6d0ca5bee5
DEVOPS-C-01: Replace hardcoded :latest with IMAGE_TAG placeholder in all 8
production K8s manifests. Update deploy-production.yml to sed-replace
IMAGE_TAG with commit SHA before kubectl apply (remove now-redundant
kubectl set image step).
DEVOPS-C-02: Configure Alertmanager — create alertmanager.yml with Slack +
email receivers (critical/warning/infra routes, inhibition rules). Add
alertmanager:v0.27.0 service to both docker-compose.observability.yml and
deployments/local/docker-compose.yml. Enable prometheus.yml target
(alertmanager:9093).
DEVOPS-C-03: Remove :latest from docker-build.yml main branch push. Now
only SHA tag is pushed for main; :staging+SHA for develop.
DEVOPS-C-04: Add 4 mkt-* services to deployments/local/docker-compose.yml
with unique host ports (facebook:5021, whatsapp:5022, x:5023, zalo:5024)
to eliminate port 5000 conflicts. Add corresponding Traefik routers and
load-balancer entries in infra/traefik/dynamic/routes.yml
(/api/v1/mkt/{facebook,whatsapp,x,zalo}).
Co-Authored-By: Paperclip <noreply@paperclip.ing>
115 lines
4.5 KiB
YAML
115 lines
4.5 KiB
YAML
# EN: Build and push Docker images for all MVP services
|
|
# VI: Build va push Docker images cho tat ca MVP services
|
|
name: Docker Build
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- develop
|
|
paths:
|
|
- 'services/iam-service-net/**'
|
|
- 'services/merchant-service-net/**'
|
|
- 'services/order-service-net/**'
|
|
- 'services/fnb-engine-net/**'
|
|
- 'services/inventory-service-net/**'
|
|
- 'services/wallet-service-net/**'
|
|
- 'services/catalog-service-net/**'
|
|
- 'services/storage-service-net/**'
|
|
- 'apps/web-client-tpos-net/**'
|
|
workflow_dispatch:
|
|
inputs:
|
|
service:
|
|
description: 'Service to build (leave empty for changed only)'
|
|
required: false
|
|
default: ''
|
|
|
|
jobs:
|
|
detect-changes:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
matrix: ${{ steps.set-matrix.outputs.matrix }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 2
|
|
|
|
- name: Detect changed services
|
|
id: set-matrix
|
|
run: |
|
|
if [ -n "${{ github.event.inputs.service }}" ]; then
|
|
echo 'matrix={"include":[{"service":"${{ github.event.inputs.service }}"}]}' >> $GITHUB_OUTPUT
|
|
exit 0
|
|
fi
|
|
|
|
CHANGED=$(git diff --name-only HEAD~1 HEAD)
|
|
INCLUDES=()
|
|
|
|
declare -A SERVICES=(
|
|
["services/iam-service-net"]='{"service":"iam-service-net","context":"./services/iam-service-net","image":"goodgo/iam-service-net"}'
|
|
["services/merchant-service-net"]='{"service":"merchant-service-net","context":"./services/merchant-service-net","image":"goodgo/merchant-service-net"}'
|
|
["services/order-service-net"]='{"service":"order-service-net","context":"./services/order-service-net","image":"goodgo/order-service-net"}'
|
|
["services/fnb-engine-net"]='{"service":"fnb-engine-net","context":"./services/fnb-engine-net","image":"goodgo/fnb-engine-net"}'
|
|
["services/inventory-service-net"]='{"service":"inventory-service-net","context":"./services/inventory-service-net","image":"goodgo/inventory-service-net"}'
|
|
["services/wallet-service-net"]='{"service":"wallet-service-net","context":"./services/wallet-service-net","image":"goodgo/wallet-service-net"}'
|
|
["services/catalog-service-net"]='{"service":"catalog-service-net","context":"./services/catalog-service-net","image":"goodgo/catalog-service-net"}'
|
|
["services/storage-service-net"]='{"service":"storage-service-net","context":"./services/storage-service-net","image":"goodgo/storage-service-net"}'
|
|
["apps/web-client-tpos-net"]='{"service":"web-client-tpos-net","context":"./apps/web-client-tpos-net","image":"goodgo/web-client-tpos-net"}'
|
|
)
|
|
|
|
for path in "${!SERVICES[@]}"; do
|
|
if echo "$CHANGED" | grep -q "^${path}/"; then
|
|
INCLUDES+=("${SERVICES[$path]}")
|
|
fi
|
|
done
|
|
|
|
if [ ${#INCLUDES[@]} -eq 0 ]; then
|
|
echo 'matrix={"include":[]}' >> $GITHUB_OUTPUT
|
|
else
|
|
JOINED=$(IFS=,; echo "${INCLUDES[*]}")
|
|
echo "matrix={\"include\":[${JOINED}]}" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
build:
|
|
needs: detect-changes
|
|
if: needs.detect-changes.outputs.matrix != '{"include":[]}'
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix: ${{ fromJSON(needs.detect-changes.outputs.matrix) }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
|
|
- name: Set tags
|
|
id: tags
|
|
run: |
|
|
IMAGE="${{ matrix.image }}"
|
|
SHA="${{ github.sha }}"
|
|
BRANCH="${{ github.ref_name }}"
|
|
|
|
# EN: Never push :latest — use commit SHA only for main, :staging for develop
|
|
# VI: Khong bao gio push :latest — chi dung commit SHA cho main, :staging cho develop
|
|
if [ "$BRANCH" = "main" ]; then
|
|
echo "tags=${IMAGE}:${SHA}" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "tags=${IMAGE}:staging,${IMAGE}:${SHA}" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
- name: Build and push ${{ matrix.service }}
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: ${{ matrix.context }}
|
|
push: true
|
|
tags: ${{ steps.tags.outputs.tags }}
|
|
cache-from: type=registry,ref=${{ matrix.image }}:buildcache
|
|
cache-to: type=registry,ref=${{ matrix.image }}:buildcache,mode=max
|