imenattatra/staging_cicd.yml Secret

## staging_cicd.yml
name: Staging CI/CD

on:
  pull_request:
    branches: [ develop ]
  push:
    branches: [ develop ]

env:
  SECRET_KEY: secret
  NAME: project-name
  TAG: image-tag

jobs:
  running-tests:
    if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.draft == false)
    runs-on: ubuntu-latest

    services:
      postgres:
        image: postgres:12.4
        env:
          POSTGRES_USER: postgres
          POSTGRES_PASSWORD: postgres
          POSTGRES_DB: postgres
        ports: [ '5432:5432' ]

    steps:

      - uses: actions/checkout@v2

      - name: Set up Python 3.8
        uses: actions/setup-python@v2
        with:
          python-version: 3.8

      - name: Cache python dependencies
        id: cache-python
        uses: actions/cache@v2
        with:
          path: ${{ env.pythonLocation}}
          key: ${{ env.pythonLocation }}-pip-${{ hashFiles('**/requirements-dev.txt') }}-v1
          restore-keys: |
            ${{ env.pythonLocation }}-pip-
            ${{ env.pythonLocation }}-

      - name: Install python dependencies
        if: steps.cache-python.outputs.cache-hit != 'true'
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt

      - name: Run tests
        env:
          DATABASE_URL: 'postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres'
        run: pytest

      - name: Slack Notification
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_CHANNEL: pipelines
          SLACK_ICON_EMOJI: ":ocotcat:"
          SLACK_USERNAME: "Github Actions"
          SLACK_COLOR: danger
          SLACK_MESSAGE: "Running tests for staging failed"
          SLACK_TITLE: Running Tests
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
        if: failure()

  build-deploy-to-staging:
    if: github.event_name == 'push'
    needs: running-tests

    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Build, Tag and Publish docker image
        run: |
          docker login -u ${{ secrets.PROJECT_NAME }}@${{ secrets.AK }} -p ${{ secrets.LOGIN_KEY }} ${{ secrets.IMAGE_ADDRESS }}
          docker build -t $NAME .
          docker tag $NAME ${{ secrets.IMAGE_ADDRESS }}${NAME}:${TAG}
          docker push ${{ secrets.IMAGE_ADDRESS }}${NAME}:${TAG}

      - name: Checkout to infrastructure repo
        uses: actions/checkout@v2
        with:
          repository: metr-systems/infrastructure-project-name
          path: infrastructure
          token: ${{ secrets.DEPLOY_SECRET }}

      - name: Setup kubectl & kustomize with needed versions
        uses: yokawasa/action-setup-kube-tools@v0.2.0
        with:
          kubectl: 1.13.10
          kustomize: 3.0.0

      - name: Deploy & Restart staging services
        run:  |
          mkdir -p ${HOME}/.kube
          echo "${{ secrets.KUBE_CONFIG }}" | base64 -di > ${HOME}/.kube/config
          kustomize build infrastructure-project-name/path/to/overlays/staging | kubectl --namespace=staging apply -f -
          kubectl --namespace=staging scale deployment project-name --replicas=0
          kubectl --namespace=staging scale deployment project-name --replicas=1

      - name: Slack Notification
        uses: rtCamp/action-slack-notify@v2
        if: always()
        env:
          SLACK_CHANNEL: pipelines
          SLACK_ICON:  ":octocat:"
          SLACK_USERNAME: "Github Actions"
          SLACK_COLOR: ${{ job.status == 'success' && 'good' || 'danger' }}
          SLACK_MESSAGE: "Build and deploy staging project-name ${{ job.status == 'success' && 'passed!' || 'failed.' }}"
          SLACK_TITLE: "Github Actions Build"
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
	name: Staging CI/CD

	on:
	pull_request:
	branches: [ develop ]
	push:
	branches: [ develop ]

	env:
	SECRET_KEY: secret
	NAME: project-name
	TAG: image-tag

	jobs:
	running-tests:
	if: github.event_name == 'push' \|\| (github.event_name == 'pull_request' && github.event.pull_request.draft == false)
	runs-on: ubuntu-latest

	services:
	postgres:
	image: postgres:12.4
	env:
	POSTGRES_USER: postgres
	POSTGRES_PASSWORD: postgres
	POSTGRES_DB: postgres
	ports: [ '5432:5432' ]

	steps:

	- uses: actions/checkout@v2

	- name: Set up Python 3.8
	uses: actions/setup-python@v2
	with:
	python-version: 3.8

	- name: Cache python dependencies
	id: cache-python
	uses: actions/cache@v2
	with:
	path: ${{ env.pythonLocation}}
	key: ${{ env.pythonLocation }}-pip-${{ hashFiles('**/requirements-dev.txt') }}-v1
	restore-keys: \|
	${{ env.pythonLocation }}-pip-
	${{ env.pythonLocation }}-

	- name: Install python dependencies
	if: steps.cache-python.outputs.cache-hit != 'true'
	run: \|
	python -m pip install --upgrade pip
	pip install -r requirements.txt

	- name: Run tests
	env:
	DATABASE_URL: 'postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres'
	run: pytest

	- name: Slack Notification
	uses: rtCamp/action-slack-notify@v2
	env:
	SLACK_CHANNEL: pipelines
	SLACK_ICON_EMOJI: ":ocotcat:"
	SLACK_USERNAME: "Github Actions"
	SLACK_COLOR: danger
	SLACK_MESSAGE: "Running tests for staging failed"
	SLACK_TITLE: Running Tests
	SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
	if: failure()

	build-deploy-to-staging:
	if: github.event_name == 'push'
	needs: running-tests

	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v2

	- name: Build, Tag and Publish docker image
	run: \|
	docker login -u ${{ secrets.PROJECT_NAME }}@${{ secrets.AK }} -p ${{ secrets.LOGIN_KEY }} ${{ secrets.IMAGE_ADDRESS }}
	docker build -t $NAME .
	docker tag $NAME ${{ secrets.IMAGE_ADDRESS }}${NAME}:${TAG}
	docker push ${{ secrets.IMAGE_ADDRESS }}${NAME}:${TAG}

	- name: Checkout to infrastructure repo
	uses: actions/checkout@v2
	with:
	repository: metr-systems/infrastructure-project-name
	path: infrastructure
	token: ${{ secrets.DEPLOY_SECRET }}

	- name: Setup kubectl & kustomize with needed versions
	uses: yokawasa/action-setup-kube-tools@v0.2.0
	with:
	kubectl: 1.13.10
	kustomize: 3.0.0

	- name: Deploy & Restart staging services
	run: \|
	mkdir -p ${HOME}/.kube
	echo "${{ secrets.KUBE_CONFIG }}" \| base64 -di > ${HOME}/.kube/config
	kustomize build infrastructure-project-name/path/to/overlays/staging \| kubectl --namespace=staging apply -f -
	kubectl --namespace=staging scale deployment project-name --replicas=0
	kubectl --namespace=staging scale deployment project-name --replicas=1

	- name: Slack Notification
	uses: rtCamp/action-slack-notify@v2
	if: always()
	env:
	SLACK_CHANNEL: pipelines
	SLACK_ICON: ":octocat:"
	SLACK_USERNAME: "Github Actions"
	SLACK_COLOR: ${{ job.status == 'success' && 'good' \|\| 'danger' }}
	SLACK_MESSAGE: "Build and deploy staging project-name ${{ job.status == 'success' && 'passed!' \|\| 'failed.' }}"
	SLACK_TITLE: "Github Actions Build"
	SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}