Skip to content

Staffbase/gitops-github-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

🚀 GitHub Action for GitOps

This GitHub Action can be used for our GitOps workflow. The GitHub Action will build and push the Docker image for your service and deploys the new version at your Kubernetes clusters.

Requirement

When you want to use this GitHub Action your GitHub repository should have a dev and master / main branch and it should use tags for releases.

  • For the dev branch we will change the files specified under gitops-dev.
  • For the master / main branch we will change the files specified under gitops-stage.
  • For a new tag the files under gitops-prod will be used.

This GitOps setup should be the default for all your repositories. However, if you have a special case, you can leave gitops-dev, gitops-stage and gitops-prod undefined, then those steps will be skipped.

Usages

Build, Push and Deploy Docker Image

name: CD

on: [ push ]

jobs:
  ci-cd:
    name: Build, Push and Deploy

    runs-on: ubuntu-22.04

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: GitOps (build, push and deploy a new Docker image)
        uses: Staffbase/[email protected]
        with:
          docker-username: ${{ secrets.HARBOR_USERNAME }}
          docker-password: ${{ secrets.HARBOR_PASSWORD }}
          docker-image: private/diablo-redbook
          gitops-token: ${{ secrets.GITOPS_TOKEN }}
          gitops-dev: |-
            clusters/customization/dev/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
          gitops-stage: |-
            clusters/customization/stage/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
          gitops-prod: |-
            clusters/customization/prod/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image

Build and Push Docker Image

name: CD

on: [ push ]

jobs:
  ci-cd:
    name: Build and Push

    runs-on: ubuntu-22.04

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: GitOps (build and push a new Docker image)
        uses: Staffbase/[email protected]
        with:
          docker-username: ${{ secrets.HARBOR_USERNAME }}
          docker-password: ${{ secrets.HARBOR_PASSWORD }}
          docker-image: private/diablo-redbook

Deploy Docker Image

name: CD

on: [ push ]

jobs:
  ci-cd:
    name: Deploy

    runs-on: ubuntu-22.04

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: GitOps (deploy a new Docker image)
        uses: Staffbase/[email protected]
        with:
          docker-image: private/diablo-redbook
          gitops-token: ${{ secrets.GITOPS_TOKEN }}
          gitops-dev: |-
            clusters/customization/dev/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
          gitops-stage: |-
            clusters/customization/stage/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
          gitops-prod: |-
            clusters/customization/prod/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image

Inputs

Name Description Default
docker-registry Docker Registry staffbase.jfrog.io
docker-registry-api Docker Registry API (used for retagging without pulling) https://staffbase.jfrog.io/artifactory/api/docker/
docker-image Docker Image
docker-custom-tag Docker Custom Tag to be set on the image
docker-username Username for the Docker Registry
docker-password Password for the Docker Registry
docker-file Dockerfile ./Dockerfile
docker-build-args List of build-time variables
docker-build-secrets List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)
docker-build-secret-files List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt)
docker-build-target Sets the target stage to build like: "runtime"
docker-build-provenance Generate provenance attestation for the build false
docker-disable-retagging Disables retagging of existing images and run a new build instead false
gitops-organization GitHub Organization for GitOps Staffbase
gitops-repository GitHub Repository for GitOps mops
gitops-user GitHub User for GitOps Staffbot
gitops-email GitHub Email for GitOps [email protected]
gitops-token GitHub Token for GitOps
gitops-dev Files which should be updated by the GitHub Action for DEV, must be relative to the root of the GitOps repository
gitops-stage Files which should be updated by the GitHub Action for STAGE, must be relative to the root of the GitOps repository
gitops-prod Files which should be updated by the GitHub Action for PROD, must be relative to the root of the GitOps repository
working-directory The directory in which the GitOps action should be executed. The docker-file variable should be relative to working directory. .

Outputs

Name Description
docker-digest Digest of the image
docker-tag Tag of the image

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

License

This project is licensed under the Apache-2.0 License - see the LICENSE.md file for details.

Staffbase GmbH Staffbase GmbH
Staffbase is an internal communications platform built to revolutionize the way you work and unite your company. Staffbase is hiring: jobs.staffbase.com
GitHub | Website | Jobs

Releasing new versions

Go to the release overview page and publish the draft release with a new version number. Make sure to update the floating version commit.