on: push: branches: - main pull_request: branches: - main # Allow manual trigger workflow_dispatch: env: REGISTRY: registry.mattiaswiberg.com IMAGE_NAME: nextjs-slack-clone HELM_CHART_PATH: ./helm/nextjs-slack-clone NAMESPACE: default # Change to your application's namespace jobs: build-and-push: runs-on: microk8s steps: - name: Checkout code uses: actions/checkout@v3 - name: Login to Container Registry run: | echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin # Generate a version tag based on commit hash - name: Generate version tag id: generate_tag run: | COMMIT_HASH=$(echo ${GITHUB_SHA} | cut -c1-7) VERSION_TAG="${COMMIT_HASH}" echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_OUTPUT # Also set latest tag for convenience echo "LATEST_TAG=latest" >> $GITHUB_OUTPUT # Build and push Docker image - name: Build and push run: | # Build the image docker build \ --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.VERSION_TAG }} \ --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.LATEST_TAG }} \ --build-arg NEXT_PUBLIC_SUPABASE_URL=${{ secrets.NEXT_PUBLIC_SUPABASE_URL }} \ --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY=${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }} \ . # Push the image with version tag and latest tag docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.VERSION_TAG }} docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.LATEST_TAG }} deploy: needs: build-and-push runs-on: microk8s steps: - name: Checkout code uses: actions/checkout@v3 # Generate the same version tag as build-and-push job - name: Generate version tag id: generate_tag run: | COMMIT_HASH=$(echo ${GITHUB_SHA} | cut -c1-7) VERSION_TAG="${COMMIT_HASH}" echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_OUTPUT - name: Set up kubectl - name: Set up kubectl run: | # Install kubectl curl -LO "https://dl.k8s.io/release/stable.txt" KUBE_VERSION=$(cat stable.txt) curl -LO "https://dl.k8s.io/release/$KUBE_VERSION/bin/linux/amd64/kubectl" chmod +x kubectl mv kubectl /usr/local/bin/ # Make sure we don't use any existing microk8s config if [ -f /var/snap/microk8s/current/credentials/client.config ]; then echo "Detected microk8s config - we'll use our own config instead" # Backup any existing config and make sure it won't be used [ -d $HOME/.kube ] && mv $HOME/.kube $HOME/.kube.bak fi - name: Set up Helm run: | # Install Helm curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 chmod +x get_helm.sh ./get_helm.sh # Create kubeconfig using service account token - name: Configure kubeconfig from service account run: | # Create a dedicated kubeconfig file for this job CONFIG_FILE="$HOME/custom-kubeconfig" # Create fresh config with explicit server URL cat > $CONFIG_FILE <> $GITHUB_ENV # Verify the config is pointing to the correct server echo "Checking kubectl configuration..." KUBECTL_SERVER=$(KUBECONFIG=$CONFIG_FILE kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}') echo "Kubectl is configured to use server: $KUBECTL_SERVER" - name: Verify Kubernetes connectivity run: | # Test connectivity to the Kubernetes cluster echo "Testing Kubernetes API connectivity..." kubectl cluster-info kubectl get nodes - name: Deploy with Helm run: | # Deploy using Helm with service account authentication echo "Deploying with Helm to server: $(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}')" helm upgrade --install nextjs-slack-clone ${{ env.HELM_CHART_PATH }} \ --namespace ${{ env.NAMESPACE }} \ --set image.tag=${{ steps.generate_tag.outputs.VERSION_TAG }} \ --set registry.username=${{ secrets.REGISTRY_USERNAME }} \ --set registry.password=${{ secrets.REGISTRY_PASSWORD }} \ --set env.NEXT_PUBLIC_SUPABASE_URL=${{ secrets.NEXT_PUBLIC_SUPABASE_URL }} \ --set env.NEXT_PUBLIC_SUPABASE_ANON_KEY=${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }}