fix candidato #351
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deployment | |
on: | |
pull_request: | |
types: [closed] | |
env: | |
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }} | |
GH_PAT: ${{ secrets.GH_PAT }} | |
GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }} | |
GKE_REGION: ${{ secrets.GKE_REGION }} | |
BASEDOSDADOS_CONFIG: ${{ secrets.BASEDOSDADOS_CONFIG }} | |
BASEDOSDADOS_CREDENTIALS_PROD: ${{ secrets.BASEDOSDADOS_CREDENTIALS_PROD }} | |
BASEDOSDADOS_CREDENTIALS_STAGING: ${{ secrets.BASEDOSDADOS_CREDENTIALS_STAGING }} | |
IMAGE_NAME: ghcr.io/basedosdados/queries-basedosdados | |
jobs: | |
build-container: | |
if: (github.event.pull_request.merged == true && github.event.pull_request.base.ref == 'main') | |
name: Deployment | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Google Cloud CLI | |
uses: google-github-actions/setup-gcloud@v0.2.1 | |
with: | |
service_account_key: ${{ secrets.GCP_SA_KEY }} | |
project_id: ${{ secrets.GCP_PROJECT_ID }} | |
export_default_credentials: true | |
- name: Get GKE credentials | |
uses: google-github-actions/get-gke-credentials@v0.2.1 | |
with: | |
cluster_name: ${{ env.GKE_CLUSTER }} | |
location: ${{ env.GKE_REGION }} | |
credentials: ${{ secrets.GCP_SA_KEY }} | |
- name: Build and publish image | |
run: | | |
docker build -t $IMAGE_NAME:$GITHUB_SHA . | |
echo $GH_PAT | docker login ghcr.io -u gabriel-milan --password-stdin | |
docker push $IMAGE_NAME:$GITHUB_SHA | |
- name: Set up Kustomize | |
run: |- | |
curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 | |
chmod u+x ./kustomize | |
- name: Deploy | |
run: |- | |
./kustomize edit set image gcr.io/PROJECT_ID/IMAGE_DBT:TAG=$IMAGE_NAME:$GITHUB_SHA | |
./kustomize build . | kubectl apply -n prefect-agent-basedosdados -f - | |
kubectl rollout status -w -n prefect-agent-basedosdados deployment/dbt-rpc-dev | |
kubectl rollout status -w -n prefect-agent-basedosdados deployment/dbt-rpc-prod | |
table-approve: | |
if: contains(github.event.pull_request.labels.*.name, 'table-approve') | |
needs: build-container | |
name: Table approve | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Get all changed files using a comma separator | |
id: changed-files | |
uses: tj-actions/changed-files@v35 | |
with: | |
separator: ',' | |
- name: Setup Python 3.9 | |
uses: actions/setup-python@v2 | |
with: | |
python-version: 3.9 | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install -r requirements-actions.txt | |
- name: Run script for approving table | |
run: | | |
python .github/workflows/scripts/table_approve.py --modified-files ${{ steps.changed-files.outputs.all_modified_files }} --graphql-url ${{ secrets.BACKEND_GRAPHQL_URL }} --source-bucket-name ${{ secrets.SOURCE_BUCKET_NAME }} --destination-bucket-name ${{ secrets.DESTINATION_BUCKET_NAME }} --backup-bucket-name ${{ secrets.BACKUP_BUCKET_NAME }} --prefect-backend-token ${{ secrets.PREFECT_BACKEND_TOKEN }} --materialization-mode ${{ secrets.MATERIALIZATION_MODE }} --materialization-label ${{ secrets.MATERIALIZATION_LABEL }} | |
change-metadata-status: | |
needs: table-approve | |
name: Change metadata status to "production" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Get all changed files using a comma separator | |
id: changed-files | |
uses: tj-actions/changed-files@v35 | |
with: | |
separator: ',' | |
- name: Setup Python 3.9 | |
uses: actions/setup-python@v2 | |
with: | |
python-version: 3.9 | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install -r requirements-actions.txt | |
- name: Run script for changing metadata status | |
run: | | |
python .github/workflows/scripts/change_metadata_status.py --modified-files ${{ steps.changed-files.outputs.all_modified_files }} --graphql-url ${{ secrets.BACKEND_GRAPHQL_URL }} --status published --email ${{ secrets.BACKEND_EMAIL }} --password ${{ secrets.BACKEND_PASSWORD }} |