Merge pull request #1422 from younginnovations/1421-update-user-manual #337

Workflow file for this run

.github/workflows/production-workflow.yml at f939357

	name: Production Deployment

	on:
	push:
	branches: [main]

	workflow_dispatch:

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	cli_build_push:
	name: cli image build
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to the Container registry
	uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cli

	- name: Build and push Docker image
	uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
	with:
	context: .
	file: Dockerfile.production
	push: true
	target: cli
	tags: \|
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cli:${{ github.sha }}
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cli:latest
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	build-args: \|
	MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_PRODUCTION }}

	fpm_server_build_push:
	name: fpm_server image build
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to the Container registry
	uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/fpm_server

	- name: Build and push Docker image
	uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
	with:
	context: .
	file: Dockerfile.production
	push: true
	target: fpm_server
	build-args: \|
	MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_PRODUCTION }}
	tags: \|
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/fpm_server:${{ github.sha }}
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/fpm_server:latest
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	web_server_build_push:
	name: web_server image build
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to the Container registry
	uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/web_server

	- name: Build and push Docker image
	uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
	with:
	context: .
	push: true
	file: Dockerfile.production
	target: web_server
	tags: \|
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/web_server:${{ github.sha }}
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/web_server:latest
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	build-args: \|
	MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_PRODUCTION }}

	cron_build_push:
	name: cron image build
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to the Container registry
	uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cron

	- name: Build and push Docker image
	uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
	with:
	context: .
	file: Dockerfile.production
	push: true
	target: cron
	tags: \|
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cron:${{ github.sha }}
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cron:latest
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	build-args: \|
	MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_PRODUCTION }}

	horizon_build_push:
	name: horizon image build
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to the Container registry
	uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon

	- name: Build and push Docker image
	uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56
	with:
	context: .
	file: Dockerfile.production
	push: true
	target: horizon
	tags: \|
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon:${{ github.sha }}
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon:latest
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	build-args: \|
	MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_PRODUCTION }}

	deploy-production:
	name: production deploy
	runs-on: ubuntu-latest
	environment:
	name: production
	url: https://publisher.iatistandard.org
	needs:
	[
	cli_build_push,
	fpm_server_build_push,
	web_server_build_push,
	cron_build_push,
	horizon_build_push,
	]
	permissions:
	contents: write
	packages: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- uses: imranismail/setup-kustomize@v2

	- name: update k8s
	run: \|
	cd packages/production
	kustomize edit set image ghcr.io/${{ github.repository }}/cli:${{ github.sha }}
	kustomize edit set image ghcr.io/${{ github.repository }}/fpm_server:${{ github.sha }}
	kustomize edit set image ghcr.io/${{ github.repository }}/web_server:${{ github.sha }}
	kustomize edit set image ghcr.io/${{ github.repository }}/cron:${{ github.sha }}
	kustomize edit set image ghcr.io/${{ github.repository }}/horizon:${{ github.sha }}

	- name: Install doctl
	uses: digitalocean/action-doctl@v2
	with:
	token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

	- name: Save DigitalOcean kubeconfig with short-lived credentials
	run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 bac71d66-3ef4-4e8f-919f-f6dedfccff40

	- name: Deploy to DigitalOcean Kubernetes
	run: kubectl apply -k packages/production

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #1422 from younginnovations/1421-update-user-manual #337

Workflow file

Merge pull request #1422 from younginnovations/1421-update-user-manual #337

Jobs

Run details

Workflow file for this run