forked from elisska/github-actions-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
197 lines (167 loc) · 6.33 KB
/
ci-cd-python-app.yml
File metadata and controls
197 lines (167 loc) · 6.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: CI/CD Workflow
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./app
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v2
with:
python-version: "3.10"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install flake8 pytest
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Test with pytest
run: |
pytest
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: ./app
file: ./app/Dockerfile
builder: ${{ steps.buildx.outputs.name }}
push: true
tags: ${{ secrets.DOCKER_USERNAME }}/hello-gitops:${{ github.sha }}, ${{ secrets.DOCKER_USERNAME }}/hello-gitops:latest
platforms: linux/amd64,linux/arm64
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: build
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
GKE_CLUSTER: hello-gitops
GKE_REGION: us-east1
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Setup Kustomize
uses: imranismail/setup-kustomize@v1
with:
kustomize-version: "3.6.1"
# Alternative option - authentication via credentials json
- name: Authenticate to Google Cloud
uses: 'google-github-actions/auth@v3'
with:
credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v3
- name: Get the GKE credentials so we can deploy to the cluster
run: |
gcloud components install gke-gcloud-auth-plugin
gcloud container clusters get-credentials "$GKE_CLUSTER" --region "$GKE_REGION"
- name: Create namespace & set in Kustomize
run: |
namespacePresentBlue=`kubectl get ns | grep python-app-blue | wc -l`
namespacePresentGreen=`kubectl get ns | grep python-app-green | wc -l`
if [ $namespacePresentBlue -eq 0 ]
then
kubectl create ns python-app-blue
cd k8s
kustomize edit set namespace python-app-blue
echo "NEW_NAMESPACE=python-app-blue" >> $GITHUB_ENV
echo "OLD_NAMESPACE=python-app-green" >> $GITHUB_ENV
elif [ $namespacePresentGreen -eq 0 ]
then
kubectl create ns python-app-green
cd k8s
kustomize edit set namespace python-app-green
echo "NEW_NAMESPACE=python-app-green" >> $GITHUB_ENV
echo "OLD_NAMESPACE=python-app-blue" >> $GITHUB_ENV
else
echo "Both Blue and Green namespaces are present! Exiting"
exit 1
fi
- name: Update Kubernetes resources
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: |
cd k8s
kustomize edit set image hello-gitops=$DOCKER_USERNAME/hello-gitops:$GITHUB_SHA
cat kustomization.yaml
- name: Deploy updated Kubernetes resources
run: |
kubectl apply -k k8s/
- name: Wait for rollout success
run: |
kubectl rollout status deployment/hello-gitops -n ${{ env.NEW_NAMESPACE }} --timeout=120s
- name: Route traffic to new namespace
run: |
kubectl patch service hello-gitops \
-p '{"spec":{"selector":{"app":"hello-gitops","namespace":"'"${{ env.NEW_NAMESPACE }}"'"}}}' \
-n ${{ env.NEW_NAMESPACE }}
- name: Test the new deployment
run: |
kubectl -n ${{ env.NEW_NAMESPACE }} port-forward $(kubectl -n ${{ env.NEW_NAMESPACE }} get po -o name | tail -n 1) 8050:8050 &
PF_PID=$!
sleep 5
for i in {1..30}; do
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8050)
if [ "$HTTP_CODE" = "200" ]; then
kill $PF_PID
exit 0
else
echo "Waiting for service to respond (attempt $i), got HTTP $HTTP_CODE"
sleep 10
fi
done
echo "Service did not respond with 200 after 5 minutes — rolling back"
kill $PF_PID
kubectl patch service hello-gitops \
-p '{"spec":{"selector":{"app":"hello-gitops","namespace":"'"${{ env.OLD_NAMESPACE }}"'"}}}' \
-n ${{ env.OLD_NAMESPACE }}
exit 1
- name: Remove old namespace
run: |
namespacePresentOld=`kubectl get ns | grep ${{ env.OLD_NAMESPACE }} | wc -l`
if [ $namespacePresentOld -eq 1 ]
then
kubectl delete ns ${{ env.OLD_NAMESPACE }} --wait=true
fi
- name: Commit files
run: |
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git config pull.rebase false
git commit -am "Bump docker tag"
git pull origin main
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}