Skip to content
.github/workflows/kubernetes.yaml

fix references #9

Sign in to view logs

fix references

fix references #9

Workflow file for this run

.github/workflows/kubernetes.yaml at 9db008a
name: Reusable Kubernetes with option to push images to Github or ECR

Check failure on line 1 in .github/workflows/kubernetes.yaml

View workflow run for this annotation

GitHub Actions / .github/workflows/kubernetes.yaml

Invalid workflow file 

(Line: 207, Col: 19): Unrecognized named-value: 'input'. Located at position 1 within expression: input.ref
on:
workflow_call:
inputs:
artifactName:
required: false
description: If provided, downloads a previously uploaded artifact (has to be in the same workflow). Both artifactPath and artifactName have to be passed.
default: ""
type: string
artifactPath:
required: false
description: If provided, downloads a previously uploaded artifact (has to be in the same workflow). Both artifactPath and artifactName have to be passed.
default: ""
type: string
botEmail:
required: false
description: The email of the bot that will appear in the GitOps commit
default: dev.bot@parcellab.com
type: string
deploymentRepoPath:
required: false
description: The path within the deployment repository that holds all version files
default: namespaces
type: string
deploymentRepoValuesPath:
required: false
description: The path within the deployment repository that holds all values files
default: ""
type: string
deploymentRepoURL:
required: false
description: The repository within Github that holds the version file to deploy via GitOps
default: parcelLab/deployment
type: string
imageTargets:
required: false
description: If provided, sets targets for as many image builds as targets specified
default: ""
type: string
preScript:
required: false
description: If provided, runs a script after repo checkout and before the docker image is built. Useful in case that you need to build a package outside of the docker image (and load the artifacts via copy).
default: ""
type: string
registryUsername:
required: false
description: The username for the container registry
default: parcellab-dev-bot
type: string
enableContainerScan:
required: false
description: Apply the container scan
default: true
type: boolean
runner:
required: false
description: Runner type
default: ubuntu-latest
type: string
sentryOrg:
required: false
description: The Sentry organization that will hold the deployment
default: ""
type: string
sentryProject:
required: false
description: The slug of the organization name in Sentry
default: ""
type: string
sentryUrl:
required: false
description: The URL used to connect to Sentry. (Only required for Self-Hosted Sentry).
default: "https://sentry.io/"
type: string
sentryEnvironment:
required: false
description: Slug of the environment used by the application to report error to Sentry
default: ""
type: string
slackChannelProd:
required: false
description: The Slack channel id to show production deployments
default: ""
type: string
slackChannelStaging:
required: false
description: The Slack channel id to show staging deployments
default: ""
type: string
slackChannelTest:
required: false
description: The Slack channel id to show test deployments
default: ""
type: string
versionFilePath:
required: false
description: The relative file path to the folder that holds the application Kubernetes values
default: values.yaml
type: string
secrets:
npmGithubReadToken:
required: true
description: The Github token with permissions to read NPM private packages
repoAccessToken:
required: true
description: The Github token to perform operations cross-repo (not github.token!)
slackBotToken:
required: false
description: The Slack bot token to write messages in the desired channels (required if slack channel ids are provided)
sentryAuthToken:
required: false
description: Authentication token for Sentry
AWS_ROLE_TO_ASSUME:
required: true
description: AWS OIDC role for GitHub to assume
jobs:
initialize:
environment: ${{ github.event.deployment.payload.env }}
runs-on: ${{ inputs.runner }}
outputs:
channel-id: ${{ steps.vars.outputs.channel-id }}
version: ${{ steps.vars.outputs.version }}
steps:
- name: Check if 'env' input is provided
run: |
if [ -z "${{ github.event.deployment.payload.env }}" ]; then
echo "ERROR: 'env' input is missing or empty!"
exit 1
fi
- name: Load deployment variables
id: vars
run: |
REF="${{ github.event.deployment.ref }}"
SHA="${{ github.event.deployment.sha }}"
if [[ "${{ github.event.deployment.payload.env }}" == 'prod' ]]
then
# shellcheck disable=SC2086
echo "version=${REF##*/}" >> $GITHUB_OUTPUT
# shellcheck disable=SC2086
echo "channel-id=${{ inputs.slackChannelProd }}" >> $GITHUB_OUTPUT
elif [[ "${{ github.event.deployment.payload.env }}" == 'test' ]]
then
# shellcheck disable=SC2086
echo "version=${SHA:0:7}" >> $GITHUB_OUTPUT
# shellcheck disable=SC2086
echo "channel-id=${{ inputs.slackChannelTest }}" >> $GITHUB_OUTPUT
else
# shellcheck disable=SC2086
echo "version=${SHA:0:7}" >> $GITHUB_OUTPUT
