Merge pull request #2646 from data-for-change/dependabot/pip/jinja2-3… #907
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - dev | |
| env: | |
| DOCKER_REPOSITORY_ANYWAY: "${{ github.repository }}/anyway" | |
| DOCKER_REPOSITORY_DB: "${{ github.repository }}/db" | |
| DOCKER_REPOSITORY_DB_BACKUP: "${{ github.repository }}/db_backup" | |
| DOCKER_REPOSITORY_NGINX: "${{ github.repository }}/nginx" | |
| SERVER: "docker.pkg.github.com" | |
| jobs: | |
| Build-anyway: | |
| if: github.repository == "${{ github.repository_owner }}/anyway" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build and push anyway Docker image | |
| uses: docker/build-push-action@v1.1.1 | |
| with: | |
| name: ${{ env.DOCKER_REPOSITORY_ANYWAY }} | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: docker.pkg.github.com | |
| repository: ${{ env.DOCKER_REPOSITORY_ANYWAY }} | |
| tag_with_ref: true | |
| tag_with_sha: true | |
| cache_froms: ${{ env.DOCKER_REPOSITORY_ANYWAY }}:dev | |
| Build-db: | |
| if: github.repository == "${{ github.repository_owner }}/anyway" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build and push database Docker image | |
| uses: docker/build-push-action@v1.1.1 | |
| with: | |
| registry: docker.pkg.github.com | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| repository: ${{ env.DOCKER_REPOSITORY_DB }} | |
| path: 'db_docker' | |
| tag_with_ref: true | |
| tag_with_sha: true | |
| cache_froms: ${{ env.DOCKER_REPOSITORY_DB }}:dev | |
| Build-db-backup: | |
| if: github.repository == "${{ github.repository_owner }}/anyway" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build and push database backup Docker image | |
| uses: docker/build-push-action@v1.1.1 | |
| with: | |
| registry: docker.pkg.github.com | |
| repository: ${{ env.DOCKER_REPOSITORY_DB_BACKUP }} | |
| dockerfile: 'db_docker/backup.Dockerfile' | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| path: 'db_docker' | |
| tag_with_ref: true | |
| tag_with_sha: true | |
| cache_froms: ${{ env.DOCKER_REPOSITORY_DB_BACKUP }}:dev | |
| Build-nginx: | |
| if: github.repository == "${{ github.repository_owner }}/anyway" | |
| needs: Build-anyway | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - env: | |
| DOCKER_USERNAME: ${{ github.repository_owner }} | |
| DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| bin/nginx_docker_build_push.sh | |
| deploy: | |
| needs: | |
| - Build-anyway | |
| - Build-db | |
| - Build-db-backup | |
| - Build-nginx | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - env: | |
| DOCKER_REPOSITORY_ANYWAY: ${{ env.SERVER }}/${{ env.DOCKER_REPOSITORY_ANYWAY }} | |
| DOCKER_REPOSITORY_DB: ${{ env.SERVER }}/${{ env.DOCKER_REPOSITORY_DB }} | |
| DOCKER_REPOSITORY_DB_BACKUP: ${{ env.SERVER }}/${{ env.DOCKER_REPOSITORY_DB_BACKUP }} | |
| DOCKER_REPOSITORY_NGINX: ${{ env.SERVER }}/${{ env.DOCKER_REPOSITORY_NGINX }} | |
| DFC_IAC_DEPLOY_KEY: ${{ secrets.DFC_IAC_DEPLOY_KEY }} | |
| ANYWAY_ETL_DEPLOY_KEY: ${{ secrets.ANYWAY_ETL_DEPLOY_KEY }} | |
| run: | | |
| if [ "${GITHUB_REF}" == "refs/heads/master" ] || [ "${GITHUB_REF}" == "refs/heads/dev" ]; then | |
| SHA_TAG=sha-`git rev-parse --short $GITHUB_SHA` &&\ | |
| echo SHA_TAG=$SHA_TAG &&\ | |
| ANYWAY_IMAGE="${DOCKER_REPOSITORY_ANYWAY}:${SHA_TAG}" &&\ | |
| echo ANYWAY_IMAGE=$ANYWAY_IMAGE &&\ | |
| DB_IMAGE="${DOCKER_REPOSITORY_DB}:${SHA_TAG}" &&\ | |
| echo DB_IMAGE=$DB_IMAGE &&\ | |
| DB_BACKUP_IMAGE="${DOCKER_REPOSITORY_DB_BACKUP}:${SHA_TAG}" &&\ | |
| echo DB_BACKUP_IMAGE=$DB_BACKUP_IMAGE &&\ | |
| NGINX_IMAGE="${DOCKER_REPOSITORY_NGINX}:${SHA_TAG}" &&\ | |
| echo NGINX_IMAGE=$NGINX_IMAGE &&\ | |
| if ! git log -1 --pretty=format:"%s" | grep -- --no-deploy; then | |
| git config --global user.name "Anyway CI" &&\ | |
| git config --global user.email "anyway-ci@localhost" &&\ | |
| if [ "${GITHUB_REF}" == "refs/heads/master" ]; then | |
| cd `mktemp -d` &&\ | |
| echo "${DFC_IAC_DEPLOY_KEY}" > dfc_iac_deploy_key &&\ | |
| chmod 400 dfc_iac_deploy_key &&\ | |
| export GIT_SSH_COMMAND="ssh -i `pwd`/dfc_iac_deploy_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" &&\ | |
| git clone git@github.com:data-for-change/dfc-iac.git &&\ | |
| cd dfc-iac &&\ | |
| bin/update_anyway_env.py '{"image":"'${ANYWAY_IMAGE}'","dbImage":"'${DB_IMAGE}'","dbBackupImage":"'${DB_BACKUP_IMAGE}'","nginxImage":"'${NGINX_IMAGE}'"}' &&\ | |
| git add apps/anyway/.env && git commit -m "automatic update of anyway" &&\ | |
| git push origin main | |
| fi &&\ | |
| cd `mktemp -d` &&\ | |
| echo "${ANYWAY_ETL_DEPLOY_KEY}" > anyway_etl_deploy_key &&\ | |
| chmod 400 anyway_etl_deploy_key &&\ | |
| export GIT_SSH_COMMAND="ssh -i `pwd`/anyway_etl_deploy_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" &&\ | |
| git clone git@github.com:data-for-change/anyway-etl.git &&\ | |
| cd anyway-etl &&\ | |
| if [ "${GITHUB_REF}" == "refs/heads/dev" ]; then | |
| ANYWAY_ETL_COMMIT_FILENAME=anyway-dev-commit.txt | |
| else | |
| ANYWAY_ETL_COMMIT_FILENAME=anyway-master-commit.txt | |
| fi &&\ | |
| echo "${GITHUB_SHA}" > $ANYWAY_ETL_COMMIT_FILENAME &&\ | |
| git add ./$ANYWAY_ETL_COMMIT_FILENAME &&\ | |
| git commit -m "automatic update of $ANYWAY_ETL_COMMIT_FILENAME" &&\ | |
| git push origin main | |
| fi | |
| fi |