From d27299c0e6a473880e3279265be2e2ca7736c45b Mon Sep 17 00:00:00 2001 From: maximo tejeda Date: Wed, 18 Dec 2024 11:27:24 -0400 Subject: [PATCH] ADD workflow --- .github/workflows/image_creation.yml | 107 +++++++++++++++++++++++++++ .github/workflows/test_project.yml | 65 ++++++++++++++++ 2 files changed, 172 insertions(+) create mode 100644 .github/workflows/image_creation.yml create mode 100644 .github/workflows/test_project.yml diff --git a/.github/workflows/image_creation.yml b/.github/workflows/image_creation.yml new file mode 100644 index 0000000..77ce264 --- /dev/null +++ b/.github/workflows/image_creation.yml @@ -0,0 +1,107 @@ +name: ${{ github.actor }} executed Build Push Prod +on: + push: + tags: + - 'v[0-9]+\.[0-9]+\.[0-9]+' +jobs: + build: + runs-on: ubuntu-latest + env: + TOKEN: ${{ secrets.TOKEN }} + USERNAME: ${{ vars.USERNAME }} + TAG_VERSION: ${{ github.ref_name }} + steps: + - name: echo repo dir + id: repo-url + run: | + echo "repourl=$(echo ${{ github.server_url }} | sed -e 's;https://;;')" >> $GITHUB_OUTPUT + + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Quemu + uses: docker/setup-qemu-action@v3 + + - name: Set Up BuildX + uses: docker/setup-buildx-action@v3 + + - name: Login to Docker + uses: docker/login-action@v3 + with: + registry: https://git.maximotejeda.com + username: ${{ vars.USERNAME }} + password: ${{ secrets.PWD }} + + - name: calculate short sha + id: calculate-sha + run: | + echo "shortsha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: "${{ steps.repo-url.outputs.repourl }}/${{ github.repository }}:${{ github.ref_name }}" + build-args: | + version=${{ github.ref_name }} + SHORTSHA=${{ steps.calculate-sha.outputs.shortsha }} + + deploy: + runs-on: ubuntu-latest + needs: build + env: + TOKEN: ${{ secrets.TOKEN }} + BOT_TOKEN: ${{ secrets.BOT_TOKEN }} + ADMINS: ${{ secrets.ADMINS }} + TAG: ${{ github.ref_name }} + PASSWORD: ${{ secrets.PWD }} + USERNAME: ${{ vars.USERNAME }} + TAG_VERSION: ${{ github.ref_name }} + NATS_SERVICE_URL: "${{ vars.NATS_SERVICE_URL }}" + DOLLAR_SERVICE_URL: "${{ vars.DOLLAR_SERVICE_URL }}" + TGBUSER_SERVICE_URL: "${{ vars.TGBUSER_SERVICE_URL }}" + ENV: "${{ vars.ENV }}" + steps: + - name: echo repo dir + id: repo-url + run: | + echo "repourl=$(echo ${{ github.server_url }} | sed -e 's;https://;;')" >> $GITHUB_OUTPUT + echo "repoName=$(echo ${{ github.repository }} | sed -e 's;${{ github.actor }}/;;')" >> $GITHUB_OUTPUT + echo "${{ github.repository }} | sed -e 's;${{ github.actor }}/;;')" + - name: Checkout code + uses: actions/checkout@v4 + + - name: install envsubst + run: | + apt update + apt install -y gettext-base + apt clean + + - name: create deployment files + env: + IMAGE: "${{ steps.repo-url.outputs.repourl }}/${{ github.repository }}:${{ github.ref_name }}" + REPONAME: "${{ steps.repo-url.outputs.repoName }}" + run: | + envsubst < k8s/deployment.yml.template > k8s/deployment.yml + - name: Download kubectl + run: curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + + - name: install kubectl + run: sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl + + - name: insert kube config + run: | + mkdir ~/.kube + export IMAGE="$( echo ${{ github.server_url }} | sed -e 's;https://;;')/${{ github.repository }}:${{ github.ref_name }}" + echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config + - name: check pod + run: kubectl apply -f k8s/deployment.yml + + - name: scale down deployment + continue-on-error: true + run: kubectl scale deployment ${{ steps.repo-url.outputs.repoName }} --replicas=0 + + - name: scale up deployment + run: kubectl scale deployment ${{ steps.repo-url.outputs.repoName }} --replicas=1 diff --git a/.github/workflows/test_project.yml b/.github/workflows/test_project.yml new file mode 100644 index 0000000..a26dd48 --- /dev/null +++ b/.github/workflows/test_project.yml @@ -0,0 +1,65 @@ +name: "dev test" +on: + push: + branches: + - master + - dev + - 'feature/**' + paths: + - '**.go' + - '**.yml' + - '**.yaml' +jobs: + test: + runs-on: ubuntu-latest + env: + TOKEN: ${{ secrets.TOKEN }} + USERNAME: ${{ vars.USERNAME }} + TAG_VERSION: ${{ github.ref_name }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - name: test with go + run: go test -v ./... + + vulnCheck: + runs-on: ubuntu-latest + needs: test + env: + TOKEN: ${{ secrets.TOKEN }} + USERNAME: ${{ vars.USERNAME }} + TAG_VERSION: ${{ github.ref_name }} + steps: + - name: checkout Code + uses: actions/checkout@v4 + + - name: go vuln check + uses: golang/govulncheck-action@v1 + with: + go-version-file: 'go.mod' + go-package: ./... + + Ci-Lint: + runs-on: ubuntu-latest + needs: vulnCheck + env: + TOKEN: ${{ secrets.TOKEN }} + USERNAME: ${{ vars.USERNAME }} + TAG_VERSION: ${{ github.ref_name }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - name: CI lint Check + uses: golangci/golangci-lint-action@v6 + with: + only-new-issues: true