Deploy prod environment #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Deploy prod environment | |
| concurrency: prod | |
| on: | |
| workflow_dispatch: | |
| env: | |
| env: prod | |
| TF_VAR_hetzner_token: ${{secrets.HETZNER_TOKEN}} | |
| TF_VAR_njalla_token: ${{secrets.NJALLA_TOKEN}} | |
| domain: spaceapi.io | |
| community_domain: spaceapi.community | |
| jobs: | |
| deploy: | |
| name: Deploy environment | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setup terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| - name: Terraform Init | |
| working-directory: ./nodes | |
| run: terraform init -upgrade=true | |
| - name: Terraform select workspace | |
| working-directory: ./nodes | |
| run: terraform workspace select ${{env.env}} || terraform workspace new ${{env.env}} | |
| - name: Terraform Apply | |
| working-directory: ./nodes | |
| run: terraform apply -auto-approve -var-file=${{env.env}}.tfvars | |
| - uses: stefanzweifel/git-auto-commit-action@v4 | |
| - name: Setup Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install ansible | |
| run: pip install -r requirements.txt | |
| - name: Run playbook | |
| uses: dawidd6/action-ansible-playbook@v2 | |
| with: | |
| playbook: playbooks/provisioning.yml | |
| key: ${{secrets.SSH_PRIVATE_KEY}} | |
| directory: ./deployment | |
| vault_password: ${{secrets.VAULT_PASSWORD}} | |
| options: | | |
| --inventory inventory_${{env.env}}.yaml | |
| --extra-vars "domain=${{env.domain}}" | |
| --extra-vars "community_domain=${{env.community_domain}}" | |
| test: | |
| needs: deploy | |
| name: Test urls | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check the website | |
| uses: jtalk/url-health-check-action@v3 | |
| with: | |
| url: https://${{env.domain}} | |
| follow-redirect: true | |
| max-attempts: 3 | |
| retry-delay: 5s | |
| - name: Check directory | |
| uses: jtalk/url-health-check-action@v3 | |
| with: | |
| url: https://directory.${{env.domain}} | |
| follow-redirect: true | |
| max-attempts: 3 | |
| retry-delay: 5s | |
| - name: Check validator | |
| uses: jtalk/url-health-check-action@v3 | |
| with: | |
| url: https://validator.${{env.domain}}/openapi.json | |
| follow-redirect: true | |
| max-attempts: 3 | |
| retry-delay: 5s |