github-actions/.github/workflows/deploy.yml at main · simpleanalytics/github-actions · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
name: Deploy App

on:
  workflow_call:
    inputs:
      app:
        description: Name of the app to deploy, like esapi or queue
        required: true
        type: string
      # No longer used but left here for backswards compatablity
      image_repo:
        description: Image repo, like ghcr.io/simpleanalytics/elasticsearch
        required: false
        type: string
        default: ""
      image_tag:
        description: Tag to deploy, like a git commit hash
        required: true
        type: string
      hosts:
        description: Space-separated list of hosts to deploy to
        required: true
        type: string
      strategy:
        description: Strategy to deploy to use, currently only "blue_green" and "replace" are supported
        required: false
        default: "blue_green"
        type: string

jobs:
  deploy:
    name: Deploy via webhook
    runs-on: ubuntu-latest
    timeout-minutes: 10
    concurrency:
      group: deploy-${{ inputs.env }}
    steps:
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v4

      - name: Login to Container Registry
        uses: docker/login-action@v4
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Trigger deployment webhook with output
        run: |
          set -uo pipefail # no "e" because we want to retrieve the curl output

          read -a hosts <<< "${{ inputs.hosts }}"
          fail_flag=0 # Flag to track if any command fails

          for host in "${hosts[@]}"; do
            curl -sS --fail-with-body --user "token:${{ secrets.DEPLOY_TOKEN }}" \
              --write-out "%{http_code}" --output response_$host.tmp \
              "https://webhook.$host.simpleanalytics.com/deploy.${{ inputs.strategy }}?app=${{ inputs.app }}&image_tag=${{ inputs.image_tag }}" > status_$host.txt 2>&1 &
          done

          for pid in $(jobs -p); do
            if ! wait "$pid"; then
              fail_flag=1 # Set fail flag if a process fails
            fi
          done

          # Read status codes and responses after all jobs have completed
          for host in "${hosts[@]}"; do
            echo "::group::Webhook output for $host"
            echo "Host $host:"
            echo "HTTP Status Code: $(cat status_$host.txt)"
            echo "Response Body:"
            cat response_$host.tmp || echo "No response body found"
            echo "" # for better readability
            echo "::endgroup::"
          done

          if [ "$fail_flag" -ne 0 ]; then
            exit 1 # Exit with status 1 if any command failed
          fi

      - name: Add rollback instructions to summary
        run: |
          echo "### Rollback Instructions" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "To roll back to this build at a later stage, retry the deploy run, or from infra repo:" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo '```' >> $GITHUB_STEP_SUMMARY
          echo "./scripts/deploy.sh <app yaml name> ${{ inputs.app }} ${{ inputs.image_tag }}" >> $GITHUB_STEP_SUMMARY
          echo '```' >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "Where \`<app yaml name>\` is the file name without extension of your app in \`ansible/vars/apps/\`." >> $GITHUB_STEP_SUMMARY