Tenzir Platform v1.3 #35
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Create Sovereign Edition containers and also push a new production Cloud Deployment | |
on: | |
release: | |
types: [published] | |
permissions: | |
packages: write | |
contents: write | |
jobs: | |
cloud_deployment: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
submodules: false | |
persist-credentials: false | |
fetch-depth: 0 | |
- name: Generate a token | |
id: generate_token | |
uses: actions/create-github-app-token@v1 | |
with: | |
app-id: ${{ vars.TENZIR_AUTOBUMPER_APP_ID }} | |
private-key: ${{ secrets.TENZIR_AUTOBUMPER_APP_PRIVATE_KEY }} | |
owner: ${{ github.repository_owner }} | |
- name: Deploy tenant-manager | |
env: | |
GH_TOKEN: ${{ steps.generate_token.outputs.token }} | |
run: | | |
# The workflow_dispatch only supports tags or branches as targets, | |
# not direct commit hashes, so we push a branch first. | |
git submodule set-url components/tenant-manager https://x-access-token:[email protected]/tenzir/event-horizon.git/ | |
git submodule update --init components/tenant-manager | |
git -C components/tenant-manager push -f origin HEAD:refs/heads/platform-prod | |
gh workflow -R tenzir/event-horizon run tzcp-deploy-production.yaml \ | |
--ref platform-prod | |
- name: Deploy app | |
env: | |
GH_TOKEN: ${{ steps.generate_token.outputs.token }} | |
run: | | |
git submodule set-url components/app https://x-access-token:[email protected]/tenzir/app.git/ | |
git submodule update --init components/app | |
git -C components/app push -f origin HEAD:refs/heads/platform-prod | |
gh workflow -R tenzir/app run push-to-vercel.yaml \ | |
--ref platform-prod \ | |
-f deploy-production=true | |
attach_release_artifacts: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
submodules: false | |
- name: Create tarball | |
env: | |
VERSION: ${{ github.event.release.tag_name }} | |
run: | | |
# Replace "latest" version in examples | |
sed -i \ | |
"s/^TENZIR_PLATFORM_VERSION=.*$/\TENZIR_PLATFORM_VERSION=${VERSION}/" \ | |
examples/*/env.example | |
# Build deliverable | |
tar cf platform.tar README.md LICENSE examples/ | |
- name: Publish tarball to the GitHub Release | |
if: ${{ github.event_name == 'release' }} | |
uses: actions/upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ github.event.release.upload_url }} | |
asset_path: "platform.tar" | |
asset_name: "platform.tar" | |
asset_content_type: application/x-tar | |
publish_cli: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: cli/ | |
steps: | |
- uses: actions/checkout@v4 | |
name: Check out code | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.10.12 | |
- name: Install poetry | |
run: | | |
python -m pip install poetry==1.8.3 | |
- name: Publish CLI package | |
env: | |
VERSION: ${{ github.event.release.tag_name }} | |
run: | | |
poetry config pypi-token.pypi "${{ secrets.PYPI_TOKEN }}" | |
poetry version ${VERSION} | |
poetry publish --build --no-interaction | |
build_and_push_containers: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
name: Check out code | |
- name: Configure ssh-agent for app submodule | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.TENZIR_APP_DEPLOY_KEY }} | |
- name: Update app submodule | |
run: | | |
git submodule update --init components/app | |
- name: Configure ssh-agent for tenant-manager submodule | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.TENZIR_EVENT_HORIZON_DEPLOY_KEY }} | |
- name: Update tenant-manager submodule | |
run: | | |
git submodule update --init components/tenant-manager | |
- uses: mr-smithers-excellent/docker-build-push@v6 | |
name: Build & push Docker image | |
with: | |
image: tenzir-dex | |
tags: ${{ github.event.release.tag_name }},latest | |
registry: ghcr.io | |
directory: components/dex | |
dockerfile: components/dex/Dockerfile | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: mr-smithers-excellent/docker-build-push@v6 | |
name: Build & push Docker image | |
with: | |
image: tenzir-seaweed | |
tags: ${{ github.event.release.tag_name }},latest | |
registry: ghcr.io | |
directory: components/seaweed | |
dockerfile: components/seaweed/Dockerfile | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: mr-smithers-excellent/docker-build-push@v6 | |
name: Build & push Docker image | |
with: | |
image: platform | |
tags: ${{ github.event.release.tag_name }},latest | |
registry: ghcr.io | |
directory: components/tenant-manager/platform/tenant_manager | |
dockerfile: components/tenant-manager/platform/tenant_manager/Dockerfile | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: mr-smithers-excellent/docker-build-push@v6 | |
name: Build & push Docker image | |
with: | |
image: tenzir-platform | |
tags: ${{ github.event.release.tag_name }},latest | |
registry: ghcr.io | |
directory: cli | |
dockerfile: cli/Dockerfile | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: mr-smithers-excellent/docker-build-push@v6 | |
name: Build & push Docker image | |
with: | |
image: app | |
tags: ${{ github.event.release.tag_name }},latest | |
registry: ghcr.io | |
directory: components/app | |
dockerfile: components/app/Dockerfile | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} |