ci: added action

2025-06-05 21:08:26 +02:00 · 2025-06-05 21:08:26 +02:00 · dbbaae7387
commit dbbaae7387
parent 5c5ffb411b
2 changed files with 191 additions and 0 deletions
--- a/.forgejo/workflows/build-and-deploy.yaml
+++ b/.forgejo/workflows/build-and-deploy.yaml
@ -0,0 +1,125 @@
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  # Allow manual trigger
+  workflow_dispatch:
+
+env:
+  REGISTRY: registrar.mattiaswiberg.com
+  IMAGE_NAME: nextjs-slack-clone
+  HELM_CHART_PATH: ./helm/nextjs-slack-clone
+  NAMESPACE: default  # Change to your application's namespace
+
+jobs:
+  build-and-push:
+    runs-on: docker
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        run: |
+          # Set up buildx for multi-platform builds
+          docker buildx create --use
+
+      - name: Login to Container Registry
+        run: |
+          echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
+        
+      # Generate a version tag based on commit hash
+      - name: Generate version tag
+        id: generate_tag
+        run: |
+          COMMIT_HASH=$(echo ${GITHUB_SHA} | cut -c1-7)
+          VERSION_TAG="${COMMIT_HASH}"
+          echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_OUTPUT
+          # Also set latest tag for convenience
+          echo "LATEST_TAG=latest" >> $GITHUB_OUTPUT
+
+      # Build and push Docker image
+      - name: Build and push
+        run: |
+          # Build the image
+          docker build \
+            --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.VERSION_TAG }} \
+            --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.LATEST_TAG }} \
+            --build-arg NEXT_PUBLIC_SUPABASE_URL=${{ secrets.NEXT_PUBLIC_SUPABASE_URL }} \
+            --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY=${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }} \
+            .
+
+          # Push the image with version tag and latest tag
+          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.VERSION_TAG }}
+          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.LATEST_TAG }}
+  
+  deploy:
+    needs: build-and-push
+    runs-on: docker
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      
+      # Generate the same version tag as build-and-push job
+      - name: Generate version tag
+        id: generate_tag
+        run: |
+          COMMIT_HASH=$(echo ${GITHUB_SHA} | cut -c1-7)
+          VERSION_TAG="${COMMIT_HASH}"
+          echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_OUTPUT
+
+      - name: Set up kubectl
+        run: |
+          # Install kubectl
+          curl -LO "https://dl.k8s.io/release/stable.txt"
+          KUBE_VERSION=$(cat stable.txt)
+          curl -LO "https://dl.k8s.io/release/$KUBE_VERSION/bin/linux/amd64/kubectl"
+          chmod +x kubectl
+          mv kubectl /usr/local/bin/
+
+      - name: Set up Helm
+        run: |
+          # Install Helm
+          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
+          chmod +x get_helm.sh
+          ./get_helm.sh
+
+      # Create kubeconfig using service account token
+      - name: Configure kubeconfig from service account
+        run: |
+          # Create kubeconfig using service account token
+          mkdir -p $HOME/.kube
+          cat > $HOME/.kube/config <<EOF
+          apiVersion: v1
+          kind: Config
+          clusters:
+          - name: cluster
+            cluster:
+              server: ${{ secrets.K8S_SERVER_URL }}
+              certificate-authority-data: ${{ secrets.K8S_CA_CERT }}
+          users:
+          - name: ci-deployer
+            user:
+              token: ${{ secrets.K8S_SA_TOKEN }}
+          contexts:
+          - name: default
+            context:
+              cluster: cluster
+              user: ci-deployer
+              namespace: ${{ env.NAMESPACE }}
+          current-context: default
+          EOF
+          chmod 600 $HOME/.kube/config
+
+      - name: Deploy with Helm
+        run: |
+          # Deploy using Helm with service account authentication
+          helm upgrade --install nextjs-slack-clone ${{ env.HELM_CHART_PATH }} \
+            --namespace ${{ env.NAMESPACE }} \
+            --set image.tag=${{ steps.generate_tag.outputs.VERSION_TAG }} \
+            --set registry.username=${{ secrets.REGISTRY_USERNAME }} \
+            --set registry.password=${{ secrets.REGISTRY_PASSWORD }} \
+            --set env.NEXT_PUBLIC_SUPABASE_URL=${{ secrets.NEXT_PUBLIC_SUPABASE_URL }} \
+            --set env.NEXT_PUBLIC_SUPABASE_ANON_KEY=${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }}