- name: Validate
	working-directory: infra
	run: terraform validate
	env:
	GOOGLE_CREDENTIALS: ${{ env.TERRAFORM_CREDENTIALS }}

	- name: Apply
	working-directory: infra
	run: \|-
	terraform apply \
	-var="project_id=${{ env.PROJECT_ID }}" \
	-var="service_account=${{ env.JURIDICAL_SERVICE_ACCOUNT }}" \
	-auto-approve
	env:
	GOOGLE_CREDENTIALS: ${{ env.TERRAFORM_CREDENTIALS }}

	artifact-deploy:
	name: Artifact Registry Deploy
	runs-on: ubuntu-latest

	needs: [terraform]
	if: ${{ github.event_name == 'workflow_dispatch' \|\| github.event_name == 'push' }}

	permissions:
	contents: "read"
	id-token: "write"

	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- id: "auth"
	name: Authenticate to Google Cloud
	uses: google-github-actions/auth@v0
	with:
	workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
	service_account: ${{ env.JURIDICAL_SERVICE_ACCOUNT }}

	- name: Set up Cloud SDK
	uses: google-github-actions/setup-gcloud@v0

	- name: Docker configuration
	run: \|-
	gcloud auth configure-docker us-east1-docker.pkg.dev --quiet

	- name: Docker build - ${{ env.LEGAL_PROCESS_IMAGE }}
	run: \|-
	docker build \
	-f ./src/Juridical.LegalProcess.Worker/Dockerfile \
	-t "us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$LEGAL_PROCESS_IMAGE:$GITHUB_SHA-${{ env.IMAGE_ID }}" \
	-t "us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$LEGAL_PROCESS_IMAGE:latest" \
	./src/

	- name: Docker build - ${{ env.MESSAGE_IMAGE }}
	run: \|-
	docker build \
	-f ./src/Juridical.Message.Worker/Dockerfile \
	-t "us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$MESSAGE_IMAGE:$GITHUB_SHA-${{ env.IMAGE_ID }}" \
	-t "us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$MESSAGE_IMAGE:latest" \
	./src/

	- name: Docker publish
	run: \|-
	docker push --all-tags "us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$LEGAL_PROCESS_IMAGE" && \
	docker push --all-tags "us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$MESSAGE_IMAGE"

	gke-deploy:
	name: GKE Deploy
	runs-on: ubuntu-latest

	needs: [artifact-deploy]
	if: ${{ github.event_name == 'workflow_dispatch' \|\| github.event_name == 'push' }}

	permissions:
	contents: "read"
	id-token: "write"

	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- id: "auth"
	name: Authenticate to Google Cloud
	uses: google-github-actions/auth@v0
	with:
	workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }}
	service_account: ${{ env.JURIDICAL_SERVICE_ACCOUNT }}

	- id: "get-credentials"
	name: Authenticate to GKE
	uses: google-github-actions/get-gke-credentials@v0
	with:
	cluster_name: ${{ env.GKE_CLUSTER }}
	location: ${{ env.GKE_ZONE }}

	- name: Create juridical namespace
	run: \|-
	kubectl apply -f k8s/namespaces/juridical-namespace.yaml

	- name: Create juridical config maps
	run: \|-
	kubectl apply -f k8s/configs/juridical-legal-process-worker-config-map.yaml && \
	kubectl apply -f k8s/configs/juridical-message-worker-config-map.yaml

	- name: Delete k8s secrets
	run: \|-
	kubectl delete secret ${{ env.K8S_LEGAL_PROCESS_SECRET }} -n ${{ env.K8S_NAMESPACE }} --ignore-not-found && \
	kubectl delete secret ${{ env.K8S_MESSAGE_SECRET }} -n ${{ env.K8S_NAMESPACE }} --ignore-not-found

	- name: Create k8s secret - ${{ env.K8S_LEGAL_PROCESS_SECRET }}
	run: \|-
	kubectl create secret generic ${{ env.K8S_LEGAL_PROCESS_SECRET }} -n ${{ env.K8S_NAMESPACE }} \
	--from-literal=PROJECT_ID='${{ env.PROJECT_ID }}' \
	--from-literal=LEGAL_PROCESS_USER='${{ env.K8S_LEGAL_PROCESS_USER }}' \
	--from-literal=LEGAL_PROCESS_PASSWORD='${{ env.K8S_LEGAL_PROCESS_PASSWORD }}'

	- name: Create k8s secrets - ${{ env.K8S_MESSAGE_SECRET }}
	run: \|-
	kubectl create secret generic ${{ env.K8S_MESSAGE_SECRET }} -n ${{ env.K8S_NAMESPACE }} \
	--from-literal=PROJECT_ID='${{ env.PROJECT_ID }}' \
	--from-literal=MESSAGE_SERVICE_API_TOKEN='${{ env.K8S_MESSAGE_SERVICE_API_TOKEN }}' \
	--from-literal=MESSAGE_SERVICE_FROM='${{ env.K8S_MESSAGE_SERVICE_FROM }}' \
	--from-literal=MESSAGE_SERVICE_TO='${{ env.K8S_MESSAGE_SERVICE_TO }}'

	- name: Set up Kustomize
	run: \|-
	curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64
	chmod u+x ./kustomize

	- name: Deploy k8s
	run: \|-
	./kustomize edit set image us-east1-docker.pkg.dev/LEGAL_PROCESS_IMAGE:TAG=us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$LEGAL_PROCESS_IMAGE:$GITHUB_SHA-${{ env.IMAGE_ID }}
	./kustomize edit set image us-east1-docker.pkg.dev/MESSAGE_IMAGE:TAG=us-east1-docker.pkg.dev/$PROJECT_ID/juridical/$MESSAGE_IMAGE:$GITHUB_SHA-${{ env.IMAGE_ID }}
	./kustomize build . \| kubectl apply -f -
	kubectl rollout status deployment juridical-legal-process-worker -n ${{ env.K8S_NAMESPACE }}
	kubectl rollout status deployment juridical-message-worker -n ${{ env.K8S_NAMESPACE }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Refactor chrome options #77

Workflow file

Refactor chrome options #77

Jobs

Run details

Workflow file for this run