-
Notifications
You must be signed in to change notification settings - Fork 305
165 lines (145 loc) · 6.59 KB
/
testserver-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
name: Deploy to a test-server
on:
workflow_dispatch:
inputs:
branch_name:
description: "Which branch to deploy"
required: true
type: string
environment_name:
description: "Which environment to deploy (e.g. artemis-test7.artemis.cit.tum.de, etc.)."
required: true
type: string
triggered_by:
description: "Username that triggered deployment (not required, shown if triggered via GitHub UI, logged if triggered via GitHub app)"
required: false
type: string
concurrency: ${{ github.event.inputs.environment_name }}
env:
CI: true
# Keep filename in sync with the workflow responsible for automatic builds on PRs
PR_AUTO_BUILD_FILE_NAME: "build.yml"
RAW_URL: https://raw.githubusercontent.com/${{ github.repository }}/${{ github.event.inputs.branch_name }}
jobs:
# Log the inputs for debugging
log-inputs:
name: Log Inputs
runs-on: ubuntu-latest
steps:
- name: Print Inputs
run: |
echo "Branch: ${{ github.event.inputs.branch_name }}"
echo "Environment: ${{ github.event.inputs.environment_name }}"
echo "Triggered by: ${{ github.event.inputs.triggered_by }}"
echo "RAW_URL: ${{ env.RAW_URL }}"
determine-build-context:
name: Determine Build Context
runs-on: ubuntu-latest
needs: log-inputs
outputs:
pr_number: ${{ steps.get_pr.outputs.pr_number }}
pr_head_sha: ${{ steps.get_pr.outputs.pr_head_sha }}
tag: ${{ steps.get_pr.outputs.tag }}
steps:
- name: Check if a PR exists for the branch
id: get_pr
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
BRANCH_NAME=${{ github.event.inputs.branch_name }}
echo "Checking if PR exists for branch: $BRANCH_NAME targeting 'develop'."
PR_DETAILS=$(gh api repos/${{ github.repository }}/pulls \
--paginate \
--jq ".[] | select(.head.ref == \"$BRANCH_NAME\" and .base.ref == \"develop\") | {number: .number, sha: .head.sha}")
PR_NUMBER=$(echo "$PR_DETAILS" | jq -r ".number")
PR_HEAD_SHA=$(echo "$PR_DETAILS" | jq -r ".sha")
if [ -n "$PR_NUMBER" ] && [ "$PR_NUMBER" != "null" ]; then
echo "Found PR: $PR_NUMBER from branch: $BRANCH_NAME targeting 'develop' with Head: $PR_HEAD_SHA."
echo "pr_number=$PR_NUMBER" >> $GITHUB_OUTPUT
echo "pr_head_sha=$PR_HEAD_SHA" >> $GITHUB_OUTPUT
echo "tag=pr-$PR_NUMBER" >> $GITHUB_OUTPUT
else
echo "No PR found for branch: $BRANCH_NAME targeting 'develop'."
echo "pr_number=" >> $GITHUB_OUTPUT
echo "pr_head_sha=" >> $GITHUB_OUTPUT
# Fetch the latest commit SHA of the branch
LATEST_SHA=$(gh api repos/${{ github.repository }}/git/refs/heads/$BRANCH_NAME --jq '.object.sha')
if [ -z "$LATEST_SHA" ]; then
echo "::error::Could not find the latest commit SHA for branch $BRANCH_NAME."
exit 1
fi
echo "Latest SHA for branch $BRANCH_NAME is $LATEST_SHA."
# Set tag as branch-SHA
echo "tag=branch-$LATEST_SHA" >> $GITHUB_OUTPUT
fi
# Build the Docker image (branch without PR)
conditional-build:
if: ${{ needs.determine-build-context.outputs.pr_number == '' }}
needs: determine-build-context
uses: ./.github/workflows/reusable-build.yml
with:
docker: true
docker_ref: ${{ github.event.inputs.branch_name }}
docker_build_tag: ${{ needs.determine-build-context.outputs.tag }}
# Check if the build has run successfully (PR)
check-existing-build:
name: Check Existing Build
if: ${{ needs.determine-build-context.outputs.pr_number != '' }}
needs: determine-build-context
runs-on: ubuntu-latest
steps:
- name: Get latest successful build for branch
id: check_build
uses: octokit/[email protected]
with:
route: GET /repos/${{ github.repository }}/actions/workflows/build.yml/runs?event=pull_request&status=success&head_sha=${{ needs.determine-build-context.outputs.pr_head_sha }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Fail if no successful build found
if: ${{ steps.check_build.conclusion == 'success' && fromJSON(steps.check_build.outputs.data).total_count == 0 }}
run: |
echo "::error::No successful build found for branch '${{ github.event.inputs.branch_name }}' with SHA '${{ needs.determine-build-context.outputs.pr_head_sha }}'."
exit 1
# Deploy to the test-server
deploy:
needs: [ determine-build-context, conditional-build, check-existing-build ]
# Run if either the conditional-build or check-existing-build job was successful
# Use always() since one of the jobs will always skip
if: always() && (needs.conditional-build.result == 'success' || needs.check-existing-build.result == 'success')
name: Deploy to Test-Server
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.environment_name }}
url: ${{ vars.DEPLOYMENT_URL }}
env:
GATEWAY_USER: "jump"
GATEWAY_HOST: "gateway.artemis.in.tum.de:2010"
GATEWAY_HOST_PUBLIC_KEY: "[gateway.artemis.in.tum.de]:2010 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtTLiKRILjKZ+Qg4ReWKsG7mLDXkzHfeY5nalSQUNQ4"
steps:
# Download artemis-server-cli from GH without cloning the Repo
- name: Fetch Artemis CLI
run: |
wget ${{ env.RAW_URL }}/artemis-server-cli
chmod +x artemis-server-cli
# Configure SSH Key
- name: Setup SSH Keys and known_hosts
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
GATEWAY_SSH_KEY: "${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}"
DEPLOYMENT_SSH_KEY: "${{ secrets.DEPLOYMENT_SSH_KEY }}"
run: |
mkdir -p ~/.ssh
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< $GATEWAY_SSH_KEY
ssh-add - <<< $DEPLOYMENT_SSH_KEY
cat - <<< $GATEWAY_HOST_PUBLIC_KEY >> ~/.ssh/known_hosts
- name: Deploy Artemis with Docker
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
DEPLOYMENT_USER: ${{ vars.DEPLOYMENT_USER }}
DEPLOYMENT_HOSTS: ${{ vars.DEPLOYMENT_HOSTS }}
TAG: ${{ needs.determine-build-context.outputs.tag }}
BRANCH_NAME: ${{ github.event.inputs.branch_name }}
DEPLOYMENT_FOLDER: ${{ vars.DEPLOYMENT_FOLDER }}
run: |
./artemis-server-cli docker-deploy "$DEPLOYMENT_USER@$DEPLOYMENT_HOSTS" -g "$GATEWAY_USER@$GATEWAY_HOST" -t $TAG -b $BRANCH_NAME -d $DEPLOYMENT_FOLDER -y