Github Actions Kubernetes Deploy

deployment.yaml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: myproject
  name: myproject
  namespace: default
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: myproject
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: myproject
    spec:
      containers:
        image: eu.gcr.io/PROJECT_ID/APPLICATION_NAME:TAG
        imagePullPolicy: Always
        name: ponycar
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30

main.workflow

workflow "Build and deploy" {
  on = "push"
  resolves = [
    "notify on deploy",
  ]
}

action "build image" {
  uses = "actions/docker/cli@76ff57a"
  args = "build -t myproject ."
}

action "tag image gcloud" {
  uses = "actions/docker/tag@76ff57a"
  args = ["myproject", "eu.gcr.io/$PROJECT_ID/$APPLICATION_NAME"]
  env = {
    PROJECT_ID = "myproject-220562"
    APPLICATION_NAME = "myproject"
  }
  needs = ["build image"]
}

action "gcloud auth" {
  uses = "actions/gcloud/auth@8ec8bfa"
  secrets = ["GCLOUD_AUTH"]
}

action "load docker credentials" {
  uses = "actions/gcloud/cli@8ec8bfa"
  args = ["auth", "configure-docker", "--quiet"]
  needs = ["gcloud auth"]
}

action "push to GCR" {
  needs = ["load docker credentials", "tag image gcloud"]
  uses = "actions/gcloud/cli@master"
  runs = "sh -c"
  env = {
    PROJECT_ID = "myproject-220562"
    APPLICATION_NAME = "myproject"
  }
  args = ["docker push eu.gcr.io/$PROJECT_ID/$APPLICATION_NAME"]
}

action "load GKE kube credentials" {
  uses = "actions/gcloud/cli@8ec8bfa"
  args = "container clusters get-credentials myproject --zone europe-west3-a --project  myproject-220562"
  needs = ["gcloud auth"]
}

action "deploy to GKE" {
  needs = ["push to GCR", "load GKE kube credentials"]
  uses = "docker://gcr.io/cloud-builders/kubectl"
  env = {
    PROJECT_ID = "myproject-220562"
    APPLICATION_NAME = "myproject"
    DEPLOYMENT_NAME = "myproject"
  }
  runs = "sh -l -c"
  args = ["SHORT_REF=$(echo ${GITHUB_SHA} | head -c7) && cat $GITHUB_WORKSPACE/Kubernetes/deployment.yaml | sed 's/PROJECT_ID/'\"$PROJECT_ID\"'/' | sed 's/APPLICATION_NAME/'\"$APPLICATION_NAME\"'/' | sed 's/TAG/'\"$SHORT_REF\"'/' | kubectl apply -f - "]
}

action "verify GKE deployment" {
  needs = ["deploy to GKE"]
  uses = "docker://gcr.io/cloud-builders/kubectl"
  env = {
    DEPLOYMENT_NAME = "myproject"
  }
  args = "rollout status deployment/myproject"
}

action "notify on deploy" {
  uses = "niklasmerz/bin/curl@curl"
  needs = ["verify GKE deployment"]
  secrets = ["SLACK_HOOK"]
  args = ["-X", "POST", "--data-urlencode",  "\"payload={\\\"channel\\\": \\\"#myproject\\\", \\\"username\\\": \\\"myproject-deployments\\\", \\\"text\\\": \\\"Deployment ready\\\", \\\"icon_emoji\\\": \\\":alarm_clock:\\\"}\"", "$SLACK_HOOK"]
}