# shellcheck disable=SC2086
echo "channel-id=${{ inputs.slackChannelStaging }}" >> $GITHUB_OUTPUT
fi
- name: Start ${{ github.event.deployment.payload.name }} deployment
uses: chrnorm/deployment-status@v2
with:
deployment-id: ${{ github.event.deployment.id }}
environment-url: ${{ github.event.deployment.payload.url }}
environment: ${{ github.event.deployment.payload.env }}
state: "in_progress"
token: ${{ github.token }}
build:
needs: [initialize]
uses: parcelLab/ci/.github/workflows/build-image.yaml@v8.2.5
with:
artifactName: ${{ inputs.artifactName }}
artifactPath: ${{ inputs.artifactPath }}
imageTargets: ${{ inputs.imageTargets }}
preScript: ${{ inputs.preScript }}
registryUsername: ${{ inputs.registryUsername }}
enableContainerScan: ${{ inputs.enableContainerScan }}
runner: ${{ inputs.runner }}
version: ${{ needs.initialize.outputs.version }}
secrets: inherit
commit:
needs: [initialize, build]
environment: ${{ github.event.deployment.payload.env }}
concurrency: commit-${{ inputs.deploymentRepoURL }}-${{ github.sha }}
runs-on: ${{ inputs.runner }}
steps:
- name: Checkout ${{ inputs.deploymentRepoURL }} git repository
uses: actions/checkout@v3
with:
repository: ${{ inputs.deploymentRepoURL }}
path: remote
token: ${{ secrets.repoAccessToken }}
ref: main
- name: Deploy ${{ github.sha }} to ${{ github.event.deployment.environment }} values
uses: mikefarah/yq@v4.30.8
with:
cmd: yq '(.${{ github.event.deployment.payload.kubernetes.versionKey }} = "${{ needs.initialize.outputs.version }}")' -i remote/${{ inputs.deploymentRepoPath }}/values.yaml
- name: Commit deployment file
run: |
cd remote
git config --global user.email "${{ inputs.botEmail }}"
git config --global user.name "${{ inputs.registryUsername }}"
git add .
git commit --allow-empty -m "chore(${{ github.event.deployment.payload.name }}): set ${{ github.event.deployment.payload.env }} version to ${{ needs.initialize.outputs.version }}"
- name: Push changes to ${{ inputs.deploymentRepoURL }} git repository
uses: ad-m/github-push-action@0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e
with:
repository: ${{ inputs.deploymentRepoURL }}
directory: remote
github_token: ${{ secrets.repoAccessToken }}
branch: ${{ input.ref }}
- if: success()
name: Successful ${{ github.event.deployment.payload.name }} deployment
uses: chrnorm/deployment-status@v2
with:
deployment-id: ${{ github.event.deployment.id }}
environment-url: ${{ github.event.deployment.payload.url }}
environment: ${{ github.event.deployment.payload.env }}
state: "success"
token: ${{ github.token }}
- if: failure()
name: Failed ${{ github.event.deployment.payload.name }} deployment
uses: chrnorm/deployment-status@v2
with:
deployment-id: ${{ github.event.deployment.id }}
environment-url: ${{ github.event.deployment.payload.url }}
environment: ${{ github.event.deployment.payload.env }}
state: "failure"
token: ${{ github.token }}
- if: success() && needs.initialize.outputs.channel-id != ''
name: Notify ${{ github.event.deployment.payload.name }} deployment success
continue-on-error: true
uses: darioblanco/slack-deployment@main
env:
SLACK_BOT_TOKEN: ${{ secrets.slackBotToken }}
with:
channel_id: ${{ needs.initialize.outputs.channel-id }}
deployment_description: ${{ github.event.deployment.payload.description == null && 'No description' || github.event.deployment.payload.description }}
deployment_name: ${{ github.event.deployment.payload.name == null && 'unknown' || github.event.deployment.payload.name }}
environment: ${{ github.event.deployment.payload.env == null && 'unknown' || github.event.deployment.payload.env }}
owner: ${{ github.event.deployment.payload.author == null && inputs.registryUsername || github.event.deployment.payload.author }}
package: ${{ github.event.deployment.payload.name == null && 'unknown' || github.event.deployment.payload.name }}
ref: ${{ github.event.deployment.ref == null && 'unknown' || github.event.deployment.ref }}
repo: ${{ github.repository }}
sha: ${{ github.sha }}
status_url: ${{ github.event.deployment.payload.statusUrl == null && 'https://github.com' || github.event.deployment.payload.statusUrl }}
url: ${{ github.event.deployment.payload.url == null && 'https://github.com' || github.event.deployment.payload.url }}
version: ${{ needs.initialize.outputs.version }}
- if: success() && inputs.sentryOrg != '' && inputs.sentryProject != ''
name: Create Sentry release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.sentryAuthToken }}
SENTRY_ORG: ${{ inputs.sentryOrg }}
SENTRY_PROJECT: ${{ inputs.sentryProject }}
SENTRY_URL: ${{ inputs.sentryUrl }}
with:
environment: ${{ inputs.sentryEnvironment != '' && inputs.sentryEnvironment || github.event.deployment.payload.env }}
set_commits: skip
version: ${{ needs.initialize.outputs.version }}
continue-on-error: true
- name: Clean up images
uses: actions/delete-package-versions@v4
with:
package-name: ${{ github.event.deployment.payload.name }}
package-type: container
min-versions-to-keep: "500"
token: ${{ secrets.repoAccessToken }}
continue-on-error: true