fix: use registry.i80.dk (Harbor) instead of ghcr.io
- classify.yml: build/push to registry.i80.dk/gitea/kreuzberg-classify - classify.nomad: pull from registry.i80.dk with Harbor robot token from Consul KV
This commit is contained in:
Henrik Jess Nielsen
@@ -1,4 +1,4 @@
|
|||||||
name: Deploy classify service
|
name: Build and Deploy classify service
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
@@ -12,8 +12,7 @@ on:
|
|||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
|
|
||||||
env:
|
env:
|
||||||
REGISTRY: ghcr.io
|
SERVICE_NAME: classify
|
||||||
IMAGE_NAME: hjess/kreuzberg-classify
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-and-deploy:
|
build-and-deploy:
|
||||||
@@ -21,18 +20,28 @@ jobs:
|
|||||||
|
|
||||||
env:
|
env:
|
||||||
PATH: /usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/bin:/snap/bin
|
PATH: /usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/bin:/snap/bin
|
||||||
|
DOCKER_HOST: unix:///var/run/docker.sock
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Log in to Docker Registry
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.HARBOR_ROBOT_TOKEN }}" | docker login registry.i80.dk -u "robot\$gitserver" --password-stdin
|
||||||
|
|
||||||
- name: Build Docker image
|
- name: Build Docker image
|
||||||
run: |
|
run: |
|
||||||
docker build -f Dockerfile.classify -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest .
|
SHA=$(git rev-parse --short HEAD)
|
||||||
|
docker build -f Dockerfile.classify \
|
||||||
|
-t registry.i80.dk/gitea/kreuzberg-classify:latest \
|
||||||
|
-t registry.i80.dk/gitea/kreuzberg-classify:$SHA .
|
||||||
|
|
||||||
- name: Push to registry
|
- name: Push Docker image
|
||||||
run: |
|
run: |
|
||||||
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
SHA=$(git rev-parse --short HEAD)
|
||||||
|
docker push registry.i80.dk/gitea/kreuzberg-classify:latest
|
||||||
|
docker push registry.i80.dk/gitea/kreuzberg-classify:$SHA
|
||||||
|
|
||||||
- name: Validate Nomad job
|
- name: Validate Nomad job
|
||||||
run: nomad job validate classify.nomad
|
run: nomad job validate classify.nomad
|
||||||
@@ -44,9 +53,10 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
NOMAD_ADDR: "https://nomad.i80.dk:4646"
|
NOMAD_ADDR: "https://nomad.i80.dk:4646"
|
||||||
|
|
||||||
- name: Check deployment status
|
- name: Wait for healthy allocation
|
||||||
run: |
|
run: |
|
||||||
sleep 10
|
sleep 15
|
||||||
nomad job status classify
|
nomad job status ${SERVICE_NAME}
|
||||||
|
nomad job allocs ${SERVICE_NAME}
|
||||||
env:
|
env:
|
||||||
NOMAD_ADDR: "https://nomad.i80.dk:4646"
|
NOMAD_ADDR: "https://nomad.i80.dk:4646"
|
||||||
|
|||||||
@@ -70,9 +70,13 @@ job "classify" {
|
|||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "ghcr.io/hjess/kreuzberg-classify:latest"
|
image = "registry.i80.dk/gitea/kreuzberg-classify:latest"
|
||||||
ports = ["http"]
|
ports = ["http"]
|
||||||
force_pull = true
|
force_pull = true
|
||||||
|
auth {
|
||||||
|
username = "robot$gitserver"
|
||||||
|
password = "${HARBOR_ROBOT_TOKEN}"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
env {
|
env {
|
||||||
@@ -80,6 +84,14 @@ job "classify" {
|
|||||||
PORT = "${NOMAD_PORT_http}"
|
PORT = "${NOMAD_PORT_http}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = <<EOH
|
||||||
|
HARBOR_ROBOT_TOKEN="{{ key "harbor/robot/token" }}"
|
||||||
|
EOH
|
||||||
|
destination = "secrets/registry.env"
|
||||||
|
env = true
|
||||||
|
}
|
||||||
|
|
||||||
restart {
|
restart {
|
||||||
attempts = 5
|
attempts = 5
|
||||||
interval = "10m"
|
interval = "10m"
|
||||||
|
|||||||
Reference in New Issue
Block a user