update dependencies #234

Summary
Jobs
- test
- build
- deploy
- docs
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Build & Deploy

	on:
	push:
	branches: [ master, develop ]

	workflow_dispatch:

	env:
	IMAGE_REGISTRY: ghcr.io
	NOMAD_VERSION: "1.2.2"

	jobs:
	test:
	runs-on: ubuntu-latest
	env:
	MIX_ENV: test
	steps:
	- uses: actions/checkout@v3

	- uses: erlef/setup-beam@v1.16.0
	with:
	otp-version: "26"
	elixir-version: "1.15"

	- uses: actions/cache@v3
	with:
	path: \|
	deps
	_build
	key: ${{ runner.os }}-mix-${{ hashFiles('mix.lock') }}
	restore-keys: ${{ runner.os }}-mix-

	- uses: actions/cache@v3
	with:
	path: tmp/live-timing-cache
	key: live-timing-data-cache

	- run: mix deps.get
	- run: mix compile --warnings-as-errors
	- run: mix test

	build:
	runs-on: ubuntu-latest
	needs:
	- test
	steps:
	- name: Set environment variables
	run: \|
	# Lowercases GITHUB_REGISTRY, docker build breaks with tags that contain uppercase letters
	echo "IMAGE_ID=${IMAGE_REGISTRY}/${GITHUB_REPOSITORY,,}" >> ${GITHUB_ENV}

	- uses: actions/checkout@v3

	- uses: actions/cache@v3
	with:
	path: /tmp/buildx-cache
	key: ${{ runner.os }}-buildx-${{ github.sha }}
	restore-keys: ${{ runner.os }}-buildx

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2.5.0

	- name: Login to DockerHub
	uses: docker/login-action@v2.1.0
	with:
	registry: ${{ env.IMAGE_REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push
	id: docker_build
	uses: docker/build-push-action@v4.0.0
	with:
	push: true
	tags: "${{env.IMAGE_ID}}:latest,${{env.IMAGE_ID}}:${{ github.sha }},${{env.IMAGE_ID}}:${{ github.ref_name }}"
	cache-from: type=local,src=/tmp/buildx-cache
	cache-to: type=local,mode=max,dest=/tmp/buildx-cache

	deploy:
	runs-on: ubuntu-latest
	needs:
	- build
	if: contains(fromJson('["refs/heads/master", "refs/heads/develop"]'), github.ref)
	defaults:
	run:
	shell: bash
	env:
	NOMAD_CACERT: "/tmp/ca.pem"
	NOMAD_CLIENT_CERT: "/tmp/client.pem"
	NOMAD_CLIENT_KEY: "/tmp/client-key.pem"

	steps:
	- name: Set environment variables
	run: \|
	# Lowercases GITHUB_REGISTRY, docker build breaks with tags that contain uppercase letters
	echo "IMAGE_ID=${IMAGE_REGISTRY}/${GITHUB_REPOSITORY,,}" >> ${GITHUB_ENV}

	- uses: actions/checkout@v3

	- name: Set up WireGuard
	uses: egor-tensin/setup-wireguard@v1.2.0
	with:
	endpoint: ${{ secrets.WG_ENDPOINT }}
	endpoint_public_key: ${{ secrets.WG_ENDPOINT_PUBLIC_KEY }}
	ips: ${{ secrets.WG_IPS }}
	allowed_ips: ${{ secrets.WG_ALLOWED_IPS }}
	private_key: ${{ secrets.WG_PRIVATE_KEY }}

	-
	name: Download Nomad
	run: \|
	cd /usr/local/bin && \
	wget --quiet "https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_linux_amd64.zip" && \
	unzip "nomad_${NOMAD_VERSION}_linux_amd64.zip" && \
	chmod +x nomad

	-
	name: Populate cert files
	run: \|
	echo "$SECRET_NOMAD_CA_CERT" >> "$NOMAD_CACERT" && \
	echo "$SECRET_NOMAD_CLIENT_CERT" >> "$NOMAD_CLIENT_CERT" && \
	echo "$SECRET_NOMAD_CLIENT_KEY" >> "$NOMAD_CLIENT_KEY"
	env:
	SECRET_NOMAD_CA_CERT: ${{ secrets.NOMAD_CA_CERT }}
	SECRET_NOMAD_CLIENT_CERT: ${{ secrets.NOMAD_CLIENT_CERT }}
	SECRET_NOMAD_CLIENT_KEY: ${{ secrets.NOMAD_CLIENT_KEY }}

	# - name: Debugging with ssh
	# uses: lhotari/action-upterm@v1
	# with:
	# limit-access-to-users: ${{ env.GITHUB_REPOSITORY_OWNER }}

	-
	name: Deploy Nomad job
	run: \|
	sed 's/____INSERT_ENV_HERE____/${{ github.ref_name }}/g' f1bot.nomad.hcl >> f1bot-baked.nomad.hcl
	run_output=$(nomad job run -verbose \
	-var "image_version=${{ github.sha }}" \
	-var "environment=${{ github.ref_name }}" \
	-var "ghcr_password=$GHCR_PASSWORD" \
	-var "image_id=$IMAGE_ID" \
	-detach f1bot-baked.nomad.hcl)
	./scripts/check-nomad-deployment.sh "$run_output"
	env:
	NOMAD_TOKEN: "${{ secrets.NOMAD_TOKEN }}"
	NOMAD_ADDR: "${{ secrets.NOMAD_URL }}"
	NOMAD_TLS_SERVER_NAME: "server.global.nomad"
	GHCR_PASSWORD: "${{ secrets.GHCR_PASSWORD }}"

	-
	name: Shred credentials
	if: always()
	run: \|
	echo -e "[BEFORE SHREDDING]\n\n"
	ls -lh "$NOMAD_CACERT" "$NOMAD_CLIENT_CERT" "$NOMAD_CLIENT_KEY"

	echo -e "\n[SHREDDING]"
	shred "$NOMAD_CACERT"
	shred "$NOMAD_CLIENT_CERT"
	shred "$NOMAD_CLIENT_KEY"

	echo -e "\n[AFTER SHREDDING]\n\n"
	ls -lh "$NOMAD_CACERT" "$NOMAD_CLIENT_CERT" "$NOMAD_CLIENT_KEY"

	docs:
	runs-on: ubuntu-latest
	needs:
	- build
	if: github.ref == 'refs/heads/master'
	steps:
	- uses: actions/checkout@v3

	- uses: erlef/setup-beam@v1.16.0
	with:
	otp-version: "25"
	elixir-version: "1.14"

	- uses: actions/cache@v3
	with:
	path: \|
	deps
	_build
	key: ${{ runner.os }}-mix-${{ hashFiles('mix.lock') }}
	restore-keys: ${{ runner.os }}-mix-

	- run: mix deps.get
	- run: mix docs

	- name: Deploy
	uses: JamesIves/github-pages-deploy-action@v4.3.3
	with:
	branch: gh-pages
	folder: doc

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update dependencies #234

Workflow file

update dependencies #234

Jobs

Run details

Workflow file for this run