Skip to content

Integrate new staging workflow #74

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
kpplis wants to merge 9 commits into
base: main
Choose a base branch
from
Draft

Integrate new staging workflow #74

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
a4ebdd7
cicd optimization
kpplis Jan 27, 2026
b9f99ca
save changes
kpplis Feb 13, 2026
9db008a
fix references
kpplis Feb 16, 2026
fd88e4a
remove uses
kpplis Feb 17, 2026
55028f9
fix build-image version
kpplis Feb 17, 2026
c01109b
add fi
kpplis Feb 17, 2026
9832416
adjust build-image
kpplis Feb 17, 2026
bd49fb5
adjust
kpplis Feb 17, 2026
2548a55
specify dockerfile
kpplis Feb 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
226 changes: 226 additions & 0 deletions .github/workflows/build-and-deploy-to-eks.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,226 @@
name: Kubernetes
on:
workflow_call:
inputs:
artifactName:
required: false
description: Downloads a previously uploaded artifact (has to be in the same workflow). Both artifactPath and artifactName have to be passed.
default: ""
type: string
artifactPath:
required: false
description: Downloads a previously uploaded artifact (has to be in the same workflow). Both artifactPath and artifactName have to be passed.
default: ""
type: string
appName:
required: false
type: string
default: ""
environment:
required: false
type: string
default: ""
description:
required: false
type: string
deploymentRepoPath:
required: false
description: Path to the values.yaml file in the deployment repository (e.g. .chart/staging)
type: string
deploymentRepoURL:
required: false
description: URL of the deployment repository
type: string
createGitHubDeployment:
required: false
default: false
type: boolean
enableContainerScan:
required: false
default: true
type: boolean
env:
required: true
type: string
imageTargets:
required: false
description: Sets targets for as many image builds as targets specified in Containerfile
default: ""
type: string
ref:
required: true
type: string
runner:
required: false
default: ubuntu-latest
type: string
sentryOrg:
required: false
type: string
sentryProject:
required: false
type: string
sentryEnvironment:
required: false
type: string
sentryUrl:
required: false
type: string
slackChannelId:
required: false
type: string
tagPath:
required: false
type: string
context:
required: false
type: string
default: "."
dockerfile:
required: false
type: string
default: "Containerfile"
secrets:
slackBotToken:
required: false
description: The Slack bot token to write messages in the desired channels (required if slack channel ids are provided)
sentryAuthToken:
required: false
REPO_ACCESS_TOKEN:
required: false
AWS_ROLE_TO_ASSUME:
required: true
description: AWS OIDC role for GitHub to assume

jobs:
init:
runs-on: ${{ inputs.runner }}
outputs:
version: ${{ steps.vars.outputs.version }}
steps:
- name: Load deployment variables
id: vars
run: |
REF="${{ inputs.ref }}"
SHA="${{ github.sha }}"
if [[ "${{ inputs.env }}" == 'prod' ]]
then
# shellcheck disable=SC2086
echo "version=${REF##*/}" >> $GITHUB_OUTPUT
else
# shellcheck disable=SC2086
echo "version=${SHA:0:7}" >> $GITHUB_OUTPUT
fi

build:
needs: init
permissions:
contents: read
id-token: write
uses: ./.github/workflows/build-image.yaml
with:
artifactName: ${{ inputs.artifactName }}
artifactPath: ${{ inputs.artifactPath }}
imageTargets: ${{ inputs.imageTargets }}
enableContainerScan: ${{ inputs.enableContainerScan }}
runner: ${{ inputs.runner }}
version: ${{ needs.init.outputs.version }}
appName: ${{ inputs.appName }}
environment: ${{ inputs.environment }}
context: ${{ inputs.context }}
dockerfile: ${{ inputs.dockerfile }}
secrets: inherit

commit:
needs: build
environment: ${{ inputs.env }}
concurrency: commit-${{ inputs.deploymentRepoURL }}-${{ github.sha }}
runs-on: ${{ inputs.runner }}
steps:
- name: Checkout current git repository
uses: actions/checkout@v6
- name: Deploy ${{ github.sha }} to ${{ inputs.env }} values
uses: mikefarah/yq@v4.30.8
with:
cmd: yq '(.${{ inputs.tagPath }} = "${{ needs.init.outputs.version }}")' -i ${{ inputs.deploymentRepoPath }}/values.yaml
- name: Commit and push new tag
run: |
set -euxo pipefail
git config user.email "dev.bot@parcellab.com"
git config user.name "parcellab-dev-bot"
git add ${{ inputs.deploymentRepoPath }}/values.yaml
if git diff --cached --quiet; then
echo "No changes to commit"
exit 0
fi
git commit -m "chore(deploy): set ${{ inputs.env }} image tag to ${{ needs.init.outputs.version }}"

if [ "${{ inputs.env }}" = "staging" ]; then
echo "Commit new tag to staging"
NEW_SHA=$(git rev-parse HEAD)
VERSION="${{ needs.init.outputs.version }}"
git tag -fa staging -m "staging deploy ${VERSION} (${NEW_SHA}) via ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" "${NEW_SHA}"
git push origin -f refs/tags/staging
else
echo "Commit new tag to ${{ inputs.env }}"
git push origin HEAD:main
fi

post-deploy:
needs: [init, commit]
runs-on: ${{ inputs.runner }}
steps:
- if: inputs.slackChannelId
name: Send out Slack notification
continue-on-error: true
uses: darioblanco/slack-deployment@main
env:
SLACK_BOT_TOKEN: ${{ secrets.slackBotToken }}
with:
channel_id: ${{ inputs.slackChannelId }}
deployment_description: "No description"
deployment_name: ${{ inputs.artifactName != '' && inputs.artifactName || 'unknown' }}
environment: ${{ inputs.env }}
owner: ${{ github.actor }}
package: ${{ inputs.artifactName != '' && inputs.artifactName || 'unknown' }}
ref: ${{ inputs.ref }}
repo: ${{ github.repository }}
sha: ${{ github.sha }}
status_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
version: ${{ needs.init.outputs.version }}
- if: inputs.sentryOrg != '' && inputs.sentryProject != ''
name: Create Sentry release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.sentryAuthToken }}
SENTRY_ORG: ${{ inputs.sentryOrg }}
SENTRY_PROJECT: ${{ inputs.sentryProject }}
SENTRY_URL: ${{ inputs.sentryUrl }}
with:
environment: ${{ inputs.sentryEnvironment != '' && inputs.sentryEnvironment || inputs.env }}
set_commits: skip
version: ${{ needs.init.outputs.version }}
continue-on-error: true
- if: inputs.createGitHubDeployment
name: Create GitHub Deployment
uses: chrnorm/deployment-action@v2
id: deployment
with:
token: ${{ secrets.REPO_ACCESS_TOKEN }}
ref: ${{ inputs.ref }}
environment: ${{ inputs.env }}
description: ${{ inputs.description != '' && inputs.description || format('Manual deployment {0}', github.sha) }}
auto-merge: false
payload: |
{"env":${{ toJSON(inputs.env) }},"name":"product-api","author":${{ toJSON(github.actor) }},"description":${{ toJSON(inputs.description) }},"kubernetes":{"versionKey":"monolith.image.tag"}}
- if: inputs.createGitHubDeployment
name: Set GitHub Deployment status to successful
uses: chrnorm/deployment-status@v2
with:
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
environment-url: ${{ steps.deployment.outputs.environment_url }}
environment: ${{ inputs.env }}
state: "success"
token: ${{ github.token }}

Loading