116 lines
3.2 KiB
YAML
116 lines
3.2 KiB
YAML
name: CI/CD
|
|
|
|
# Test on every push/PR; build + push an image and deploy on develop (staging)
|
|
# and on v* tags (production). Deployment goes through the Swarmpit REST API.
|
|
on:
|
|
push:
|
|
branches: [main, develop]
|
|
tags: ["v*"]
|
|
pull_request:
|
|
branches: [main, develop]
|
|
|
|
env:
|
|
REGISTRY: git.intra.yksa.space
|
|
IMAGE_NAME: web/predictor
|
|
|
|
jobs:
|
|
test:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version: "1.25"
|
|
cache: true
|
|
|
|
- name: Check formatting
|
|
run: |
|
|
unformatted="$(gofmt -l .)"
|
|
if [ -n "$unformatted" ]; then
|
|
echo "These files need gofmt:"; echo "$unformatted"; exit 1
|
|
fi
|
|
|
|
- name: Vet
|
|
run: go vet ./...
|
|
|
|
- name: Build
|
|
run: go build ./...
|
|
|
|
- name: Test
|
|
run: go test -race ./...
|
|
|
|
build:
|
|
needs: test
|
|
runs-on: ubuntu-24.04
|
|
if: github.ref == 'refs/heads/develop' || startsWith(github.ref, 'refs/tags/v')
|
|
outputs:
|
|
tag: ${{ steps.meta.outputs.tag }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: docker/setup-buildx-action@v3
|
|
|
|
- uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ secrets.REGISTRY_USERNAME }}
|
|
password: ${{ secrets.REGISTRY_PASSWORD }}
|
|
|
|
- name: Resolve image tag
|
|
id: meta
|
|
run: |
|
|
if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
|
|
TAG="${GITHUB_REF#refs/tags/v}"
|
|
else
|
|
TAG="develop"
|
|
fi
|
|
echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
|
|
echo "Resolved tag: ${TAG}"
|
|
|
|
- name: Build and push image
|
|
run: |
|
|
IMAGE="${REGISTRY}/${IMAGE_NAME}"
|
|
TAG="${{ steps.meta.outputs.tag }}"
|
|
TAGS="-t ${IMAGE}:${TAG}"
|
|
# Tagged releases also move :latest.
|
|
if [[ "${TAG}" != "develop" ]]; then
|
|
TAGS="${TAGS} -t ${IMAGE}:latest"
|
|
fi
|
|
docker buildx build \
|
|
--platform linux/amd64 \
|
|
--build-arg VERSION="${TAG}" \
|
|
--build-arg REVISION="${{ github.sha }}" \
|
|
--push ${TAGS} .
|
|
|
|
deploy-staging:
|
|
needs: build
|
|
runs-on: ubuntu-24.04
|
|
if: github.ref == 'refs/heads/develop'
|
|
environment: staging
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Deploy to Swarmpit (staging)
|
|
env:
|
|
SWARMPIT_URL: ${{ secrets.SWARMPIT_URL }}
|
|
SWARMPIT_TOKEN: ${{ secrets.SWARMPIT_TOKEN }}
|
|
STACK_NAME: ${{ secrets.STACK_NAME }}
|
|
CA_CERTIFICATES: ${{ secrets.CA_CERTIFICATES }}
|
|
TAG: ${{ needs.build.outputs.tag }}
|
|
run: sh deploy/swarmpit-deploy.sh
|
|
|
|
deploy-production:
|
|
needs: build
|
|
runs-on: ubuntu-24.04
|
|
if: startsWith(github.ref, 'refs/tags/v')
|
|
environment: production
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Deploy to Swarmpit (production)
|
|
env:
|
|
SWARMPIT_URL: ${{ secrets.SWARMPIT_URL }}
|
|
SWARMPIT_TOKEN: ${{ secrets.SWARMPIT_TOKEN }}
|
|
STACK_NAME: ${{ secrets.STACK_NAME }}
|
|
CA_CERTIFICATES: ${{ secrets.CA_CERTIFICATES }}
|
|
TAG: ${{ needs.build.outputs.tag }}
|
|
run: sh deploy/swarmpit-deploy.sh
|