Merge pull request #64 from CodeForPhilly/releases/k8s-manifests #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'K8s: Deploy k8s-manifests' | |
| on: | |
| push: | |
| branches: [ deploys/k8s-manifests ] | |
| env: | |
| BRANCH_RELEASE: releases/k8s-manifests | |
| BRANCH_DEPLOY: deploys/k8s-manifests | |
| jobs: | |
| k8s-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ env.BRANCH_DEPLOY }} | |
| fetch-depth: 2 # need parent commit to detect deletions | |
| - name: Configure .kube/config | |
| run: | | |
| test -e ~/.kube || mkdir ~/.kube | |
| echo "${{ secrets.KUBECONFIG_BASE64 }}" | base64 -d > ~/.kube/config | |
| # initialize empty log of kube operations | |
| echo -n '' > /tmp/kube.log | |
| - name: 'Apply manifests: CRD resources' | |
| run: | | |
| if [ -d ./_/CustomResourceDefinition ]; then | |
| kubectl apply -Rf ./_/CustomResourceDefinition | tee -a /tmp/kube.log | |
| fi | |
| - name: 'Apply manifests: non-CRD global resources' | |
| run: | | |
| if [ -d ./_ ]; then | |
| ( | |
| find _ \ | |
| -maxdepth 1 \ | |
| -mindepth 1 \ | |
| -type d \ | |
| -not -name 'CustomResourceDefinition' \ | |
| -print0 \ | |
| | sort -z \ | |
| | xargs -r0 -n 1 kubectl apply -Rf | |
| ) | tee -a /tmp/kube.log | |
| fi | |
| - name: 'Apply manifests: namespaced resources' | |
| run: | | |
| ( | |
| find . \ | |
| -maxdepth 1 \ | |
| -type d \ | |
| -not -name '_' \ | |
| -not -name '.*' \ | |
| -print0 \ | |
| | sort -z \ | |
| | xargs -r0 -n 1 kubectl apply -Rf | |
| ) | tee -a /tmp/kube.log | |
| - name: 'Apply manifests: generated regcred secrets' | |
| run: | | |
| # apply a copy of regcred secret for every deployed namespace | |
| while IFS= read -r namespace; do | |
| namespace="$(basename "${namespace}")" | |
| cat <<EOF | kubectl apply -f - | tee -a /tmp/kube.log | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: regcred | |
| namespace: ${namespace} | |
| type: kubernetes.io/dockerconfigjson | |
| data: | |
| .dockerconfigjson: ${{ secrets.DOCKER_CONFIG_BASE64 }} | |
| EOF | |
| done <<< "$(find . -maxdepth 1 -type d -not -name '_' -not -name '.*')" | |
| - name: 'Apply manifests: deleted resources' | |
| run: | | |
| for manifest_path in $(git diff-tree --name-only --diff-filter=D -r HEAD^ HEAD); do | |
| manifest_path="${manifest_path%.yaml}" | |
| namespace="${manifest_path%%/*}" | |
| kind_name="${manifest_path#*/}" | |
| kind="${kind_name%%/*}" | |
| name="${kind_name##*/}" | |
| if [ "${namespace}" == "_" ]; then | |
| kubectl delete $kind $name | tee -a /tmp/kube.log | |
| else | |
| kubectl -n $namespace delete $kind $name | tee -a /tmp/kube.log | |
| fi | |
| done | |
| - name: Add comment to PR | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| ## build comment body | |
| echo | |
| echo "Builing coment body content..." | |
| comment_body="$(cat <<EOF | |
| \`kubectl apply\` output (excluding unchanged) for $(git describe --always --tag) was: | |
| \`\`\` | |
| $(cat /tmp/kube.log | grep -v ' unchanged$') | |
| \`\`\` | |
| EOF | |
| )" | |
| ## get most recent merged PR | |
| echo | |
| echo "Looking for most recent merged PR for branch ${BRANCH_RELEASE}..." | |
| pr_number=$( | |
| gh pr list \ | |
| --head "${BRANCH_RELEASE}" \ | |
| --base "${BRANCH_DEPLOY}" \ | |
| --state merged \ | |
| --limit 1 \ | |
| --json number \ | |
| --jq '.[0].number' | |
| ) | |
| ## post comment | |
| if [ -n "${pr_number}" ]; then | |
| echo | |
| echo "Adding comment to PR #${pr_number}..." | |
| gh pr comment "${pr_number}" \ | |
| --body "${comment_body}" | |
| fi | |
| # - uses: mxschmitt/action-tmate@v3 | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |