Add blob store secrets to collab k8s manifest #25
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Collab Server Image | |
| on: | |
| push: | |
| tags: | |
| - collab-production | |
| - collab-staging | |
| env: | |
| DOCKER_BUILDKIT: 1 | |
| DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| jobs: | |
| style: | |
| name: Check formatting and Clippy lints | |
| runs-on: | |
| - self-hosted | |
| - test | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| clean: false | |
| submodules: "recursive" | |
| fetch-depth: 0 | |
| - name: Run style checks | |
| uses: ./.github/actions/check_style | |
| - name: Run clippy | |
| shell: bash -euxo pipefail {0} | |
| run: script/clippy | |
| tests: | |
| name: Run tests | |
| runs-on: | |
| - self-hosted | |
| - test | |
| needs: style | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| clean: false | |
| submodules: "recursive" | |
| fetch-depth: 0 | |
| - name: Run tests | |
| uses: ./.github/actions/run_tests | |
| publish: | |
| name: Publish collab server image | |
| needs: | |
| - style | |
| - tests | |
| runs-on: | |
| - self-hosted | |
| - deploy | |
| steps: | |
| - name: Add Rust to the PATH | |
| run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH | |
| - name: Sign into DigitalOcean docker registry | |
| run: doctl registry login | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| with: | |
| clean: false | |
| submodules: "recursive" | |
| - name: Build docker image | |
| run: docker build . --build-arg GITHUB_SHA=$GITHUB_SHA --tag registry.digitalocean.com/zed/collab:$GITHUB_SHA | |
| - name: Publish docker image | |
| run: docker push registry.digitalocean.com/zed/collab:${GITHUB_SHA} | |
| - name: Prune Docker system | |
| run: docker system prune --filter 'until=72h' -f | |
| deploy: | |
| name: Deploy new server image | |
| needs: | |
| - publish | |
| runs-on: | |
| - self-hosted | |
| - deploy | |
| steps: | |
| - name: Sign into Kubernetes | |
| run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 ${{ secrets.CLUSTER_NAME }} | |
| - name: Determine namespace | |
| run: | | |
| set -eu | |
| if [[ $GITHUB_REF_NAME = "collab-production" ]]; then | |
| echo "Deploying collab:$GITHUB_SHA to production" | |
| echo "KUBE_NAMESPACE=production" >> $GITHUB_ENV | |
| elif [[ $GITHUB_REF_NAME = "collab-staging" ]]; then | |
| echo "Deploying collab:$GITHUB_SHA to staging" | |
| echo "KUBE_NAMESPACE=staging" >> $GITHUB_ENV | |
| else | |
| echo "cowardly refusing to deploy from an unknown branch" | |
| exit 1 | |
| fi | |
| - name: Start rollout | |
| run: kubectl -n "$KUBE_NAMESPACE" set image deployment/collab collab=registry.digitalocean.com/zed/collab:${GITHUB_SHA} | |
| - name: Wait for rollout to finish | |
| run: kubectl -n "$KUBE_NAMESPACE" rollout status deployment/collab |