doran/.forgejo/workflows/deploy.yml

name: deploy

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: linux-amd64
    env:
      IMAGE_TAG: ${{ github.sha }}
      REGISTRY_HOST: ${{ vars.REGISTRY_HOST }}
      PROJECT_NAME: ${{ vars.PROJECT_NAME || 'unrip' }}
      PROJECT_NAMESPACE: ${{ vars.PROJECT_NAMESPACE || vars.PROJECT_NAME || 'unrip' }}
      PROJECT_DEPLOYMENTS: ${{ vars.PROJECT_DEPLOYMENTS || 'near-intents-ingest,dummy-reactor,dummy-executor,dummy-consumer' }}
      BUILDAH_ISOLATION: chroot
      STORAGE_DRIVER: vfs
    steps:
      - name: Install tooling
        run: |
          apk add --no-cache buildah kubectl

      - name: Checkout
        env:
          REPO_URL: ${{ github.server_url }}/${{ github.repository }}.git
          REPO_TOKEN: ${{ github.token }}
        run: |
          rm -rf .git
          git init .
          git remote add origin "https://oauth2:${REPO_TOKEN}@${REPO_URL#https://}"
          git fetch --depth=1 origin "$GITHUB_SHA"
          git checkout --detach FETCH_HEAD

      - name: Load kubeconfig
        run: |
          mkdir -p "$HOME/.kube"
          printf '%s' '${{ secrets.KUBECONFIG_B64 }}' | base64 -d > "$HOME/.kube/config"
          kubectl get ns

      - name: Login to registry
        run: |
          buildah login -u '${{ secrets.REGISTRY_USERNAME }}' -p '${{ secrets.REGISTRY_PASSWORD }}' "$REGISTRY_HOST"

      - name: Resolve deployment settings
        run: |
          IMAGE="$REGISTRY_HOST/$PROJECT_NAME:$IMAGE_TAG"
          {
            echo "IMAGE=$IMAGE"
            echo "PROJECT_NAMESPACE=$PROJECT_NAMESPACE"
            echo "PROJECT_DEPLOYMENTS=$PROJECT_DEPLOYMENTS"
          } >> "$GITHUB_ENV"

      - name: Build and push image
        run: |
          buildah bud --storage-driver "$STORAGE_DRIVER" -t "$IMAGE" .
          buildah push --storage-driver "$STORAGE_DRIVER" "$IMAGE" "docker://$IMAGE"

      - name: Roll deployments to new image
        run: |
          IFS=',' read -r -a DEPLOYMENTS <<< "$PROJECT_DEPLOYMENTS"

          for deployment in "${DEPLOYMENTS[@]}"; do
            deployment="$(echo "$deployment" | xargs)"
            [ -n "$deployment" ] || continue

            kubectl -n "$PROJECT_NAMESPACE" set image "deployment/$deployment" app="$IMAGE"
            kubectl -n "$PROJECT_NAMESPACE" rollout status "deployment/$deployment" --timeout=180s
          done