name: CD on: push: branches: [main] paths-ignore: - 'docs/**' - '*.md' env: REGISTRY: 192.168.0.110:5000 IMAGE_PREFIX: library/awoooi jobs: # ==================== Build & Push Images ==================== build-images: name: Build & Push Images runs-on: self-hosted strategy: matrix: app: [web, api] steps: - uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to WOOO Harbor uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.HARBOR_USER }} password: ${{ secrets.HARBOR_PASSWORD }} - name: Generate image tag id: tag run: | SHA=$(git rev-parse --short HEAD) RUN_ID=${{ github.run_id }} echo "tag=${SHA}-${RUN_ID}" >> $GITHUB_OUTPUT - name: Build & Push to Harbor uses: docker/build-push-action@v5 with: context: . file: apps/${{ matrix.app }}/Dockerfile push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}-${{ matrix.app }}:${{ steps.tag.outputs.tag }} cache-from: type=gha cache-to: type=gha,mode=max - name: Output image tag run: | echo "::notice::Image pushed: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}-${{ matrix.app }}:${{ steps.tag.outputs.tag }}" # ==================== Deploy to UAT ==================== deploy-uat: name: Deploy to UAT runs-on: self-hosted needs: build-images environment: uat steps: - uses: actions/checkout@v4 - name: Setup Kubeconfig run: | mkdir -p ~/.kube echo "${{ secrets.KUBE_CONFIG_UAT }}" | base64 -d > ~/.kube/config chmod 600 ~/.kube/config - name: Generate image tag id: tag run: | SHA=$(git rev-parse --short HEAD) RUN_ID=${{ github.run_id }} echo "tag=${SHA}-${RUN_ID}" >> $GITHUB_OUTPUT - name: Deploy with Kustomize run: | cd k8s/overlays/uat kustomize edit set image \ awoooi-web=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}-web:${{ steps.tag.outputs.tag }} \ awoooi-api=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}-api:${{ steps.tag.outputs.tag }} kubectl apply -k . - name: Wait for rollout run: | kubectl rollout status deployment/awoooi-web -n awoooi-uat --timeout=300s kubectl rollout status deployment/awoooi-api -n awoooi-uat --timeout=300s - name: Health check run: | sleep 10 curl -f https://api-uat.awoooi.wooo.work/v1/health || exit 1