-
Notifications
You must be signed in to change notification settings - Fork 37
102 lines (99 loc) · 4.83 KB
/
PREVIEW-ENV-DEPLOY.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
---
name: preview-env-deploy
on:
pull_request:
types: [ labeled,synchronize ]
jobs:
deploy-preview:
# checks that the PR isn't closed AND check whether the labeled event contains deploy-preview as substring || check whether on new commit of PR the label deploy-preview is part of label array
if: github.event.pull_request.state != 'closed' && (contains( github.event.label.name, 'deploy-preview') || contains( github.event.pull_request.labels.*.name, 'deploy-preview'))
runs-on: ubuntu-24.04
timeout-minutes: 20
name: deploy-preview-env-${{ matrix.product_context }}
env:
BRANCH_NAME: ${{ github.head_ref }} # head_ref = branch on PR
concurrency:
group: pr-update-${{ github.head_ref }}-${{ matrix.product_context }} # env is not yet available here
cancel-in-progress: true
strategy:
fail-fast: false # Don't disrupt other deployments because of failure
matrix:
product_context: [c8sm]
steps:
#########################################################################
# Sanitize the branch name to remove dependabot/,renovate/ and transform the name
- id: sanitize
uses: camunda/infra-global-github-actions/sanitize-branch-name@main
with:
branch: ${{ env.BRANCH_NAME }}
max_length: '15'
#########################################################################
# Setup: import secrets from vault
- name: Import secrets
id: secrets
uses: hashicorp/vault-action@d1720f055e0635fd932a1d2a48f87a666a57906c # v3.0.0
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
secret/data/products/connectors/ci/common ARGOCD_TOKEN;
#########################################################################
# Setup: checkout code. This is required because we are using
# composite actions and deployment manifests.
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
#########################################################################
# Determine the argocd arguments that need to be passed to the create app command
- name: Determine Argocd Arguments for ${{ matrix.product_context }}
if: matrix.product_context == 'c8sm'
shell: bash
run: |
echo "argocd_arguments=--dest-namespace ${app_name} \
--file .ci/preview-environments/argo/${argocd_app_file_name}.yml \
--helm-set camunda-platform.connectors.image.tag=${docker_tag} \
--helm-set global.preview.git.branch=${revision} \
--helm-set global.labels.app=${app_name} \
--helm-set global.preview.ingress.domain=connectors.camunda.cloud \
--name ${app_name} \
--revision ${revision} \
--upsert" >> $GITHUB_ENV
env:
docker_tag: pr-${{ github.event.pull_request.head.sha }} # SHA of latest commit
revision: ${{ env.BRANCH_NAME }}
app_name: connectors-${{ steps.sanitize.outputs.branch_name }}-${{ matrix.product_context }}
argocd_app_file_name: ${{ matrix.product_context }}
#########################################################################
# Create a preview environment
- name: Deploy Preview Environment for ${{ matrix.product_context }}
uses: camunda/infra-global-github-actions/preview-env/create@main
with:
revision: ${{ env.BRANCH_NAME }}
argocd_token: ${{ steps.secrets.outputs.ARGOCD_TOKEN }}
app_name: connectors-${{ steps.sanitize.outputs.branch_name }}-${{ matrix.product_context }}
app_url: https://${{ steps.sanitize.outputs.branch_name }}-${{ matrix.product_context }}.connectors.camunda.cloud
argocd_arguments: ${{ env.argocd_arguments }}
argocd_server: argocd.int.camunda.com
conflicts:
if: always() && github.event_name == 'pull_request' && (contains( github.event.label.name, 'deploy-preview') || contains( github.event.pull_request.labels.*.name, 'deploy-preview'))
runs-on: ubuntu-24.04
steps:
- name: Check PR for merge conflicts
uses: camunda/infra-global-github-actions/preview-env/conflicts@main
with:
pull-request-id: ${{ github.event.pull_request.number }}
clean:
if: always() && github.event_name == 'pull_request' && needs.deploy-preview.result != 'skipped'
uses: camunda/connectors/.github/workflows/PREVIEW-ENV-CLEAN.yml@main
needs: [deploy-preview]
secrets: inherit
with:
pull-request: ${{ github.event.pull_request.number }}
comment:
if: always() && github.event_name == 'pull_request' && needs.deploy-preview.result != 'skipped'
name: create-deployment-result-summary
runs-on: ubuntu-24.04
needs: [deploy-preview]
steps:
- uses: camunda/infra-global-github-actions/preview-env/comment@main