Files
Ashwin Sangem 44278596c1 Testing Partner Toggle, Synced with Main (#1083)
* Secure workflows (#1) (#1072)

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-feature.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-support.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/stale.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/sync_ghes.yaml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/validate-data.yaml

Co-authored-by: Step Security <bot@stepsecurity.io>

Co-authored-by: step-security[bot] <89328102+step-security[bot]@users.noreply.github.com>
Co-authored-by: Step Security <bot@stepsecurity.io>

* Directory for deployments (#1071)

* moving deployment templates

* including deployment directory in scripts

* validate categories script init

* introducing scout

* introducing workflow

* Update validate-categories.yaml

* Update validate-categories.yaml

* Update validate-categories.yaml

* Update validate.rb

* Update validate.rb

* Update validate.rb

* Update validate.rb

* Update validate-categories.yaml

* Update validate-categories.yaml

* Update validate-categories.yaml

* Update validate.rb

* Update validate-categories.yaml

* Update validate-categories.yaml

* Create test_comment.yaml

* rename

* using [enter]

* testing newline

* test

* setting up variable

* using echo -e

* using join

* testing space space new line

* setting multi line in echo

* removing checkout

* setting rows-generator

* fixing error

* using join

* commit

* Update test_comment.yaml

* escaping pipe

* printing debug line

* using %0A

* Update validate-categories.yaml

* Update validate.rb

* Update validate.rb

* removing debug

* removing variable

* Update validate.rb

* Update validate-categories.yaml

* Validate categories comment on pr (#32)

* reverting deployment directory

* checking for output

* Categories validation two workflows (#34)

comment on pr in a separate workflow

* Categories validation two workflows (#35)

using right dir name

* Categories validation two workflows (#36)

.

* Categories validation two workflows (#37)

fixing typo

* adding if conditions

* adding try catch

* using console instead of echo

* equating to upstream

* moving deployment templates

* add codeql workflow to ghes

* restoring from main (#1078)

* Revert "add codeql workflow to ghes branch"

* add codeql workflow to ghes

* only run ghes sync checks on YML files

* only check nwo of supported actions

* Testing Partner Toggle.

Co-authored-by: Varun Sharma <varunsh@stepsecurity.io>
Co-authored-by: step-security[bot] <89328102+step-security[bot]@users.noreply.github.com>
Co-authored-by: Step Security <bot@stepsecurity.io>
Co-authored-by: Aparna Ravindra <82894348+aparna-ravindra@users.noreply.github.com>
Co-authored-by: Nick Fyson <nickfyson@github.com>
2021-09-09 08:35:04 +05:30

77 lines
2.5 KiB
YAML

# This workflow will build a docker container, publish and deploy it to Tencent Kubernetes Engine (TKE).
#
# To configure this workflow:
#
# 1. Ensure that your repository contains the necessary configuration for your Tencent Kubernetes Engine cluster,
# including deployment.yml, kustomization.yml, service.yml, etc.
#
# 2. Set up secrets in your workspace:
# - TENCENT_CLOUD_SECRET_ID with Tencent Cloud secret id
# - TENCENT_CLOUD_SECRET_KEY with Tencent Cloud secret key
# - TENCENT_CLOUD_ACCOUNT_ID with Tencent Cloud account id
# - TKE_REGISTRY_PASSWORD with TKE registry password
#
# 3. Change the values for the TKE_IMAGE_URL, TKE_REGION, TKE_CLUSTER_ID and DEPLOYMENT_NAME environment variables (below).
name: Tencent Kubernetes Engine
on:
release:
types: [created]
# Environment variables available to all jobs and steps in this workflow
env:
TKE_IMAGE_URL: ccr.ccs.tencentyun.com/demo/mywebapp
TKE_REGION: ap-guangzhou
TKE_CLUSTER_ID: cls-mywebapp
DEPLOYMENT_NAME: tke-test
jobs:
setup-build-publish-deploy:
name: Setup, Build, Publish, and Deploy
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout@v2
# Build
- name: Build Docker image
run: |
docker build -t ${TKE_IMAGE_URL}:${GITHUB_SHA} .
- name: Login TKE Registry
run: |
docker login -u ${{ secrets.TENCENT_CLOUD_ACCOUNT_ID }} -p '${{ secrets.TKE_REGISTRY_PASSWORD }}' ${TKE_IMAGE_URL}
# Push the Docker image to TKE Registry
- name: Publish
run: |
docker push ${TKE_IMAGE_URL}:${GITHUB_SHA}
- name: Set up Kustomize
run: |
curl -o kustomize --location https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64
chmod u+x ./kustomize
- name: Set up ~/.kube/config for connecting TKE cluster
uses: TencentCloud/tke-cluster-credential-action@v1
with:
secret_id: ${{ secrets.TENCENT_CLOUD_SECRET_ID }}
secret_key: ${{ secrets.TENCENT_CLOUD_SECRET_KEY }}
tke_region: ${{ env.TKE_REGION }}
cluster_id: ${{ env.TKE_CLUSTER_ID }}
- name: Switch to TKE context
run: |
kubectl config use-context ${TKE_CLUSTER_ID}-context-default
# Deploy the Docker image to the TKE cluster
- name: Deploy
run: |
./kustomize edit set image ${TKE_IMAGE_URL}:${GITHUB_SHA}
./kustomize build . | kubectl apply -f -
kubectl rollout status deployment/${DEPLOYMENT_NAME}
kubectl get services -o wide