Deploy #555

Workflow file for this run

.github/workflows/deploy.yaml at 157b6d0

	name: Deploy

	on:
	workflow_run:
	workflows: ["CI"]
	branches:
	- main
	types:
	- completed
	workflow_dispatch:
	inputs:
	deploy_environment:
	description: 'Environment to deploy to'
	required: false
	default: 'develop'
	type: choice
	options:
	- production
	- develop


	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event.inputs.deploy_environment \|\| 'production' }}
	cancel-in-progress: true

	permissions:
	{}

	jobs:
	# copied from the ci step
	build:
	if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_environment == 'develop'
	name: Build & Push
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write # used to publish to GHCR
	steps:
	# Create a commit SHA-based tag for the container repositories
	- name: Create SHA Container Tag
	id: sha_tag
	run: \|
	tag=$(cut -c 1-7 <<< $GITHUB_SHA)
	echo "tag=$tag" >> $GITHUB_OUTPUT
	# Check out the current repository in the `monty` subdirectory
	- name: Checkout code
	uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
	with:
	path: monty
	persist-credentials: false

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1

	- name: Login to Github Container Registry
	uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	# Build and push the container to the GitHub Container
	# Repository. The container will be tagged as "latest"
	# and with the short SHA of the commit.
	- name: Build and push
	uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
	with:
	context: monty/
	file: monty/Dockerfile
	push: true
	cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/monty-python-beta:latest
	cache-to: type=inline
	tags: \|
	ghcr.io/${{ github.repository_owner }}/monty-python-beta:latest
	ghcr.io/${{ github.repository_owner }}/monty-python-beta:${{ steps.sha_tag.outputs.tag }}
	build-args: \|
	git_sha=${{ github.sha }}

	deploy:
	environment: ${{ github.event.inputs.deploy_environment \|\| 'production' }}
	needs: build
	if: always() && github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' \|\| github.event_name == 'workflow_dispatch'
	name: Deploy to k8s
	runs-on: ubuntu-latest
	permissions:
	contents: read # used to checkout the repo
	packages: read # used to pull the container
	steps:
	- name: Create SHA Container Tag
	id: sha_tag
	run: \|
	tag=$(cut -c 1-7 <<< $GITHUB_SHA)
	echo "tag=$tag" >> $GITHUB_OUTPUT
	- name: Checkout code
	uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
	with:
	repository: onerandomusername/kubernetes
	token: ${{ secrets.REPO_TOKEN }}
	persist-credentials: false

	- name: Install kubectl
	uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1
	with:
	version: 'latest'

	- name: Authenticate with Kubernetes
	uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2
	with:
	method: kubeconfig
	kubeconfig: ${{ secrets.KUBECONFIG }}

	- name: Login to Github Container Registry
	uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Deploy beta to Kubernetes
	if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_environment == 'develop'
	uses: azure/k8s-deploy@6f7c489cecd8da05646259d9fa3daae92e095c7b # v5.0.4
	with:
	manifests: \|
	monty/beta/deployment.yaml
	images: 'ghcr.io/onerandomusername/monty-python-beta:${{ steps.sha_tag.outputs.tag }}'
	# annotate-namespace: false
	# strategy: 'none'

	- name: Deploy Stable to Kubernetes
	if: github.event_name != 'workflow_dispatch' \|\| github.event.inputs.deploy_environment != 'develop'
	uses: azure/k8s-deploy@6f7c489cecd8da05646259d9fa3daae92e095c7b # v5.0.4
	with:
	manifests: \|
	monty/deployment.yaml
	images: 'ghcr.io/onerandomusername/monty-python:${{ steps.sha_tag.outputs.tag }}'
	# annotate-namespace: false
	# strategy: 'none'

	create_sentry_release:
	name: Create Sentry Release
	needs: build
	if: always()
	environment: ${{ github.event.inputs.deploy_environment \|\| 'production' }}
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
	with:
	persist-credentials: false

	- name: Create a Sentry.io release
	if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_environment == 'develop'
	uses: tclindner/sentry-releases-action@6aa8f28371f3b57460bbaefce469471b117b5620 # v1.3.0
	env:
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
	SENTRY_PROJECT: monty-python-beta
	with:
	tagName: ${{ github.sha }}
	# because for whatever reason we currently have two seperate sentry projects, not one.
	# TODO(onerandomusername): consolidate
	environment: production
	releaseNamePrefix: monty@


	- name: Create a Sentry.io release
	if: github.event_name != 'workflow_dispatch' \|\| github.event.inputs.deploy_environment != 'develop'
	uses: tclindner/sentry-releases-action@6aa8f28371f3b57460bbaefce469471b117b5620 # v1.3.0
	env:
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
	SENTRY_PROJECT: monty-python
	with:
	tagName: ${{ github.sha }}
	environment: production
	releaseNamePrefix: monty@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Deploy #555

Workflow file

Deploy #555

Uh oh!

Workflow file for this run