Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
119 changes: 119 additions & 0 deletions .github/workflows/alibabacloud.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
# This workflow will build and push a new container image to Alibaba Cloud Container Registry (ACR),
# and then will deploy it to Alibaba Cloud Container Service for Kubernetes (ACK), when a release is created.
#
# To use this workflow, you will need to complete the following set-up steps:
#
# 1. Create an ACR repository to store your container images.
# You can use ACR EE instance for more security and better performance.
# For instructions see https://www.alibabacloud.com/help/doc-detail/142168.htm
#
# 2. Create an ACK cluster to run your containerized application.
# You can use ACK Pro cluster for more security and better performance.
# For instructions see https://www.alibabacloud.com/help/doc-detail/95108.htm
#
# 3. Store your AccessKey pair in GitHub Actions secrets named `ACCESS_KEY_ID` and `ACCESS_KEY_SECRET`.
# For instructions on setting up secrets see: https://developer.github.com/actions/managing-workflows/storing-secrets/
#
# 4. Change the values for the REGION_ID, REGISTRY, NAMESPACE, IMAGE, ACK_CLUSTER_ID, and ACK_DEPLOYMENT_NAME.
#

name: Build and Deploy to ACK

on:
release:
types: [created]

# Environment variables available to all jobs and steps in this workflow.
env:
REGION_ID: cn-hangzhou
REGISTRY: registry.cn-hangzhou.aliyuncs.com
NAMESPACE: namespace
IMAGE: repo
TAG: ${{ github.sha }}
ACK_CLUSTER_ID: clusterID
ACK_DEPLOYMENT_NAME: nginx-deployment

ACR_EE_REGISTRY: myregistry.cn-hangzhou.cr.aliyuncs.com
ACR_EE_INSTANCE_ID: instanceID
ACR_EE_NAMESPACE: namespace
ACR_EE_IMAGE: repo
ACR_EE_TAG: ${{ github.sha }}

jobs:
build:
runs-on: ubuntu-latest
environment: production

steps:
- name: Checkout
uses: actions/checkout@v2

# 1.1 Login to ACR
- name: Login to ACR with the AccessKey pair
uses: aliyun/acr-login@v1
with:
region-id: "${{ env.REGION_ID }}"
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"

# 1.2 Buid and push image to ACR
- name: Build and push image to ACR
run: |
docker build --tag "$REGISTRY/$NAMESPACE/$IMAGE:$TAG" .
docker push "$REGISTRY/$NAMESPACE/$IMAGE:$TAG"

# 1.3 Scan image in ACR
- name: Scan image in ACR
uses: aliyun/acr-scan@v1
with:
region-id: "${{ env.REGION_ID }}"
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
repository: "${{ env.NAMESPACE }}/${{ env.IMAGE }}"
tag: "${{ env.TAG }}"

# 2.1 (Optional) Login to ACR EE
- uses: actions/checkout@v2
- name: Login to ACR EE with the AccessKey pair
uses: aliyun/acr-login@v1
with:
login-server: "https://${{ env.ACR_EE_REGISTRY }}"
region-id: "${{ env.REGION_ID }}"
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
instance-id: "${{ env.ACR_EE_INSTANCE_ID }}"

# 2.2 (Optional) Build and push image ACR EE
- name: Build and push image to ACR EE
run: |
docker build -t "$ACR_EE_REGISTRY/$ACR_EE_NAMESPACE/$ACR_EE_IMAGE:$TAG" .
docker push "$ACR_EE_REGISTRY/$ACR_EE_NAMESPACE/$ACR_EE_IMAGE:$TAG"
# 2.3 (Optional) Scan image in ACR EE
- name: Scan image in ACR EE
uses: aliyun/acr-scan@v1
with:
region-id: "${{ env.REGION_ID }}"
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
instance-id: "${{ env.ACR_EE_INSTANCE_ID }}"
repository: "${{ env.ACR_EE_NAMESPACE}}/${{ env.ACR_EE_IMAGE }}"
tag: "${{ env.ACR_EE_TAG }}"

# 3.1 Set ACK context
- name: Set K8s context
uses: aliyun/ack-set-context@v1
with:
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
cluster-id: "${{ env.ACK_CLUSTER_ID }}"

# 3.2 Deploy the image to the ACK cluster
- name: Set up Kustomize
run: |-
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash /dev/stdin 3.8.6
- name: Deploy
run: |-
./kustomize edit set image REGISTRY/NAMESPACE/IMAGE:TAG=$REGISTRY/$NAMESPACE/$IMAGE:$TAG
./kustomize build . | kubectl apply -f -
kubectl rollout status deployment/$ACK_DEPLOYMENT_NAME
kubectl get services -o wide
36 changes: 36 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# This is a basic workflow to help you get started with Actions

name: CI

# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the master branch
push:
branches: [ master ]
pull_request:
branches: [ master ]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2

# Runs a single command using the runners shell
- name: Run a one-line script
run: echo Hello, world!

# Runs a set of commands using the runners shell
- name: Run a multi-line script
run: |
echo Add other actions to build,
echo test, and deploy your project.