Skip to content

Deploy application

Deploy application #18

name: Deploy application
on:
workflow_dispatch:
inputs:
image_tag:
description: 'Enter a value for image_tag'
required: true
permissions:
contents: read
id-token: write
env:
AWS_ROLE: 'arn:aws:iam::896918338968:role/GitHubActionsApiSkodaRole'
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup Node.js environment
uses: actions/setup-node@v4.0.2
with:
node-version: 20
- name: Import secret
id: import-secret
uses: hashicorp/vault-action@v3
with:
url: ${{ env.VAULT_ADDR }}
role: github-actions-secret
method: jwt
path: github-actions-secret
secrets: |
github-actions-secret/data/secret CLOUDFLARE_API_KEY | CLOUDFLARE_API_KEY ;
github-actions-secret/data/secret CLOUDFLARE_EMAIL | CLOUDFLARE_EMAIL ;
github-actions-secret/data/secret K8S_CONFIG | K8S_CONFIG ;
github-actions-secret/data/secret PUBLIC_IP | PUBLIC_IP ;
github-actions-secret/data/secret DOCKER_CONFIG | DOCKER_CONFIG ;
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ env.AWS_ROLE }}
aws-region: eu-west-1
- name: Configure K8S credentials
run: |
mkdir -p /home/runner/.kube
echo $K8S_CONFIG | base64 -d > /home/runner/.kube/config
- name: Setup Terraform
uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
- name: Terraform Init
id: init
run: terraform init
working-directory: infra/prod
- name: Terraform Format
id: fmt
run: terraform fmt -check
working-directory: infra/prod
- name: Terraform Validate
id: validate
run: terraform validate -no-color
working-directory: infra/prod
- name: Terraform Plan
id: plan
run: terraform plan -var image_tag=${{ github.event.inputs.image_tag }} -var server_ip=$PUBLIC_IP -var docker_config=$DOCKER_CONFIG -var host_name="nicholasmeyers.be"
working-directory: infra/prod
- name: Terraform Apply
id: apply
run: terraform apply -var image_tag=${{ github.event.inputs.image_tag }} -var server_ip=$PUBLIC_IP -var docker_config=$DOCKER_CONFIG -var host_name="nicholasmeyers.be" -auto-approve
working-directory: infra/prod