Promote #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update images in Harbor | |
| on: | |
| schedule: | |
| - cron: '0 5 * * 0' # Weekly on Sundays at 05:00 | |
| workflow_dispatch: | |
| env: | |
| IMAGE_NAME: teleservices/bookworm | |
| DEBIAN_VERSION: bookworm | |
| jobs: | |
| staging: | |
| runs-on: | |
| group: self-hosted | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Login to Harbor registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.HARBOR_URL }} | |
| username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }} | |
| password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }} | |
| - name: Build push image to registry | |
| uses: docker/[email protected] | |
| with: | |
| context: teleservices | |
| file: teleservices/Dockerfile | |
| tags: | | |
| ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging | |
| ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }} | |
| platforms: linux/amd64 | |
| pull: true | |
| push: true | |
| target: prod-image | |
| build-args: | | |
| DEBIAN_VERSION=${{ env.DEBIAN_VERSION }} | |
| - name: Build push test image to registry | |
| uses: docker/[email protected] | |
| with: | |
| context: teleservices | |
| file: teleservices/Dockerfile | |
| tags: | | |
| ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging | |
| ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }} | |
| platforms: linux/amd64 | |
| pull: true | |
| push: true | |
| target: dev-image | |
| build-args: | | |
| DEBIAN_VERSION=${{ env.DEBIAN_VERSION }} | |
| - name: Install curl | |
| run: sudo apt-get update && sudo apt-get install -y curl | |
| - name: Restart staging instance | |
| run: | | |
| curl -k --fail --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" -d "argString=-name staging" -d "filter=name ts001.staging.imio.be" ${{ secrets.RUNDECK_URL }}/api/18/job/94b605f2-ad32-4f9f-977e-37342f6b7d32/run/ | |
| - name : Send notification on Mattermost | |
| run: | | |
| JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" | |
| MESSAGE="docker staging image has been updated on registry and the staging instance has been restarted. [Click here to see job on GitHub]($JOB_URL)" | |
| curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }} | |
| production: | |
| needs: [staging] | |
| environment: | |
| name: production | |
| timeout-minutes: 2880 | |
| runs-on: | |
| group: self-hosted | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Login to Harbor registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.HARBOR_URL }} | |
| username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }} | |
| password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }} | |
| - name: Tag prod images | |
| run: | | |
| docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest | |
| docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }} | |
| docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest | |
| docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }} | |
| - name: Push images to registry | |
| run: | | |
| docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest | |
| docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }} | |
| docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest | |
| docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }} | |
| - name: Install curl | |
| run: sudo apt-get update && sudo apt-get install -y curl | |
| - name: Schedule restart of all prod instances | |
| run: | | |
| curl -k --fail -XPOST --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" ${{ secrets.RUNDECK_URL }}/api/18/job/311af116-fedc-4e33-b2a7-99c8651f8e9b/run/ | |
| - name : Send notification on Mattermost | |
| run: | | |
| JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" | |
| MESSAGE="docker prod image has been updated on registry. [Click here to see job on GitHub]($JOB_URL) A reboot of all production instances has been scheduled for tomorrow at 1am. " | |
| curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }} |