This GitHub Action can be used for our GitOps workflow. The GitHub Action will build and push the Docker image for your service and deploys the new version at your Kubernetes clusters.
When you want to use this GitHub Action your GitHub repository should have a dev
and master
/ main
branch and it should use tags for
releases.
- For the
dev
branch we will change the files specified undergitops-dev
. - For the
master
/main
branch we will change the files specified undergitops-stage
. - For a new tag the files under
gitops-prod
will be used.
This GitOps setup should be the default for all your repositories. However, if you have a special case, you can
leave gitops-dev
, gitops-stage
and gitops-prod
undefined, then those steps will be skipped.
name: CD
on: [ push ]
jobs:
ci-cd:
name: Build, Push and Deploy
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: GitOps (build, push and deploy a new Docker image)
uses: Staffbase/[email protected]
with:
docker-username: ${{ secrets.HARBOR_USERNAME }}
docker-password: ${{ secrets.HARBOR_PASSWORD }}
docker-image: private/diablo-redbook
gitops-token: ${{ secrets.GITOPS_TOKEN }}
gitops-dev: |-
clusters/customization/dev/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-stage: |-
clusters/customization/stage/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-prod: |-
clusters/customization/prod/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
name: CD
on: [ push ]
jobs:
ci-cd:
name: Build and Push
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: GitOps (build and push a new Docker image)
uses: Staffbase/[email protected]
with:
docker-username: ${{ secrets.HARBOR_USERNAME }}
docker-password: ${{ secrets.HARBOR_PASSWORD }}
docker-image: private/diablo-redbook
name: CD
on: [ push ]
jobs:
ci-cd:
name: Deploy
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: GitOps (deploy a new Docker image)
uses: Staffbase/[email protected]
with:
docker-image: private/diablo-redbook
gitops-token: ${{ secrets.GITOPS_TOKEN }}
gitops-dev: |-
clusters/customization/dev/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-stage: |-
clusters/customization/stage/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-prod: |-
clusters/customization/prod/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
Name | Description | Default |
---|---|---|
docker-registry |
Docker Registry | staffbase.jfrog.io |
docker-registry-api |
Docker Registry API (used for retagging without pulling) | https://staffbase.jfrog.io/artifactory/api/docker/ |
docker-image |
Docker Image | |
docker-custom-tag |
Docker Custom Tag to be set on the image | |
docker-username |
Username for the Docker Registry | |
docker-password |
Password for the Docker Registry | |
docker-file |
Dockerfile | ./Dockerfile |
docker-build-args |
List of build-time variables | |
docker-build-secrets |
List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken) | |
docker-build-secret-files |
List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt) | |
docker-build-target |
Sets the target stage to build like: "runtime" | |
docker-build-provenance |
Generate provenance attestation for the build | false |
docker-disable-retagging |
Disables retagging of existing images and run a new build instead | false |
gitops-organization |
GitHub Organization for GitOps | Staffbase |
gitops-repository |
GitHub Repository for GitOps | mops |
gitops-user |
GitHub User for GitOps | Staffbot |
gitops-email |
GitHub Email for GitOps | [email protected] |
gitops-token |
GitHub Token for GitOps | |
gitops-dev |
Files which should be updated by the GitHub Action for DEV, must be relative to the root of the GitOps repository | |
gitops-stage |
Files which should be updated by the GitHub Action for STAGE, must be relative to the root of the GitOps repository | |
gitops-prod |
Files which should be updated by the GitHub Action for PROD, must be relative to the root of the GitOps repository | |
working-directory |
The directory in which the GitOps action should be executed. The docker-file variable should be relative to working directory. | . |
Name | Description |
---|---|
docker-digest |
Digest of the image |
docker-tag |
Tag of the image |
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
This project is licensed under the Apache-2.0 License - see the LICENSE.md file for details.
Staffbase GmbH
Staffbase is an internal communications platform built to revolutionize the way you work and unite your company. Staffbase is hiring: jobs.staffbase.com GitHub | Website | Jobs |
Go to the release overview page and publish the draft release with a new version number. Make sure to update the floating version commit.