fix nextauth api url secret retrieval #1410

Workflow file for this run

.github/workflows/deploy-to-kubernetes.yml at d4faf4d

	name: Deploy images to k8s

	on:
	push:
	branches:
	- 'main'
	- 'staging'
	- 'test'
	- 'expo'
	- 'demo'
	- 'dev'
	- 'pilot'
	paths:
	- 'api/**'
	- 'client/**'
	- 'tiler/**'
	- '.github/**'
	workflow_dispatch:

	jobs:
	set_env_name:
	name: Set Environment Name
	runs-on: ubuntu-20.04
	outputs:
	env_name: ${{ steps.set_env.outputs.env_name }}
	env_name_upper: ${{ steps.set_env.outputs.env_name_upper }}
	steps:
	- name: Set environment name
	shell: bash
	run: \|
	branch_name=$(echo "${GITHUB_REF#refs/heads/}")
	secret_name=$(echo "$branch_name" \| tr '[:lower:]' '[:upper:]')
	mapped_name=${!secret_name}
	if [ -z "$mapped_name" ]; then
	echo "Warning: No secret found for branch '$branch_name'. Falling back to branch name."
	mapped_name=$branch_name
	fi
	mapped_name_upper=$(echo "$mapped_name" \| tr '[:lower:]' '[:upper:]')
	echo "Environment name used: $mapped_name"
	echo "##[set-output name=env_name;]$mapped_name"
	echo "##[set-output name=env_name_upper;]$mapped_name_upper"
	id: set_env
	env:
	PILOT: ${{ secrets.PILOT }}

	wait_for_image_push:
	name: Wait for Docker images to be pushed
	runs-on: ubuntu-20.04
	steps:
	- name: Wait for API image to be pushed to Docker Hub
	uses: fountainhead/[email protected]
	with:
	token: ${{ secrets.REPO_ACCESS_TOKEN }}
	checkName: Push API Docker image to Docker Hub
	ref: ${{ github.event.pull_request.head.sha \|\| github.sha }}

	- name: Wait for Client image to be pushed to Docker Hub
	uses: fountainhead/[email protected]
	with:
	token: ${{ secrets.REPO_ACCESS_TOKEN }}
	checkName: Push Client Docker image to Docker Hub
	ref: ${{ github.event.pull_request.head.sha \|\| github.sha }}

	deploy_images_to_kubernetes:
	name: Deploy updated Docker image to Kubernetes
	runs-on: ubuntu-20.04
	needs: [ set_env_name, wait_for_image_push ]
	steps:
	- name: Check out the repo
	uses: actions/checkout@v2

	- name: Log in to Docker Hub
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}

	- name: Configure SSH access to the bastion host
	run: \|
	mkdir -p ~/.ssh/
	echo "$SSH_KEY" > ~/.ssh/bastion.key
	chmod 600 ~/.ssh/bastion.key
	env:
	SSH_KEY: ${{ secrets.BASTION_SSH_PRIVATE_KEY }}

	- name: Add custom host data
	run: \|
	sudo sh -c 'echo "127.0.0.1 ${{ secrets.EKS_HOST }}" >> /etc/hosts'

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ secrets.AWS_REGION }}

	- name: Install kubectl
	run: \|
	curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key \| sudo gpg --dearmor -o --no-tty /etc/apt/keyrings/kubernetes-apt-keyring.gpg
	echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' \| sudo tee /etc/apt/sources.list.d/kubernetes.list
	sudo apt-get update
	sudo apt install -y kubectl

	- name: Config kubectl
	run: \|
	mkdir ~/.kube
	aws eks update-kubeconfig --name ${{ secrets.EKS_NAME }}
	sed -i 's/$eks.amazonaws.com$/\1:4433/g' ~/.kube/config
	env:
	KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }}

	- name: Creating SSH tunnel
	run: \|
	ssh -i ~/.ssh/bastion.key -o StrictHostKeyChecking=no -N -L 4433:${{ secrets.EKS_HOST }}:443 ${{ secrets.BASTION_USER }}@${{ secrets.BASTION_HOST }} -T &

	- name: Redeploy production pods
	if: ${{ needs.set_env_name.outputs.env_name == 'main' }}
	run: \|
	kubectl rollout restart deployment api -n production
	kubectl rollout restart deployment tiler -n production
	kubectl rollout restart deployment client -n production

	- name: Redeploy pods for other branches
	if: ${{ needs.set_env_name.outputs.env_name != 'main' }}
	run: \|
	kubectl rollout restart deployment api -n ${{ needs.set_env_name.outputs.env_name }}
	kubectl rollout restart deployment tiler -n ${{ needs.set_env_name.outputs.env_name }}
	kubectl rollout restart deployment client -n ${{ needs.set_env_name.outputs.env_name }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix nextauth api url secret retrieval #1410

Workflow file

fix nextauth api url secret retrieval #1410

Jobs

Run details

Workflow file for this run