feat(ci): add deploy-kubernetes workflow

themightychris · themightychris · commit 7034a4dd94e1 · 2024-01-03T23:05:43.000-05:00
diff --git a/.github/workflows/deploy-kubernetes.yml b/.github/workflows/deploy-kubernetes.yml
@@ -0,0 +1,65 @@
+name: Generate diff of Kubernetes changes
+
+on:
+  push:
+    branches:
+      - 'main'
+    paths:
+      - '.holo/config.toml'
+      - '.holo/sources/jarvus-cluster-template.toml'
+      - '.holo/branches/releases/**'
+      - '.github/workflows/*-kubernetes.yml'
+      - 'ci/**'
+      - 'kubernetes/apps/**'
+      - 'kubernetes/system/**'
+
+env:
+  GITHUB_TOKEN: ${{ secrets.GH_ACTIONS_TOKEN }}
+
+jobs:
+  preview-kubernetes:
+    runs-on: ubuntu-latest
+    env:
+      CLOUDSDK_CORE_PROJECT: cal-itp-data-infra
+      GKE_NAME: data-infra-apps
+      GKE_REGION: us-west1
+      USE_GKE_GCLOUD_AUTH_PLUGIN: True
+    steps:
+      # Setup
+      - uses: actions/checkout@v4
+
+      - uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCP_SA_KEY }}'
+      - uses: google-github-actions/setup-gcloud@v2
+      - run: gcloud components install gke-gcloud-auth-plugin
+      - uses: google-github-actions/get-gke-credentials@v1
+        with:
+          cluster_name: ${{ env.GKE_NAME }}
+          location: ${{ env.GKE_REGION }}
+      - run: curl -sSL https://install.python-poetry.org | python -
+      - name: Set up hologit
+        env:
+          BIO_RELEASE: 1.6.821
+        run: |
+          curl -LO "https://github.com/biome-sh/biome/releases/download/v${BIO_RELEASE}/bio-${BIO_RELEASE}-x86_64-linux.tar.gz"
+          tar xzvf "bio-${BIO_RELEASE}-x86_64-linux.tar.gz"
+          sudo mv bio /usr/local/bin/bio
+          sudo bio pkg install --binlink jarvus/hologit
+
+          git config user.name "Github Action $GITHUB_JOB"
+          git config user.email "$(whoami)@$(uname -n)"
+
+      # Render Kubernetes content with parent underlay and checkout
+      - run: git holo project kubernetes-workspace --commit-to=kubernetes
+      - run: git checkout kubernetes
+
+      # Diff and write back to PR
+      - id: diff
+        name: Run poetry invoke
+        shell: bash
+        working-directory: ci
+        run: |
+          poetry install
+          poetry run invoke secrets -f "./channels/prod.yaml"
+          poetry run invoke release -f "./channels/prod.yaml"
