Skip to content

Promote

Promote #24

Workflow file for this run

name: Update images in Harbor
on:
push:
branches:
- main
paths:
- 'teleservices/**'
workflow_dispatch:
env:
IMAGE_NAME: teleservices/bookworm
DEBIAN_VERSION: bookworm
jobs:
staging:
runs-on:
group: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Harbor registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.HARBOR_URL }}
username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
- name: Build push image to registry
uses: docker/[email protected]
with:
context: teleservices
file: teleservices/Dockerfile
tags: |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }}
platforms: linux/amd64
pull: true
push: true
target: prod-image
build-args: |
DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}
- name: Build push test image to registry
uses: docker/[email protected]
with:
context: teleservices
file: teleservices/Dockerfile
tags: |
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging
${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }}
platforms: linux/amd64
pull: true
push: true
target: dev-image
build-args: |
DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}
- name: Install curl
run: sudo apt-get update && sudo apt-get install -y curl
- name: Restart staging instances
run: |
curl -k --fail --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" -d "filter=name ts001.staging.imio.be" ${{ secrets.RUNDECK_URL }}/api/18/job/5dca225b-ff0d-4251-8052-2a89a05aa314/run/
- name : Send notification on Mattermost
run: |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
MESSAGE="docker staging image $IMAGE_NAME has been updated on registry and the staging instances have been restarted. [Click here to see job on GitHub]($JOB_URL)"
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name : Send failure notification on Mattermost
if: failure()
run: |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
MESSAGE="Error : docker staging image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)"
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
production:
needs: [staging]
environment:
name: production
timeout-minutes: 2880
runs-on:
group: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Harbor registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.HARBOR_URL }}
username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
- name : Pull staging images
run: |
docker pull ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging
docker pull ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging
- name: Tag prod images
run: |
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }}
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest
docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }}
- name: Push images to registry
run: |
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }}
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest
docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }}
- name: Install curl
run: sudo apt-get update && sudo apt-get install -y curl
- name: Schedule restart of all prod instances
run: |
curl -k --fail -XPOST --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" ${{ secrets.RUNDECK_URL }}/api/18/job/311af116-fedc-4e33-b2a7-99c8651f8e9b/run/
- name : Send notification on Mattermost
run: |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
MESSAGE="docker prod image $IMAGE_NAME has been updated on registry. [Click here to see job on GitHub]($JOB_URL) A reboot of all production instances has been scheduled for tomorrow at 1am. "
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
- name : Send failure notification on Mattermost
if: failure()
run: |
JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
MESSAGE="Error : docker prod image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)"
curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}