account admin shouldn't be able to create wingback subscription #263
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, Migrate & Deploy to Dev on Hetzner | |
| on: | |
| push: | |
| branches: [develop] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout GitHub Action' | |
| uses: actions/[email protected] | |
| - name: 'Login into ACR' | |
| uses: azure/docker-login@v2 | |
| with: | |
| login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }} | |
| username: ${{ secrets.REGISTRY_USERNAME }} | |
| password: ${{ secrets.REGISTRY_PASSWORD }} | |
| - name: 'Build & Push image' | |
| run: | | |
| docker build -f Dockerfile . -t ${{ secrets.REGISTRY_LOGIN_SERVER }}/alkemio-server:${{ github.sha }} -t ${{ secrets.REGISTRY_LOGIN_SERVER }}/alkemio-server:latest | |
| docker push ${{ secrets.REGISTRY_LOGIN_SERVER }}/alkemio-server:${{ github.sha }} | |
| migrate: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout GitHub Action' | |
| uses: actions/[email protected] | |
| - name: Install Kubectl | |
| uses: azure/[email protected] | |
| with: | |
| version: 'v1.27.6' # Ensure this matches the version used in your cluster | |
| - name: Set up Kubeconfig for Hetzner k3s | |
| run: | | |
| mkdir -p $HOME/.kube # Ensure the .kube directory exists | |
| echo "${{ secrets.KUBECONFIG_SECRET_HETZNER_DEV }}" > $HOME/.kube/config | |
| chmod 600 $HOME/.kube/config | |
| - name: Create Image Pull Secret | |
| run: | | |
| kubectl create secret docker-registry alkemio-server-secret \ | |
| --docker-server=${{ secrets.REGISTRY_LOGIN_SERVER }} \ | |
| --docker-username=${{ secrets.REGISTRY_USERNAME }} \ | |
| --docker-password=${{ secrets.REGISTRY_PASSWORD }} \ | |
| --dry-run=client -o yaml | kubectl apply -f - | |
| - uses: azure/[email protected] | |
| with: | |
| manifests: | | |
| manifests/26-server-migration.yaml | |
| images: | | |
| ${{ secrets.REGISTRY_LOGIN_SERVER }}/alkemio-server:${{ github.sha }} | |
| imagepullsecrets: | | |
| alkemio-server-secret | |
| - name: Delete old job | |
| continue-on-error: true | |
| run: | | |
| kubectl delete job alkemio-server-migration-job | |
| - name: Create migration job | |
| run: | | |
| kubectl create job --from=cronjob/alkemio-server-migration alkemio-server-migration-job | |
| deploy: | |
| needs: migrate | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout GitHub Action' | |
| uses: actions/[email protected] | |
| - name: Install Kubectl | |
| uses: azure/[email protected] | |
| with: | |
| version: 'v1.27.6' # Ensure this matches the version used in your cluster | |
| - name: Set up Kubeconfig for Hetzner k3s | |
| run: | | |
| mkdir -p $HOME/.kube # Ensure the .kube directory exists | |
| echo "${{ secrets.KUBECONFIG_SECRET_HETZNER_DEV }}" > $HOME/.kube/config | |
| chmod 600 $HOME/.kube/config | |
| - name: Create Image Pull Secret | |
| run: | | |
| kubectl create secret docker-registry alkemio-server-secret \ | |
| --docker-server=${{ secrets.REGISTRY_LOGIN_SERVER }} \ | |
| --docker-username=${{ secrets.REGISTRY_USERNAME }} \ | |
| --docker-password=${{ secrets.REGISTRY_PASSWORD }} \ | |
| --dry-run=client -o yaml | kubectl apply -f - | |
| - name: Deploy to k3s on Hetzner | |
| uses: azure/[email protected] | |
| with: | |
| manifests: | | |
| manifests/25-server-deployment-dev.yaml | |
| manifests/30-server-service.yaml | |
| images: | | |
| ${{ secrets.REGISTRY_LOGIN_SERVER }}/alkemio-server:${{ github.sha }} | |
| imagepullsecrets: | | |
| alkemio-server-secret |