chemavx
9b62636a3e
CI/CD / build-and-push (push) Successful in 2m12s
Kaniko has its own HTTP client and ignores the dind --registry-mirror flag. Passing --registry-mirror=mirror.gcr.io directly to kaniko lets it pull python:3.11-slim (and other Docker Hub base images) via Google's mirror instead of the Cloudflare CDN endpoint (172.64.66.1) which is unreachable from the runner's dind network. Also adds mirror to dind deployment args (--registry-mirror=https://mirror.gcr.io) so node:16-bullseye (the job runner container) is also fetched via mirror. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
86 lines
3.0 KiB
YAML
86 lines
3.0 KiB
YAML
name: CI/CD
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
env:
|
|
REGISTRY: git.chemavx.xyz
|
|
K8S_MANIFESTS_REPO: http://chemavx:${{ secrets.CI_TOKEN }}@gitea.gitea.svc.cluster.local:3000/chemavx/k8s-manifests.git
|
|
GIT_SSL_NO_VERIFY: "true"
|
|
|
|
jobs:
|
|
build-and-push:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ssl-verify: false
|
|
|
|
- name: Set image tag
|
|
id: tag
|
|
run: echo "TAG=${GITHUB_SHA::8}" >> $GITHUB_OUTPUT
|
|
|
|
- name: Build and push bot image
|
|
uses: aevea/action-kaniko@master
|
|
with:
|
|
registry: git.chemavx.xyz
|
|
username: chemavx
|
|
password: ${{ secrets.CI_TOKEN }}
|
|
image: chemavx/polymarket-bot
|
|
tag: ${{ steps.tag.outputs.TAG }}
|
|
path: .
|
|
build_file: Dockerfile
|
|
extra_args: --insecure --skip-tls-verify --registry-mirror=mirror.gcr.io
|
|
|
|
- name: Build and push API image
|
|
uses: aevea/action-kaniko@master
|
|
with:
|
|
registry: git.chemavx.xyz
|
|
username: chemavx
|
|
password: ${{ secrets.CI_TOKEN }}
|
|
image: chemavx/polymarket-bot-api
|
|
tag: ${{ steps.tag.outputs.TAG }}
|
|
path: .
|
|
build_file: Dockerfile.api
|
|
extra_args: --insecure --skip-tls-verify --registry-mirror=mirror.gcr.io
|
|
|
|
- name: Build and push dashboard image
|
|
uses: aevea/action-kaniko@master
|
|
with:
|
|
registry: git.chemavx.xyz
|
|
username: chemavx
|
|
password: ${{ secrets.CI_TOKEN }}
|
|
image: chemavx/polymarket-bot-dashboard
|
|
tag: ${{ steps.tag.outputs.TAG }}
|
|
path: dashboard
|
|
build_file: Dockerfile
|
|
extra_args: --insecure --skip-tls-verify --registry-mirror=mirror.gcr.io
|
|
|
|
- name: Update k8s manifests
|
|
run: |
|
|
TAG=${{ steps.tag.outputs.TAG }}
|
|
|
|
git config --global user.email "ci@git.chemavx.xyz"
|
|
git config --global user.name "Gitea CI"
|
|
|
|
git clone ${{ env.K8S_MANIFESTS_REPO }} /tmp/k8s-manifests
|
|
cd /tmp/k8s-manifests
|
|
|
|
sed -i "s|image: .*polymarket-bot[^-].*|image: git.chemavx.xyz/chemavx/polymarket-bot:${TAG}|g" \
|
|
polymarket-bot/deployment-bot.yaml
|
|
sed -i "s|image: .*polymarket-bot-api.*|image: git.chemavx.xyz/chemavx/polymarket-bot-api:${TAG}|g" \
|
|
polymarket-bot/deployment-api.yaml
|
|
sed -i "s|image: .*polymarket-bot-dashboard.*|image: git.chemavx.xyz/chemavx/polymarket-bot-dashboard:${TAG}|g" \
|
|
polymarket-bot/deployment-dashboard.yaml
|
|
sed -i "s|imagePullPolicy: Never|imagePullPolicy: Always|g" \
|
|
polymarket-bot/deployment-bot.yaml \
|
|
polymarket-bot/deployment-api.yaml \
|
|
polymarket-bot/deployment-dashboard.yaml
|
|
|
|
git add polymarket-bot/deployment-bot.yaml polymarket-bot/deployment-api.yaml polymarket-bot/deployment-dashboard.yaml
|
|
git diff --cached --quiet || git commit -m "ci: update polymarket-bot images to ${TAG} [skip ci]"
|
|
git push
|