Promote #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update images in Harbor | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- 'teleservices/**' | |
workflow_dispatch: | |
env: | |
IMAGE_NAME: teleservices/bookworm | |
DEBIAN_VERSION: bookworm | |
jobs: | |
staging: | |
runs-on: | |
group: self-hosted | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Login to Harbor registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ secrets.HARBOR_URL }} | |
username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }} | |
password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }} | |
- name: Build push image to registry | |
uses: docker/[email protected] | |
with: | |
context: teleservices | |
file: teleservices/Dockerfile | |
tags: | | |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging | |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }} | |
platforms: linux/amd64 | |
pull: true | |
push: true | |
target: prod-image | |
build-args: | | |
DEBIAN_VERSION=${{ env.DEBIAN_VERSION }} | |
- name: Build push test image to registry | |
uses: docker/[email protected] | |
with: | |
context: teleservices | |
file: teleservices/Dockerfile | |
tags: | | |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging | |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }} | |
platforms: linux/amd64 | |
pull: true | |
push: true | |
target: dev-image | |
build-args: | | |
DEBIAN_VERSION=${{ env.DEBIAN_VERSION }} | |
- name: Install curl | |
run: sudo apt-get update && sudo apt-get install -y curl | |
- name: Restart staging instances | |
run: | | |
curl -k --fail --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" -d "filter=name ts001.staging.imio.be" ${{ secrets.RUNDECK_URL }}/api/18/job/5dca225b-ff0d-4251-8052-2a89a05aa314/run/ | |
- name : Send notification on Mattermost | |
run: | | |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" | |
MESSAGE="docker staging image $IMAGE_NAME has been updated on registry and the staging instances have been restarted. [Click here to see job on GitHub]($JOB_URL)" | |
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }} | |
- name : Send failure notification on Mattermost | |
if: failure() | |
run: | | |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" | |
MESSAGE="Error : docker staging image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)" | |
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }} | |
production: | |
needs: [staging] | |
environment: | |
name: production | |
timeout-minutes: 2880 | |
runs-on: | |
group: self-hosted | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Login to Harbor registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ secrets.HARBOR_URL }} | |
username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }} | |
password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }} | |
- name : Pull staging images | |
run: | | |
docker pull ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging | |
docker pull ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging | |
- name: Tag prod images | |
run: | | |
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest | |
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }} | |
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest | |
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }} | |
- name: Push images to registry | |
run: | | |
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest | |
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }} | |
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest | |
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }} | |
- name: Install curl | |
run: sudo apt-get update && sudo apt-get install -y curl | |
- name: Schedule restart of all prod instances | |
run: | | |
curl -k --fail -XPOST --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" ${{ secrets.RUNDECK_URL }}/api/18/job/311af116-fedc-4e33-b2a7-99c8651f8e9b/run/ | |
- name : Send notification on Mattermost | |
run: | | |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" | |
MESSAGE="docker prod image $IMAGE_NAME has been updated on registry. [Click here to see job on GitHub]($JOB_URL) A reboot of all production instances has been scheduled for tomorrow at 1am. " | |
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }} | |
- name : Send failure notification on Mattermost | |
if: failure() | |
run: | | |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" | |
MESSAGE="Error : docker prod image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)" | |
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }} |