Deploy to staging with reset=no core=0e8cfcc country config=b3e375e #161
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy(development) | |
| run-name: Deploy to ${{ github.event.inputs.environment }} with reset=${{ github.event.inputs.reset }} core=${{ github.event.inputs.core-image-tag }} country config=${{ github.event.inputs.countryconfig-image-tag }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: choice | |
| description: Environment to deploy to | |
| required: true | |
| default: 'staging' | |
| options: | |
| - staging | |
| - qa | |
| core-image-tag: | |
| description: Core DockerHub image tag | |
| required: true | |
| default: 'v1.3.2' | |
| countryconfig-image-tag: | |
| description: Your Country Config DockerHub image tag | |
| required: true | |
| reset: | |
| type: choice | |
| description: Whether to reset the environment | |
| required: true | |
| default: 'no' | |
| options: | |
| - 'yes' | |
| - 'no' | |
| jobs: | |
| deploy: | |
| environment: ${{ github.event.inputs.environment }} | |
| runs-on: ubuntu-20.04 | |
| outputs: | |
| outcome: ${{ steps.deploy.outcome }} | |
| timeout-minutes: 60 | |
| strategy: | |
| matrix: | |
| node-version: [16.20.0] | |
| steps: | |
| - name: Clone core | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| repository: 'opencrvs/opencrvs-core' | |
| path: './opencrvs-core' | |
| - name: Clone country config resource package | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| path: './${{ github.event.repository.name }}' | |
| - name: Checkout country branch | |
| run: | | |
| cd ${{ github.event.repository.name }} | |
| git checkout ${{ github.event.inputs.countryconfig-image-tag }} | |
| cd ../ | |
| - name: Checkout core branch | |
| run: | | |
| cd opencrvs-core | |
| git checkout ${{ github.event.inputs.core-image-tag }} | |
| # | |
| # Uncomment if using VPN | |
| # | |
| #- name: Install openconnect ppa | |
| # run: sudo add-apt-repository ppa:dwmw2/openconnect -y && sudo apt update | |
| #- name: Install openconnect | |
| # run: sudo apt install -y openconnect | |
| #- name: Connect to VPN | |
| # run: | | |
| # echo "${{ secrets.VPN_PWD }}" | sudo openconnect -u ${{ secrets.VPN_USER }} --passwd-on-stdin --protocol=${{ secrets.VPN_PROTOCOL }} ${{ secrets.VPN_HOST }}:${{ secrets.VPN_PORT }} --servercert ${{ secrets.VPN_SERVERCERT }} --background | |
| #- name: Test if IP is reachable | |
| # run: | | |
| # ping -c4 ${{ secrets.SSH_HOST }} | |
| - name: Install SSH Key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| key: ${{ secrets.SSH_KEY }} | |
| known_hosts: ${{ secrets.KNOWN_HOSTS }} | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Wait for images to be available | |
| run: | | |
| while true; do | |
| if docker manifest inspect opencrvs/ocrvs-auth:${{ github.event.inputs.core-image-tag }}; then | |
| break | |
| fi | |
| sleep 10 | |
| done | |
| while true; do | |
| if docker manifest inspect ${{ secrets.DOCKERHUB_ACCOUNT }}/${{ secrets.DOCKERHUB_REPO }}:${{ github.event.inputs.countryconfig-image-tag }}; then | |
| break | |
| fi | |
| sleep 10 | |
| done | |
| - name: Deploy to ${{ github.event.inputs.environment }} | |
| id: deploy | |
| env: | |
| DOMAIN: ${{ vars.DOMAIN }} | |
| REPLICAS: ${{ vars.REPLICAS }} | |
| SMTP_PORT: ${{ secrets.SMTP_PORT }} | |
| SMTP_HOST: ${{ secrets.SMTP_HOST }} | |
| SMTP_USERNAME: ${{ secrets.SMTP_USERNAME }} | |
| SMTP_PASSWORD: ${{ secrets.SMTP_PASSWORD }} | |
| ALERT_EMAIL: ${{ secrets.ALERT_EMAIL }} | |
| DOCKERHUB_ACCOUNT: ${{ secrets.DOCKERHUB_ACCOUNT }} | |
| DOCKERHUB_REPO: ${{ secrets.DOCKERHUB_REPO }} | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| KIBANA_USERNAME: ${{ secrets.KIBANA_USERNAME }} | |
| KIBANA_PASSWORD: ${{ secrets.KIBANA_PASSWORD }} | |
| MONGODB_ADMIN_USER: ${{ secrets.MONGODB_ADMIN_USER }} | |
| MONGODB_ADMIN_PASSWORD: ${{ secrets.MONGODB_ADMIN_PASSWORD }} | |
| ELASTICSEARCH_SUPERUSER_PASSWORD: ${{ secrets.ELASTICSEARCH_SUPERUSER_PASSWORD }} | |
| MINIO_ROOT_USER: ${{ secrets.MINIO_ROOT_USER }} | |
| MINIO_ROOT_PASSWORD: ${{ secrets.MINIO_ROOT_PASSWORD }} | |
| EMAIL_API_KEY: ${{ secrets.EMAIL_API_KEY }} | |
| INFOBIP_SENDER_ID: ${{ secrets.INFOBIP_SENDER_ID }} | |
| SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | |
| INFOBIP_GATEWAY_ENDPOINT: ${{ secrets.INFOBIP_GATEWAY_ENDPOINT }} | |
| INFOBIP_API_KEY: ${{ secrets.INFOBIP_API_KEY }} | |
| SENDER_EMAIL_ADDRESS: ${{ secrets.SENDER_EMAIL_ADDRESS }} | |
| SUPER_USER_PASSWORD: ${{ secrets.SUPER_USER_PASSWORD }} | |
| SSH_KEY: ${{ secrets.SSH_KEY }} | |
| KNOWN_HOSTS: ${{ secrets.KNOWN_HOSTS }} | |
| CONTENT_SECURITY_POLICY_WILDCARD: ${{ vars.CONTENT_SECURITY_POLICY_WILDCARD }} | |
| # SUDO_PASSWORD: ${{ secrets.SUDO_PASSWORD }} | |
| # ELASTALERT_SLACK_WEBHOOK: ${{ secrets.ELASTALERT_SLACK_WEBHOOK }} | |
| run: | | |
| cd ./${{ github.event.repository.name }} | |
| yarn deploy \ | |
| --clear_data=${{ github.event.inputs.reset }} \ | |
| --environment=${{ github.event.inputs.environment }} \ | |
| --host=${{ env.DOMAIN }} \ | |
| --ssh_host=${{ secrets.SSH_HOST }} \ | |
| --ssh_user=${{ secrets.SSH_USER }} \ | |
| --version=${{ github.event.inputs.core-image-tag }} \ | |
| --country_config_version=${{ github.event.inputs.countryconfig-image-tag }} \ | |
| --replicas=${{ env.REPLICAS }} | |
| seed-data: | |
| needs: deploy | |
| if: ${{ github.event.inputs.reset == 'yes' && needs.deploy.outputs.outcome == 'success' }} | |
| uses: ./.github/workflows/seed-data.yml | |
| with: | |
| environment: ${{ github.event.inputs.environment }} | |
| core-image-tag: ${{ github.event.inputs.core-image-tag }} | |
| secrets: inherit |