Promote #29

Workflow file for this run

.github/workflows/publish.yml at 5e0af5b

	name: Update images in Harbor
	on:
	push:
	branches:
	- main
	paths:
	- 'teleservices/**'
	workflow_dispatch:
	env:
	IMAGE_NAME: teleservices/bookworm
	DEBIAN_VERSION: bookworm

	jobs:
	staging:
	environment:
	name: staging
	runs-on:
	group: self-hosted
	steps:
	- name: Checkout
	uses: actions/checkout@v2
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	- name: Install curl and jq
	run: sudo apt-get update && sudo apt-get install -y curl jq
	- name: Login to Harbor registry
	uses: docker/login-action@v3
	with:
	registry: ${{ secrets.HARBOR_URL }}
	username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
	password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
	- name: Build push image to registry
	uses: docker/[email protected]
	with:
	context: teleservices
	file: teleservices/Dockerfile
	tags: \|
	${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging
	${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }}
	platforms: linux/amd64
	pull: true
	push: true
	target: prod-image
	build-args: \|
	DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}
	- name: Build push test image to registry
	uses: docker/[email protected]
	with:
	context: teleservices
	file: teleservices/Dockerfile
	tags: \|
	${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging
	${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }}
	platforms: linux/amd64
	pull: true
	push: true
	target: dev-image
	build-args: \|
	DEBIAN_VERSION=${{ env.DEBIAN_VERSION }}
	- name: Restart staging instances
	run: \|
	curl -k --fail --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" -d "filter=name ts001.staging.imio.be" ${{ secrets.RUNDECK_URL }}/api/18/job/5dca225b-ff0d-4251-8052-2a89a05aa314/run/
	- name: Test staging instance
	timeout-minutes: 5
	run: \|
	echo 'Sleeping 30 seconds to let the staging instance start'
	sleep 30
	until curl -m 2 --output /dev/null --silent --fail '${{ secrets.STAGING_HEALTH_API_URL }}';
	do
	sleep 5
	echo 'Waiting until guichet-citoyen staging instance has started'
	done
	echo 'guichet-citoyen staging instance is up and running'
	until curl -m 2 --output /dev/null --silent --fail '${{ secrets.STAGING_HEALTH_API_URL }}' \| jq '
	.data.passerelle.is_running
	and .data.portal.is_running
	and ".data.portal-agent.is_running"
	and .data.idp.is_running
	and .data.eservices.is_running
	and .data.agenda.is_running
	and .data.statistics.is_running'
	do
	sleep 3
	echo 'Waiting until services are running on guichet-citoyen staging instance'
	done
	echo 'services are running on guichet-citoyen staging instance'
	- name : Send notification on Mattermost
	run: \|
	JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
	MESSAGE="docker staging image $IMAGE_NAME has been updated on registry and the staging instances have been restarted. [Click here to see job on GitHub]($JOB_URL)"
	curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
	- name : Send failure notification on Mattermost
	if: failure()
	run: \|
	JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
	MESSAGE="Error : docker staging image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)"
	curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
	production:
	needs: [staging]
	environment:
	name: production
	timeout-minutes: 2880
	runs-on:
	group: self-hosted
	steps:
	- name: Checkout
	uses: actions/checkout@v2
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	- name: Install curl
	run: sudo apt-get update && sudo apt-get install -y curl
	- name: Login to Harbor registry
	uses: docker/login-action@v3
	with:
	registry: ${{ secrets.HARBOR_URL }}
	username: ${{ secrets.TELESERVICES_HARBOR_USERNAME }}
	password: ${{ secrets.TELESERVICES_HARBOR_PASSWORD }}
	- name : Pull staging images
	run: \|
	docker pull ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }}
	docker pull ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }}
	- name: Tag prod images
	run: \|
	docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:staging-${{ github.run_number }} ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest
	docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }}
	docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:staging-${{ github.run_number }} ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest
	docker tag ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }}
	- name: Push images to registry
	run: \|
	docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest
	docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}:latest-${{ github.run_number }}
	docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest
	docker push ${{ secrets.HARBOR_URL }}/${{ env.IMAGE_NAME }}-test:latest-${{ github.run_number }}
	- name: Schedule restart of all prod instances
	run: \|
	curl -k --fail -XPOST --show-error --header "X-Rundeck-Auth-Token:${{ secrets.TELESERVICES_RUNDECK_TOKEN }}" ${{ secrets.RUNDECK_URL }}/api/18/job/311af116-fedc-4e33-b2a7-99c8651f8e9b/run/
	- name : Send notification on Mattermost
	run: \|
	JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
	MESSAGE="docker prod image $IMAGE_NAME has been updated on registry. [Click here to see job on GitHub]($JOB_URL) A reboot of all production instances has been scheduled for tomorrow at 1am. "
	curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}
	- name : Send failure notification on Mattermost
	if: failure()
	run: \|
	JOB_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
	MESSAGE="Error : docker prod image $IMAGE_NAME has not been updated on registry. [Click here to see job on GitHub]($JOB_URL)"
	curl -i -X POST -H 'Content-Type: application/json' -d "{\"text\": \"$MESSAGE\"}" ${{ secrets.TELESERVICES_MATTERMOST_WEBHOOK_URL }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Promote #29

Workflow file

Promote #29

Jobs

Run details

Workflow file for this run