feat: create food_eaten_event table #297
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
push: | |
branch: ['main'] | |
pull_request: | |
jobs: | |
check: | |
name: continuous integration checks | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: target | |
key: ${{ hashFiles('Cargo.lock') }}-dev | |
- name: npm cache | |
uses: actions/cache@v4 | |
with: | |
path: node_modules | |
key: ${{ hashFiles('pnpm-lock.yaml') }} | |
- name: make check | |
run: make check | |
push_container: | |
name: build and push Docker container | |
if: ${{ github.ref == 'refs/heads/main' }} | |
runs-on: ubuntu-latest | |
environment: Kubernetes | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: cargo cache | |
uses: actions/cache@v4 | |
with: | |
path: target | |
key: ${{ hashFiles('Cargo.lock') }}-prod | |
- name: npm cache | |
uses: actions/cache@v4 | |
with: | |
path: node_modules | |
key: ${{ hashFiles('pnpm-lock.yaml') }} | |
- name: login to docker hub | |
uses: docker/login-action@v3 | |
with: | |
username: jdevries3133 | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: setup-musl | |
run: sudo apt-get install -y musl-tools | |
- name: push the container to Docker Hub | |
run: make push-container | |
deploy: | |
name: deploy to Kubernetes with Terraform | |
if: ${{ github.ref == 'refs/heads/main' }} | |
runs-on: ubuntu-latest | |
needs: [check, push_container] | |
environment: Kubernetes | |
steps: | |
- uses: actions/checkout@v4 | |
- name: terraform cache | |
uses: actions/cache@v4 | |
with: | |
path: .terraform | |
key: ${{ hashFiles('.terraform.lock.hcl') }}-prod | |
- name: setup kubectl | |
run: | | |
mkdir ~/.kube | |
echo "${{ secrets.KUBE_CONFIG }}" > ~/.kube/config | |
- name: perform deployment | |
env: | |
# AWS credentials are used for terraform state bucket | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
TF_VAR_openai_api_key: ${{ secrets.OPENAI_API_KEY }} | |
TF_VAR_stripe_api_key: ${{ secrets.STRIPE_API_KEY }} | |
TF_VAR_stripe_webhook_signing_secret: ${{ secrets.STRIPE_WEBHOOK_SIGNING_SECRET }} | |
TF_VAR_smtp_email_password: ${{ secrets.SMTP_EMAIL_PASSWORD }} | |
run: make deploy | |
# It's possible for terraform to be unable to persist save state into | |
# AWS S3. In this case, it will produce an errored.tfstate file, which | |
# is the terraform state. Ideally, we can recover this file and persist | |
# the updated state into AWS S3 manually, or else configuration drift | |
# will have occurred. | |
# | |
# Ex: https://github.com/jdevries3133/calcount/actions/runs/7469335297/job/20326309777 | |
- name: maybe save nonpersisted tfstate | |
uses: actions/upload-artifact@v3 | |
with: | |
name: errored-tfstate | |
path: errored.tfstate | |
retention-days: 5 |