Skip to content

Deploy to DigitalOcean #76

Deploy to DigitalOcean

Deploy to DigitalOcean #76

Workflow file for this run

name: Deploy to DigitalOcean
on:
workflow_run:
workflows: ['Build and Publish Docker Images']
branches: [ develop, master ]
types:
- completed
jobs:
deploy-do:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install doctl
uses: digitalocean/action-doctl@v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
- name: Log in to DigitalOcean Container Registry with short-lived credentials
run: doctl registry login --expiry-seconds 600
- name: Save DigitalOcean kubeconfig with short-lived credentials
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-ever
- name: Write MongoDB Certificate file
run: |
echo "$DB_CA_CERT" | base64 --decode > ${HOME}/ca-certificate.crt
env:
DB_CA_CERT: '${{ secrets.DB_CA_CERT }}'
- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any)
run: |
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.demo.yaml | kubectl --context do-sfo2-k8s-ever apply -f -
env:
DB_URI: '${{ secrets.DB_URI }}'
DB_HOST: '${{ secrets.DB_HOST }}'
DB_USER: '${{ secrets.DB_USER }}'
DB_PASS: '${{ secrets.DB_PASS }}'
DB_NAME: 'ever_demo'
DB_CA_CERT: '${{ secrets.DB_CA_CERT }}'
DB_SSL_MODE: 'true'
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}'
AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
AWS_REGION: '${{ secrets.AWS_REGION }}'
AWS_S3_BUCKET: '${{ secrets.AWS_S3_BUCKET }}'
EXPRESS_SESSION_SECRET: '${{ secrets.EXPRESS_SESSION_SECRET }}'
JWT_SECRET: '${{ secrets.JWT_SECRET }}'
CLOUDINARY_API_KEY: '${{ secrets.CLOUDINARY_API_KEY }}'
CLOUDINARY_API_SECRET: '${{ secrets.CLOUDINARY_API_SECRET }}'
CLOUDINARY_CLOUD_NAME: '${{ secrets.CLOUDINARY_CLOUD_NAME }}'
MAIL_FROM_ADDRESS: '${{ secrets.MAIL_FROM_ADDRESS }}'
MAIL_HOST: '${{ secrets.MAIL_HOST }}'
MAIL_PORT: '${{ secrets.MAIL_PORT }}'
MAIL_USERNAME: '${{ secrets.MAIL_USERNAME }}'
MAIL_PASSWORD: '${{ secrets.MAIL_PASSWORD }}'
ALLOW_SUPER_ADMIN_ROLE: '${{ secrets.ALLOW_SUPER_ADMIN_ROLE }}'
GOOGLE_APP_ID: '${{ secrets.GOOGLE_APP_ID }}'
GOOGLE_APP_SECRET: '${{ secrets.GOOGLE_APP_SECRET }}'
GOOGLE_CALLBACK_URL: '${{ secrets.GOOGLE_CALLBACK_URL }}'
FACEBOOK_APP_ID: '${{ secrets.FACEBOOK_APP_ID }}'
FACEBOOK_APP_SECRET: '${{ secrets.FACEBOOK_APP_SECRET }}'
FACEBOOK_GRAPH_VERSION: '${{ secrets.FACEBOOK_GRAPH_VERSION }}'
FACEBOOK_CALLBACK_URL: '${{ secrets.FACEBOOK_CALLBACK_URL }}'
UNLEASH_APP_NAME: '${{ secrets.UNLEASH_APP_NAME }}'
UNLEASH_API_URL: '${{ secrets.UNLEASH_API_URL }}'
UNLEASH_INSTANCE_ID: '${{ secrets.UNLEASH_INSTANCE_ID }}'
UNLEASH_REFRESH_INTERVAL: '${{ secrets.UNLEASH_REFRESH_INTERVAL }}'
UNLEASH_METRICS_INTERVAL: '${{ secrets.UNLEASH_METRICS_INTERVAL }}'
STRIPE_SECRET_KEY: '${{ secrets.STRIPE_SECRET_KEY }}'
URBAN_AIRSHIP_KEY: '${{ secrets.URBAN_AIRSHIP_KEY }}'
URBAN_AIRSHIP_SECRET: '${{ secrets.URBAN_AIRSHIP_SECRET }}'
KEYMETRICS_MACHINE_NAME: '${{ secrets.KEYMETRICS_MACHINE_NAME }}'
KEYMETRICS_SECRET_KEY: '${{ secrets.KEYMETRICS_SECRET_KEY }}'
KEYMETRICS_PUBLIC_KEY: '${{ secrets.KEYMETRICS_PUBLIC_KEY }}'
ARCGIS_CLIENT_ID: '${{ secrets.ARCGIS_CLIENT_ID }}'
ARCGIS_CLIENT_SECRET: '${{ secrets.ARCGIS_CLIENT_SECRET }}'
ENGINE_API_KEY: '${{ secrets.ENGINE_API_KEY }}'
# we need this step because for now we just use :latest tag
# note: for production we will use different strategy later
- name: Restart Pods to pick up :latest tag version
run: |
kubectl --context do-sfo2-k8s-ever rollout restart deployment/ever-demo-api
kubectl --context do-sfo2-k8s-ever rollout restart deployment/ever-demo-admin
kubectl --context do-sfo2-k8s-ever rollout restart deployment/ever-demo-carrier-mobile-ionic
kubectl --context do-sfo2-k8s-ever rollout restart deployment/ever-demo-shop-mobile-ionic
kubectl --context do-sfo2-k8s-ever rollout restart deployment/ever-demo-merchant-tablet-ionic
kubectl --context do-sfo2-k8s-ever rollout restart deployment/ever-demo-shop-web-angular