Use GH_PAT for GHCR login to fix permission_denied on push #3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy Hanzo SQL | |
| on: | |
| push: | |
| branches: [master, main] | |
| paths: | |
| - 'hanzo/**' | |
| - 'Dockerfile' | |
| - '.github/workflows/deploy.yml' | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GH_PAT }} | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: docker.io | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| platforms: linux/amd64,linux/arm64 | |
| tags: | | |
| ghcr.io/hanzoai/sql:latest | |
| ghcr.io/hanzoai/sql:${{ github.sha }} | |
| docker.io/hanzoai/sql:latest | |
| cache-from: type=gha,scope=sql | |
| cache-to: type=gha,mode=max,scope=sql | |
| deploy-hanzo: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Configure kubectl (hanzo-k8s) | |
| run: doctl kubernetes cluster kubeconfig save do-sfo3-hanzo-k8s | |
| - name: Rolling update postgres | |
| run: | | |
| kubectl -n hanzo set image statefulset/postgres \ | |
| postgres=ghcr.io/hanzoai/sql:latest | |
| kubectl -n hanzo rollout status statefulset/postgres --timeout=120s | |
| deploy-lux: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Configure kubectl (lux-k8s) | |
| run: doctl kubernetes cluster kubeconfig save do-sfo3-lux-k8s | |
| - name: Rolling update postgres | |
| run: | | |
| kubectl -n hanzo set image statefulset/hanzo-postgres \ | |
| postgres=ghcr.io/hanzoai/sql:latest | |
| kubectl -n hanzo rollout status statefulset/hanzo-postgres --timeout=120s |