new commit #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: alpha on main | |
| on: | |
| push: | |
| branches: | |
| - act | |
| paths: | |
| - alpha/** | |
| - .github/workflows/alpha_main.yml | |
| env: | |
| DOCKER_REGISTRY: ghcr.io | |
| DOCKER_ORG_NAME: soniaboussabeh | |
| DOCKER_USERNAME: ${{ github.actor }} | |
| DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| REPO_NAME: ${{ github.event.repository.name }} | |
| SERVICE_NAME: alpha | |
| KOSLI_CLI_VERSION: 2.10.9 | |
| KOSLI_HOST: https://app.kosli.com | |
| KOSLI_ORG: soniaboussabeh | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }} | |
| KOSLI_FLOW: playground-alpha-ci | |
| jobs: | |
| setup: | |
| name: Setup job variables | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image_tag: ${{ steps.variables.outputs.image_tag }} | |
| image_name: ${{ steps.variables.outputs.image_name }} | |
| tagged_image_previous: ${{ steps.variables.outputs.tagged_image_previous }} | |
| image_tar_filename: ${{ steps.variables.outputs.image_tar_filename }} | |
| steps: | |
| - name: Set outputs | |
| id: variables | |
| run: | | |
| image_tag="${GITHUB_SHA:0:7}" | |
| image_uri="${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_ORG_NAME }}/${{ env.REPO_NAME }}-${{ env.SERVICE_NAME }}" | |
| image_name="${image_uri}:${image_tag}" | |
| tagged_image_previous="${image_uri}:previous" | |
| image_tar_filename="/tmp/${{ env.REPO_NAME }}-${{ env.SERVICE_NAME }}:previous.tar" | |
| echo "image_tag=${image_tag}" >> ${GITHUB_OUTPUT} | |
| echo "image_name=${image_name}" >> ${GITHUB_OUTPUT} | |
| echo "tagged_image_previous=${tagged_image_previous}" >> ${GITHUB_OUTPUT} | |
| echo "image_tar_filename=${image_tar_filename}" >> ${GITHUB_OUTPUT} | |
| - name: Setup Kosli cli | |
| uses: kosli-dev/setup-cli-action@v2 | |
| with: | |
| version: | |
| ${{ env.KOSLI_CLI_VERSION }} | |
| - name: Clone repository | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: 1 | |
| - name: Create kosli flow | |
| run: kosli create flow ${{ env.KOSLI_FLOW }} --template-file alpha/.kosli.yml | |
| - name: Begin kosli trail | |
| run: kosli begin trail ${{ github.sha }} --flow ${{ env.KOSLI_FLOW }} | |
| build: | |
| name: Build docker image and push it to registry | |
| runs-on: ubuntu-latest | |
| needs: [setup] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 1 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.DOCKER_REGISTRY }} | |
| username: ${{ env.DOCKER_USERNAME }} | |
| password: ${{ env.DOCKER_PASSWORD }} | |
| - name: Build and push Docker image to the GHCR | |
| id: docker_build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ${{ env.SERVICE_NAME }} | |
| push: true | |
| tags: ${{ needs.setup.outputs.image_name }},${{ needs.setup.outputs.tagged_image_previous }} | |
| cache-from: type=registry,ref=${{ needs.setup.outputs.tagged_image_previous }} | |
| cache-to: type=inline,mode=max | |
| - name: Tar Docker image | |
| run: | | |
| docker pull ${{ needs.setup.outputs.image_name }} | |
| docker image save ${{ needs.setup.outputs.image_name }} --output ${{ needs.setup.outputs.image_tar_filename }} | |
| - name: Cache Docker image | |
| uses: actions/[email protected] | |
| with: | |
| path: ${{ needs.setup.outputs.image_tar_filename }} | |
| key: ${{ needs.setup.outputs.image_name }} | |
| - name: Setup Kosli cli | |
| uses: kosli-dev/setup-cli-action@v2 | |
| with: | |
| version: | |
| ${{ env.KOSLI_CLI_VERSION }} | |
| - name: Attest artifact provenance to Kosli | |
| run: | | |
| kosli attest artifact ${{ needs.setup.outputs.image_name }} \ | |
| --artifact-type=docker \ | |
| --flow=${{ env.KOSLI_FLOW }} \ | |
| --trail=${{ github.sha }} \ | |
| --name=alpha | |
| lint: | |
| name: Run rubocop linter | |
| needs: [build,setup] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 1 | |
| - name: Run Rubocop linter on source | |
| run: | | |
| cd "${{ env.SERVICE_NAME }}" | |
| make lint | |
| - name: Setup Kosli cli | |
| uses: kosli-dev/setup-cli-action@v2 | |
| with: | |
| version: | |
| ${{ env.KOSLI_CLI_VERSION }} | |
| - name: Attest lint provenance to Kosli | |
| run: | | |
| docker pull ${{ needs.setup.outputs.image_name }} | |
| kosli attest generic ${{ needs.setup.outputs.image_name }} --artifact-type=docker --flow=${{ env.KOSLI_FLOW }} --trail=${{ github.sha }} --name=alpha.generic-lint | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [setup, build, lint] | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 1 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.DOCKER_REGISTRY }} | |
| username: ${{ env.DOCKER_USERNAME }} | |
| password: ${{ env.DOCKER_PASSWORD }} | |
| - name: Fake a deployment | |
| env: | |
| IMAGE_NAME: ${{ needs.setup.outputs.image_name }} | |
| run: | | |
| docker pull "${IMAGE_NAME}" | |
| export COMMIT_SHORT_SHA=$(git rev-parse --short=7 HEAD) | |
| docker compose up ${{ env.SERVICE_NAME }} --wait | |
| - name: Setup Kosli cli | |
| uses: kosli-dev/setup-cli-action@v2 | |
| with: | |
| version: | |
| ${{ env.KOSLI_CLI_VERSION }} | |
| - name: Create a Snapshot | |
| env: | |
| KOSLI_ENVIRONMENT_NAME: playground-prod | |
| run: | | |
| kosli snapshot docker "${KOSLI_ENVIRONMENT_NAME}" |