Merge pull request #257 from norcalipa/norcalipa/refactor-actions

Refactoring deployment workflows

.github/workflows/build-image.yml

@@ -12,6 +12,9 @@ on:
       - '!.github/workflows/build-image.yml'
       - '.gitignore'
 
+concurrency:
+  group: deployment
+
 env:
   PROJECT_ID: crank-404520
   SERVICE: crank

.github/workflows/deploy-home.yml

@@ -1,17 +1,15 @@
 # Copyright (c) 2024 Isaac Adams
 # Licensed under the MIT License. See LICENSE file in the project root for full license information.
 name: Deploy to Kubernetes (prod)
+
 on:
+  workflow_run:
+    workflows: [ "Build Image" ]
+    types:
+      - completed
   push:
     branches:
       - main
-    paths-ignore:
-      - '.github/**'
-      - 'seeds/**'
-      - 'dump/**'
-      - '!.github/workflows/build-image.yml'
-      - '!.github/workflows/deploy-home.yml'
-      - '.gitignore'
 
 jobs:
   deploy-home-k3s:
@@ -47,6 +45,11 @@ jobs:
           # install cloudflared
           sudo apt-get update && sudo apt-get install cloudflared
 
+      - name: Tag and Push Image as Latest
+        run: |
+          docker tag ghcr.io/${{ github.repository }}/crank:${{ github.sha }} ghcr.io/${{ github.repository }}/crank:latest
+          docker push ghcr.io/${{ github.repository }}/crank:latest
+
       - name: Deploy to Kubernetes
         run: |
           # Copy deployment.yml to the remote system

.github/workflows/run-tests.yml

@@ -2,17 +2,17 @@
 # Licensed under the MIT License. See LICENSE file in the project root for full license information.
 name: Run Tests
 
-on:
-  push:
-    paths-ignore:
-      - '/*'
-      - '.github/**'
-      - 'crank/content/**'
-      - 'crank/migrations/**'
-      - 'seeds/**'
-      - 'dump/**'
-      - 'k8s/**'
-      - '.gitignore'
+#on:
+#  push:
+#    paths-ignore:
+#      - '/*'
+#      - '.github/**'
+#      - 'crank/content/**'
+#      - 'crank/migrations/**'
+#      - 'seeds/**'
+#      - 'dump/**'
+#      - 'k8s/**'
+#      - '.gitignore'
 
 jobs:
   run-tests:

.github/workflows/coverage.yml → .github/workflows/tests-with-coverage.yml

@@ -1,6 +1,6 @@
 # Copyright (c) 2024 Isaac Adams
 # Licensed under the MIT License. See LICENSE file in the project root for full license information.
-name: Test Coverage
+name: Tests With Coverage
 
 on:
   push:

.github/workflows/update-home-deployment.yml

@@ -0,0 +1,60 @@
+# Copyright (c) 2024 Isaac Adams
+# Licensed under the MIT License. See LICENSE file in the project root for full license information.
+name: Update Deployment (prod)
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - '**'
+      - '!.github/workflows/update-home-deployment.yml'
+      - '!k8s/deployment.yml'
+
+concurrency:
+  group: deployment
+  cancel-in-progress: true
+
+jobs:
+  deploy-home-k3s:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: main
+
+      - name: Get latest commit SHA from main branch
+        id: get-sha
+        run: echo "GITHUB_SHA=$(git rev-parse HEAD)" >> $GITHUB_ENV
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      - name: Set up SSH
+        uses: webfactory/ssh-agent@v0.5.3
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+
+      - name: Install Cloudflared
+        run: |
+          sudo mkdir -p --mode=0755 /usr/share/keyrings
+          curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
+
+          # Add this repo to your apt repositories
+          echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared jammy main' | sudo tee /etc/apt/sources.list.d/cloudflared.list
+
+          # install cloudflared
+          sudo apt-get update && sudo apt-get install cloudflared
+
+      - name: Deploy to Kubernetes
+        run: |
+          # Copy deployment.yml to the remote system
+          scp -o ProxyCommand='cloudflared access ssh --hostname %h' -o StrictHostKeyChecking=no ./k8s/deployment.yml ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }}:/tmp/deployment.yml
+
+          # Apply the copied deployment.yml
+          ssh -o ProxyCommand='cloudflared access ssh --hostname %h' -o StrictHostKeyChecking=no ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_HOST }} <<EOF
+          export GITHUB_SHA=${{ env.GITHUB_SHA }}
+          envsubst < /tmp/deployment.yml | k3s kubectl apply -f -
+          EOF

readme.md

@@ -2,10 +2,9 @@
 <!-- Licensed under the MIT License. See LICENSE file in the project root for full license information. -->
 # Crank.fyi
 
-[![codecov](https://codecov.io/gh/norcalipa/crank/graph/badge.svg?token=5CR414ORFK)](https://codecov.io/gh/norcalipa/crank)
+[![Tests with codecov](https://codecov.io/gh/norcalipa/crank/graph/badge.svg?token=5CR414ORFK)](https://codecov.io/gh/norcalipa/crank)
 [![Known Vulnerabilities](https://snyk.io/test/github/norcalipa/crank/badge.svg)](https://snyk.io/test/github/norcalipa/crank)
 [![Build Image](https://github.com/norcalipa/crank/actions/workflows/build-image.yml/badge.svg)](https://github.com/norcalipa/crank/actions/workflows/build-image.yml)
-[![Run Tests](https://github.com/norcalipa/crank/actions/workflows/run-tests.yml/badge.svg)](https://github.com/norcalipa/crank/actions/workflows/run-tests.yml)
 [![Deploy to Kubernetes (prod)](https://github.com/norcalipa/crank/actions/workflows/deploy-home.yml/badge.svg)](https://github.com/norcalipa/crank/actions/workflows/deploy-home.yml)
 [![Change Tracking Marker](https://github.com/norcalipa/crank/actions/workflows/new-relic-change-tracking.yml/badge.svg)](https://github.com/norcalipa/crank/actions/workflows/new-relic-change-tracking.yml)