Use different way for vault import #21

Workflow file for this run

.github/workflows/deployment.yml at fb138e7

	name: Build and Deploy

	on:
	workflow_dispatch:
	push:
	branches: [ "main" ]

	jobs:
	publish:
	runs-on: ubuntu-latest
	outputs:
	image: ${{ steps.image_name.outputs.image }}
	steps:
	- uses: actions/checkout@v4

	- name: Generate image name
	id: image_name
	run: echo "image=$(date +%s)" >> $GITHUB_OUTPUT

	- name: Login to Harbor
	run: \|
	echo $HARBOR_PASSWORD \| docker login $HARBOR_URI -u $HARBOR_USERNAME --password-stdin
	env:
	HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
	HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}
	HARBOR_URI: ${{ secrets.HARBOR_URI }}

	- name: Build the Docker image
	run: docker build . --file Dockerfile --tag $HARBOR_URI/abstractolotl/aznopoly-server:$IMAGE_NAME --tag $HARBOR_URI/abstractolotl/aznopoly-server:latest
	env:
	HARBOR_URI: ${{ secrets.HARBOR_URI }}
	IMAGE_NAME: ${{ steps.image_name.outputs.image }}

	- name: Push the Docker image
	run: docker push $HARBOR_URI/abstractolotl/aznopoly-server --all-tags
	env:
	HARBOR_URI: ${{ secrets.HARBOR_URI }}

	deployment:
	needs: publish
	runs-on: ubuntu-latest
	container: archlinux:latest
	steps:
	- name: 'Checkout'
	uses: 'actions/checkout@v4'

	- name: Update arch
	run: pacman -Sy archlinux-keyring --noconfirm

	- name: Install requirementss
	run: \|
	pacman -Sy kubectl --noconfirm
	pacman -Sy helm --noconfirm
	pacman -Sy vault --noconfirm
	pacman -Sy libcap --noconfirm
	pacman -Sy jq --noconfirm

	- name: Deploy
	run: \|
	export VAULT_TOKEN=$(curl --request POST --data "{\"password\": \"$VAULT_PASSWORD\"}" $VAULT_ADDR/v1/auth/userpass/login/$VAULT_USERNAME \
	\| jq . \| jq ."auth"."client_token" \| tr -d \")
	vault kv get -format json applications/aznopoly \| jq ".data.data \| {"secrets": .}" > secrets.json

	- name: Deploy
	uses: WyriHaximus/github-action-helm3@v3
	with:
	exec: helm upgrade --install --atomic --timeout 5m --history-max 5 --namespace=backend --set image.tag=$IMAGE_NAME aznopoly-server helm-charts
	kubeconfig: '${{ secrets.KUBECONFIG }}'
	env:
	HARBOR_URI: ${{ secrets.HARBOR_URI }}
	IMAGE_NAME: ${{needs.publish.outputs.image}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use different way for vault import #21

Workflow file

Use different way for vault import #21

Jobs

Run details

Workflow file for this run