-
Notifications
You must be signed in to change notification settings - Fork 3
131 lines (126 loc) · 5.73 KB
/
docker.build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Docker build
on:
push:
branches:
- 'main'
tags:
- '*'
pull_request:
jobs:
docker-build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Docker meta
id: docker_meta
uses: crazy-max/ghaction-docker-meta@v5.5.1
with:
images: ghcr.io/${{ github.repository }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.3.0
- name: Set up helmfile
uses: helmfile/helmfile-action@v1.9.1
- name: Cache Docker layers
uses: actions/cache@v4.0.2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to GitHub Container Registry
uses: docker/login-action@v3.1.0
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5.3.0
with:
context: .
file: ./Dockerfile
platforms: linux/amd64
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
- name: Check whether wbaas-deploy should be updated
id: update-check
run: |
if [[ "$GITHUB_REF" =~ ^refs/tags/.+$ ]]; then
echo "This is a tagged release, will try to create an update in wbaas-deploy."
echo "match=true" >> $GITHUB_OUTPUT
fi
- name: Check out `wmde/wbaas-deploy` repository in staging child directory
if: steps.update-check.outputs.match == 'true'
uses: actions/checkout@v4
with:
repository: wmde/wbaas-deploy
path: ./repos/wbaas-deploy-staging
- name: Check out `wmde/wbaas-deploy` repository in production child directory
if: steps.update-check.outputs.match == 'true'
uses: actions/checkout@v4
with:
repository: wmde/wbaas-deploy
path: ./repos/wbaas-deploy-production
- name: Update values for local, staging and production
if: steps.update-check.outputs.match == 'true'
id: update-values
run: |
TAG="$GITHUB_REF_NAME"
echo "tag=$TAG" >> $GITHUB_OUTPUT
sed -i "/image:/{n;s/tag:.*/tag: $TAG/;}" ./repos/wbaas-deploy-staging/k8s/helmfile/env/local/api.values.yaml.gotmpl
sed -i "/image:/{n;s/tag:.*/tag: $TAG/;}" ./repos/wbaas-deploy-staging/k8s/helmfile/env/staging/api.values.yaml.gotmpl
sed -i "/image:/{n;s/tag:.*/tag: $TAG/;}" ./repos/wbaas-deploy-production/k8s/helmfile/env/production/api.values.yaml.gotmpl
- name: Update argo values for local, staging and production
if: steps.update-check.outputs.match == 'true'
id: update-argo-values
run: |
cd ./repos/wbaas-deploy-staging
# run generate values script for local from staging folder
./bin/generate-values local api
# run generate values script for staging from staging folder
./bin/generate-values staging api
# run generate values script for prod from prod folder
cd ../wbaas-deploy-production
./bin/generate-values production api
- name: Truncate commit message
if: steps.update-check.outputs.match == 'true'
id: truncate-commit-message
run: |
MSG=$(echo "${{ github.event.head_commit.message }}" | head -n 1)
echo "msg=$MSG" >> $GITHUB_OUTPUT
- name: Create Staging+Local Pull Request
uses: peter-evans/create-pull-request@v6
if: steps.update-check.outputs.match == 'true'
with:
path: ./repos/wbaas-deploy-staging
commit-message: 'Staging+Local: Deploy new Platform API image ${{ steps.update-values.outputs.tag }}'
title: 'Staging+Local: Deploy new Platform API image ${{ steps.update-values.outputs.tag }}'
branch: deploy-to-staging-${{ steps.update-values.outputs.tag }}
committer: wmdebot <github-bots@wikimedia.de>
author: wmdebot <github-bots@wikimedia.de>
labels: automated pr
token: ${{ secrets.WBAAS_DEPLOY_TOKEN }}
body: |
This is an automated update for the `api` image in staging and local, using `${{ steps.update-values.outputs.tag }}`.
**Changes**: [${{ steps.truncate-commit-message.outputs.msg }}](https://github.com/wbstack/api/commit/${{ github.sha }})
- name: Create Production Pull Request
uses: peter-evans/create-pull-request@v6
if: steps.update-check.outputs.match == 'true'
with:
path: ./repos/wbaas-deploy-production
commit-message: 'Production: Deploy new Platform API image ${{ steps.update-values.outputs.tag }}'
title: 'Production: Deploy new Platform API image ${{ steps.update-values.outputs.tag }}'
branch: deploy-to-production-${{ steps.update-values.outputs.tag }}
committer: wmdebot <github-bots@wikimedia.de>
author: wmdebot <github-bots@wikimedia.de>
labels: automated pr
token: ${{ secrets.WBAAS_DEPLOY_TOKEN }}
body: |
This is an automated update for the `api` image in production, using `${{ steps.update-values.outputs.tag }}`.
**Changes**: [${{ steps.truncate-commit-message.outputs.msg }}](https://github.com/wbstack/api/commit/${{ github.sha }})