This action creates a docker container with kubectl and aws cli available for AWS EKS deployments. Multiple commands can be issued using args
See muffin.yml
on: push
name: Deploy
jobs:
deploy:
name: Deploy to Kubernetes
runs-on: ubuntu-latest
steps:
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@0.4.1
with:
access_token: ${{ github.token }}
- name: Checkout
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to AWS ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Deploy to EKS Cluster
uses: thatsnotamuffin/muffin-aws-kubectl@v1
env:
ECR_REPOSITORY: muffin-app
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
RELEASE_IMAGE: ${{ github.sha }}
KUBECTL_VERSION: "v1.21.0" # <-- Not required
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG_DATA }} # <-- Required
with:
args: |
kubectl set image deployment/muffin-app muffin-app=$ECR_REGISTRY/$ECR_REPOSITORY:$RELEASE_IMAGEMultiple commands can be issued under the args
on: push
name: Deploy
jobs:
deploy:
name: Deploy to Kubernetes
runs-on: ubuntu-latest
steps:
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@0.4.1
with:
access_token: ${{ github.token }}
- name: Checkout
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to AWS ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Deploy to EKS Cluster
uses: thatsnotamuffin/muffin-aws-kubectl@v1
env:
ECR_REPOSITORY: muffin-app
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
RELEASE_IMAGE: ${{ github.sha }}
KUBECTL_VERSION: "v1.21.0" # <-- Not required
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG_DATA }} # <-- Required
with:
args: |
kubectl set image deployment/muffin-app muffin-app=$ECR_REGISTRY/$ECR_REPOSITORY:$RELEASE_IMAGE
kubectl rollout status deployment/muffin-appKUBE_CONFIG - IS required: This is a base64 encoded kubeconfig file with credentials for Kubernetes cluster access. You need a kubeconfig file with the following format:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data:
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eXh6YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJjZGVmZ2hpamtsbW5vcHFyc3R1ZGVmZ2ZGVmZ2hpamtsbW5vcHFyc3R1dnd5eHphYmNkZWZnaGlqa2wKYWJ==
server: https://ABCD1234EFGH5678IJKL9012MNOP3456.gr7.us-east-2.eks.amazonaws.com
name: arn:aws:eks:us-east-2:111222333444:cluster/super-awesome-muffin-cluster
contexts:
- context:
cluster: arn:aws:eks:us-east-2:111222333444:cluster/super-awesome-muffin-cluster
user: arn:aws:eks:us-east-2:111222333444:cluster/super-awesome-muffin-cluster
name: arn:aws:eks:us-east-2:111222333444:cluster/super-awesome-muffin-cluster
current-context: arn:aws:eks:us-east-2:111222333444:cluster/super-awesome-muffin-cluster
kind: Config
preferences: {}
users:
- name: arn:aws:eks:us-east-2:111222333444:cluster/super-awesome-muffin-cluster
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
args:
- --region
- us-east-2
- eks
- get-token
- --cluster-name
- super-awesome-muffin-cluster
command: awsRun the following command to populate the secret:
cat kubeconfig | base64Make sure that the kubeconfig does not have AWS_PROFILE, i.e. remove the section before base64 encoding:
env:
- name: AWS_PROFILE
value: muffinKUBECTL_VERSION - not required: The latest version of kubectl is installed via the Dockerfile. To prevent dependency issues, you can specify a desired kubectl version.
- name: Deploy to EKS Cluster
uses: thatsnotamuffin/muffin-aws-kubectl@v1
env:
ECR_REPOSITORY: muffin-app
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
RELEASE_IMAGE: ${{ github.sha }}
KUBECTL_VERSION: "v1.21.0" # <-- Not required
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG_DATA }} # <-- Required
with:
args: |
kubectl set image deployment/muffin-app muffin-app=$ECR_REGISTRY/$ECR_REPOSITORY:$RELEASE_IMAGE
kubectl rollout status deployment/muffin-app