simplify the OAuth registration to handle missing jwks_uri on OAuth r… #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy dbLogApp | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| REGISTRY: harbor.freshbrewed.science | |
| IMAGE_REPO: freshbrewedprivate/mydblogapp | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DHUSER }} | |
| password: ${{ secrets.DHPASS }} | |
| - name: Build and push Docker image to Docker Hub | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: | | |
| docker.io/${{ secrets.DHUSER }}/mydblogapp:${{ github.sha }} | |
| docker.io/${{ secrets.DHUSER }}/mydblogapp:latest | |
| - name: Log in to Harbor registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ secrets.CRUSER }} | |
| password: ${{ secrets.CRPASS }} | |
| - name: Build and push Docker image to Harbor | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}:${{ github.sha }} | |
| - name: Set up kubectl | |
| uses: azure/setup-kubectl@v3 | |
| with: | |
| version: 'latest' | |
| - name: Write kubeconfig | |
| run: | | |
| echo "${{ secrets.KUBECONFIG }}" | base64 -d > kubeconfig | |
| shell: bash | |
| - name: Create namespace if not exists | |
| run: | | |
| kubectl --kubeconfig kubeconfig get namespace mylogapp || \ | |
| kubectl --kubeconfig kubeconfig create namespace mylogapp | |
| - name: Create imagePullSecret in cluster | |
| run: | | |
| kubectl --kubeconfig kubeconfig -n mylogapp delete secret harbor-freshbrewed-science --ignore-not-found | |
| kubectl --kubeconfig kubeconfig -n mylogapp create secret docker-registry harbor-freshbrewed-science \ | |
| --docker-server=harbor.freshbrewed.science \ | |
| --docker-username="${{ secrets.CRUSER }}" \ | |
| --docker-password="${{ secrets.CRPASS }}" | |
| env: | |
| CRUSER: ${{ secrets.CRUSER }} | |
| CRPASS: ${{ secrets.CRPASS }} | |
| - name: Deploy with Helm | |
| env: | |
| DB_HOST: ${{ secrets.DB_HOST }} | |
| DB_PORT: ${{ secrets.DB_PORT }} | |
| DB_NAME: ${{ secrets.DB_NAME }} | |
| DB_USER: ${{ secrets.DB_USER }} | |
| DB_PASS: ${{ secrets.DB_PASS }} | |
| DB_SSLMODE: ${{ secrets.DB_SSLMODE }} | |
| SERVICE_BUS_CONNECTION_STR: ${{ secrets.SERVICE_BUS_CONNECTION_STR }} | |
| GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} | |
| GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }} | |
| run: | | |
| helm upgrade --install dblogapp ./chart \ | |
| --namespace mylogapp --create-namespace \ | |
| --kubeconfig kubeconfig \ | |
| --set image.repository=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }} \ | |
| --set imagePullSecrets.enabled=true \ | |
| --set imagePullSecrets.name=harbor-freshbrewed-science \ | |
| --set image.tag=${{ github.sha }} \ | |
| --set env.DB_HOST="$DB_HOST" \ | |
| --set env.DB_PORT="$DB_PORT" \ | |
| --set env.DB_NAME="$DB_NAME" \ | |
| --set env.DB_USER="$DB_USER" \ | |
| --set env.DB_PASS="$DB_PASS" \ | |
| --set env.DB_SSLMODE="$DB_SSLMODE" \ | |
| --set env.SERVICE_BUS_CONNECTION_STR="$SERVICE_BUS_CONNECTION_STR" \ | |
| --set env.GOOGLE_CLIENT_ID="$GOOGLE_CLIENT_ID" \ | |
| --set env.GOOGLE_CLIENT_SECRET="$GOOGLE_CLIENT_SECRET" \ | |
| -f ci-values.yaml |