Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/staffbase/gitops-github-action
GitHub Action for our GitOps workflow
https://github.com/staffbase/gitops-github-action
actions github-actions gitops
Last synced: 2 months ago
JSON representation
GitHub Action for our GitOps workflow
- Host: GitHub
- URL: https://github.com/staffbase/gitops-github-action
- Owner: Staffbase
- Created: 2020-10-30T07:32:30.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2024-04-03T06:52:40.000Z (10 months ago)
- Last Synced: 2024-04-14T12:55:14.975Z (10 months ago)
- Topics: actions, github-actions, gitops
- Homepage:
- Size: 3.11 MB
- Stars: 16
- Watchers: 24
- Forks: 0
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# 🚀 GitHub Action for GitOps
This GitHub Action can be used for our GitOps workflow. The GitHub Action will build and push the Docker image for your service and deploys
the new version at your Kubernetes clusters.
## Requirement
When you want to use this GitHub Action your GitHub repository should have a `dev` and `master` / `main` branch and it should use tags for
releases.
- For the `dev` branch we will change the files specified under `gitops-dev`.
- For the `master` / `main` branch we will change the files specified under `gitops-stage`.
- For a new tag the files under `gitops-prod` will be used.
This GitOps setup should be the default for all your repositories. However, if you have a special case, you can
leave `gitops-dev`, `gitops-stage` and `gitops-prod` undefined, then those steps will be skipped.
## Usages
### Build, Push and Deploy Docker Image
```yaml
name: CD
on: [ push ]
jobs:
ci-cd:
name: Build, Push and Deploy
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: GitOps (build, push and deploy a new Docker image)
uses: Staffbase/[email protected]
with:
docker-username: ${{ secrets.HARBOR_USERNAME }}
docker-password: ${{ secrets.HARBOR_PASSWORD }}
docker-image: private/diablo-redbook
gitops-token: ${{ secrets.GITOPS_TOKEN }}
gitops-dev: |-
clusters/customization/dev/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-stage: |-
clusters/customization/stage/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-prod: |-
clusters/customization/prod/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
```
### Build and Push Docker Image
```yaml
name: CD
on: [ push ]
jobs:
ci-cd:
name: Build and Push
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: GitOps (build and push a new Docker image)
uses: Staffbase/[email protected]
with:
docker-username: ${{ secrets.HARBOR_USERNAME }}
docker-password: ${{ secrets.HARBOR_PASSWORD }}
docker-image: private/diablo-redbook
```
### Deploy Docker Image
```yaml
name: CD
on: [ push ]
jobs:
ci-cd:
name: Deploy
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
- name: GitOps (deploy a new Docker image)
uses: Staffbase/[email protected]
with:
docker-image: private/diablo-redbook
gitops-token: ${{ secrets.GITOPS_TOKEN }}
gitops-dev: |-
clusters/customization/dev/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-stage: |-
clusters/customization/stage/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
gitops-prod: |-
clusters/customization/prod/mothership/diablo-redbook/diablo-redbook-helm.yaml spec.template.spec.containers.redbook.image
```
## Inputs
| Name | Description | Default |
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------|
| `docker-registry` | Docker Registry | `staffbase.jfrog.io` |
| `docker-registry-api` | Docker Registry API (used for retagging without pulling) | `https://staffbase.jfrog.io/artifactory/api/docker/` |
| `docker-image` | Docker Image | |
| `docker-custom-tag` | Docker Custom Tag to be set on the image | |
| `docker-username` | Username for the Docker Registry | |
| `docker-password` | Password for the Docker Registry | |
| `docker-file` | Dockerfile | `./Dockerfile` |
| `docker-build-args` | List of build-time variables | |
| `docker-build-secrets` | List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken) | |
| `docker-build-secret-files` | List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt) | |
| `docker-build-target` | Sets the target stage to build like: "runtime" | |
| `docker-build-provenance` | Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build | `false` |
| `docker-disable-retagging` | Disables retagging of existing images and run a new build instead | `false` |
| `gitops-organization` | GitHub Organization for GitOps | `Staffbase` |
| `gitops-repository` | GitHub Repository for GitOps | `mops` |
| `gitops-user` | GitHub User for GitOps | `Staffbot` |
| `gitops-email` | GitHub Email for GitOps | `[email protected]` |
| `gitops-token` | GitHub Token for GitOps | |
| `gitops-dev` | Files which should be updated by the GitHub Action for DEV, must be relative to the root of the GitOps repository | |
| `gitops-stage` | Files which should be updated by the GitHub Action for STAGE, must be relative to the root of the GitOps repository | |
| `gitops-prod` | Files which should be updated by the GitHub Action for PROD, must be relative to the root of the GitOps repository | |
| `working-directory` | The directory in which the GitOps action should be executed. The docker-file variable should be relative to working directory. | `.` |
## Outputs
| Name | Description |
|-----------------|---------------------|
| `docker-digest` | Digest of the image |
| `docker-tag` | Tag of the image |
## Contributing
Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct, and the process for submitting pull requests to us.
## License
This project is licensed under the Apache-2.0 License - see the [LICENSE.md](LICENSE) file for details.
Staffbase GmbH
Staffbase is an internal communications platform built to revolutionize the way you work and unite your company. Staffbase is hiring: jobs.staffbase.com
GitHub | Website | Jobs
## Releasing new versions
Go to the release overview page and publish the draft release with a new version number. Make sure to update the floating version commit.