-
Notifications
You must be signed in to change notification settings - Fork 59
108 lines (98 loc) · 3.92 KB
/
_update-node-image-infra.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
---
name: Update aleph-node image in infra
on:
workflow_call:
inputs:
env:
required: true
type: string
description: mainnet or testnet
tag:
description: aleph-node git tag to deploy
type: string
required: true
jobs:
main:
name: Update aleph-node image in infra
runs-on: ubuntu-20.04
environment:
name: ${{ inputs.env }}
steps:
- name: Validate action inputs
shell: bash
run: |
if [[ '${{ inputs.env }}' != 'testnet' && '${{ inputs.env }}' != 'mainnet' ]]; then
echo 'Error: inputs.env should be either mainnet or testnet!'
exit 1
fi
if [[ '${{ inputs.tag }}' == '' ]]; then
echo 'Error: inputs.tag should be set!'
exit 2
fi
- name: Call action Get ECR image names
id: get-docker-image-names
uses: Cardinal-Cryptography/aleph-node/.github/actions/get-docker-image-names@main
with:
ecr-repo: ${{ vars.ECR_ALEPH_NODE_REPO }}
dockerhub-repo: ${{ vars.DOCKERHUB_ALEPH_NODE_REPO }}
tag: ${{ inputs.tag }}
# this step checks indirectly as well that git HEAD has an r-* tag
# otherwise ECR image would not exist
- name: Check deploy image existence
uses: Cardinal-Cryptography/github-actions/check-image-existence-ecr@v7
with:
ecr-image: ${{ steps.get-docker-image-names.outputs.ecr-deploy-image }}
- name: Get repo owner
id: get-repo-owner
shell: bash
run: |
echo "repo-owner=$GITHUB_REPOSITORY_OWNER" >> $GITHUB_OUTPUT
- name: GIT | Checkout argocd apps repo
uses: actions/checkout@v4
with:
ref: ${{ inputs.env }}
# yamllint disable-line rule:line-length
repository: ${{ steps.get-repo-owner.outputs.repo-owner }}/${{ secrets.REPO_ARGOCD_APPS_NAME }}
token: ${{ secrets.CI_GH_TOKEN }}
path: ${{ secrets.REPO_ARGOCD_APPS_NAME }}
- name: Init kustomize
uses: imranismail/setup-kustomize@v2
with:
kustomize-version: ${{ vars.KUSTOMIZE_VERSION }}
- name: Update aleph-node docker image and trigger ArgoCD deploy for ${{ inputs.env }}
env:
DEPLOY_IMAGE: ${{ steps.get-docker-image-names.outputs.ecr-deploy-image }}
REGIONS_AWS: 'eu-central-1,us-east-1'
shell: bash
run: |
IFS="," read -a region_array <<< ${{ env.REGIONS_AWS }}
export aleph_path=$(pwd)
export apps_name=${{ secrets.REPO_ARGOCD_APPS_NAME }}
for i in "${region_array[@]}"; do
# Deploy new image version for archivist
cd ${aleph_path}/${apps_name}/aleph-node-archivists/overlays/${{ inputs.env }}/${i}
kustomize edit set image \
"aleph-node-archivist-image-placeholder=${{ env.DEPLOY_IMAGE }}"
# Deploy new image version for validator
cd ${aleph_path}/${apps_name}/aleph-node-validators/overlays/${{ inputs.env }}/${i}
kustomize edit set image \
"aleph-node-validator-image-placeholder=${{ env.DEPLOY_IMAGE }}"
done
- name: Configure signing key
# yamllint disable rule:line-length
run: |
echo ${{ secrets.AUTOCOMMIT_GPG_KEY_B64 }} | base64 -d > key.gpg
gpg --import key.gpg
rm key.gpg
git config --global user.signingkey $(echo ${{ secrets.AUTOCOMMIT_GPG_KEY_FINGERPRINT }} | tail -c 17)
- name: GIT | Commit changes to argocd apps repository.
uses: EndBug/[email protected]
env:
TAG: ${{ inputs.tag }}
with:
author_name: ${{ secrets.AUTOCOMMIT_AUTHOR }}
author_email: ${{ secrets.AUTOCOMMIT_EMAIL }}
message: "Update ${{ inputs.env }} aleph-node tag ${{ env.TAG }}"
add: "*.yaml"
commit: -S
cwd: ${{ secrets.REPO_ARGOCD_APPS_NAME }}