-[x] Password Encryption Removed From FE #1611
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Development Deployment | |
| on: | |
| push: | |
| branches: [ develop ] | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| cli_build_push: | |
| name: cli image build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cli | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 | |
| with: | |
| context: . | |
| push: true | |
| target: cli | |
| file: Dockerfile.develop | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cli:${{ github.sha }} | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cli:latest | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_DEV }} | |
| fpm_server_build_push: | |
| name: fpm_server image build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/fpm_server | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 | |
| with: | |
| context: . | |
| push: true | |
| file: Dockerfile.develop | |
| target: fpm_server | |
| build-args: | | |
| MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_DEV }} | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/fpm_server:${{ github.sha }} | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/fpm_server:latest | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| web_server_build_push: | |
| name: web_server image build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/web_server | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 | |
| with: | |
| context: . | |
| push: true | |
| file: Dockerfile.develop | |
| target: web_server | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/web_server:${{ github.sha }} | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/web_server:latest | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_DEV }} | |
| cron_build_push: | |
| name: cron image build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cron | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 | |
| with: | |
| context: . | |
| push: true | |
| target: cron | |
| file: Dockerfile.develop | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cron:${{ github.sha }} | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cron:latest | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_DEV }} | |
| horizon_build_push: | |
| name: horizon image build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 | |
| with: | |
| context: . | |
| push: true | |
| target: horizon | |
| file: Dockerfile.develop | |
| tags: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon:${{ github.sha }} | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon:latest | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| MIX_ENCRYPTION_KEY=${{ secrets.MIX_ENCRYPTION_KEY_DEV }} | |
| deploy-development: | |
| name: development deploy | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: development | |
| url: https://iatipublisher-dev.yipl.com.np | |
| needs: [cli_build_push, fpm_server_build_push, web_server_build_push, cron_build_push, horizon_build_push] | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - uses: imranismail/setup-kustomize@v2 | |
| - name: update k8s | |
| run: | | |
| cd packages/development | |
| kustomize edit set image ghcr.io/${{ github.repository }}/cli:${{ github.sha }} | |
| kustomize edit set image ghcr.io/${{ github.repository }}/fpm_server:${{ github.sha }} | |
| kustomize edit set image ghcr.io/${{ github.repository }}/web_server:${{ github.sha }} | |
| kustomize edit set image ghcr.io/${{ github.repository }}/cron:${{ github.sha }} | |
| kustomize edit set image ghcr.io/${{ github.repository }}/horizon:${{ github.sha }} | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Save DigitalOcean kubeconfig with short-lived credentials | |
| run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 de2f7af9-3d20-4f8d-a661-7f69092d4520 | |
| - name: Deploy to DigitalOcean Kubernetes | |
| run: kubectl apply -k packages/development | |