Hide sensitive connection args #653
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy to dev | |
| on: | |
| pull_request: | |
| types: [opened, reopened, synchronize, labeled] | |
| # Cancel any existing runs of this workflow on the same branch/pr | |
| # We always want to build/deploy/test a new commit over an older one | |
| concurrency: | |
| group: ${{ github.workflow_ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # Looks for labels like "deploy-to-<env>" attached to a PR so we can deploy to those envs | |
| get-deploy-labels: | |
| runs-on: mdb-dev | |
| outputs: | |
| deploy-envs: ${{ steps.get-labels.outputs.deploy-envs }} | |
| steps: | |
| - name: Pull MindsDB Github Actions | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: mindsdb/github-actions | |
| path: github-actions | |
| ssh-key: ${{ secrets.GH_ACTIONS_PULL_SSH }} | |
| - id: get-labels | |
| uses: ./github-actions/get-deploy-labels | |
| build: | |
| # Build our docker images based on our bake file | |
| runs-on: mdb-dev | |
| needs: [get-deploy-labels] | |
| if: needs.get-deploy-labels.outputs.deploy-envs != '[]' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Pull MindsDB Github Actions | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: mindsdb/github-actions | |
| path: github-actions | |
| ssh-key: ${{ secrets.GH_ACTIONS_PULL_SSH }} | |
| # Build the bakefile and push | |
| - uses: ./github-actions/docker-bake | |
| build_cache: | |
| # Build our docker images based on our bake file | |
| # This job only pushes the layers to the cache repo | |
| # It's done separately so other jobs can run without waiting for this one | |
| runs-on: mdb-dev | |
| needs: [build] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Pull MindsDB Github Actions | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: mindsdb/github-actions | |
| path: github-actions | |
| ssh-key: ${{ secrets.GH_ACTIONS_PULL_SSH }} | |
| - uses: ./github-actions/docker-bake-cache | |
| trigger_deploy: | |
| # Trigger private repo to deploy to dev envs | |
| runs-on: mdb-dev | |
| needs: [build, get-deploy-labels] | |
| strategy: | |
| matrix: | |
| deploy-env: ${{fromJson(needs.get-deploy-labels.outputs.deploy-envs)}} | |
| environment: | |
| name: dev | |
| # We only want to run one deploy job for an env at a time | |
| # Don't cancel in progress jobs because it may be for a different PR | |
| concurrency: | |
| group: deploy-${{ matrix.deploy-env }} | |
| cancel-in-progress: false | |
| if: needs.get-deploy-labels.outputs.deploy-envs != '[]' | |
| steps: | |
| - uses: FranzDiebold/github-env-vars-action@v2 | |
| - uses: convictional/trigger-workflow-and-wait@v1.6.5 | |
| with: | |
| owner: mindsdb | |
| repo: INTERNAL-mindsdb-build-deploy-to-kubernetes | |
| github_token: ${{ secrets.REPO_DISPATCH_PAT_TOKEN }} | |
| workflow_file_name: deploy-dev.yml | |
| ref: main | |
| client_payload: '{"image-tag-prefix": "${{ env.CI_SHA }}", "deploy-env": "${{matrix.deploy-env}}"}' | |
| run_tests: | |
| name: Run Post-Deploy Tests | |
| needs: [trigger_deploy] | |
| uses: ./.github/workflows/test_on_deploy.yml | |
| secrets: inherit |