Build and Deploy Audit Image #223
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy Audit Image | |
# ToDo: | |
# - Limit workflow runs to the main repo so it does not try to run on someone else's fork. | |
on: | |
workflow_dispatch: | |
pull_request: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
if: github.repository == 'bcgov/von-bc-regestries-audit' || github.event_name == 'workflow_dispatch' | |
name: Build Image | |
permissions: | |
packages: write | |
runs-on: ubuntu-latest | |
outputs: | |
image_digest: ${{steps.docker_build.outputs.digest}} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the GHCR | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Prepare docker tags for image | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ghcr.io/bcgov/von-bc-registries-audit/audit | |
flavor: | | |
latest=true | |
tags: | | |
type=schedule | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
type=sha,value=latest | |
- name: Build and push Docker image | |
id: docker_build | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: docker/Dockerfile | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} # add additional tags | |
labels: ${{ steps.meta.outputs.labels }} # add Docker meta step back in | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Display image results | |
id: lowercase | |
run: | | |
echo 'imageid=${{ steps.docker_build.outputs.imageid }}' | |
echo 'digest=${{ steps.docker_build.outputs.digest }}' | |
# ToDo: | |
# - Define these jobs as a reusable workflow, since the steps are identical. | |
deploy2dev: | |
needs: build | |
uses: ./.github/workflows/reusable_deploy.yml | |
with: | |
environment: dev | |
openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} | |
image_digest: ${{ needs.build.outputs.image_digest }} | |
namespace: ca7f8f-dev | |
github_image_name: ghcr.io/bcgov/von-bc-registries-audit/audit | |
openshift_image_name: image-registry.apps.silver.devops.gov.bc.ca/ca7f8f-tools/audit | |
secrets: | |
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
ROCKETCHAT_WEBHOOK: ${{ secrets.ROCKETCHAT_WEBHOOK }} | |
# OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} | |
ROCKETCHAT_TOKEN: ${{ secrets.ROCKETCHAT_TOKEN }} | |
# deploy2test: | |
# needs: [build, deploy2dev] | |
# permissions: | |
# packages: write | |
# runs-on: ubuntu-latest | |
# environment: test | |
# # ToDo: | |
# # - Define the 'environment' using an environment variable so it can also be used to define the tags. | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@v3 | |
# - name: deploy to test | |
# uses: ./.github/workflows/actions/deploy | |
# with: | |
# environment: test | |
# password: ${{ secrets.GITHUB_TOKEN }} | |
# openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} | |
# OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} | |
# image_digest: ${{ needs.build.outputs.image_digest }} | |
# namespace: ca7f8f-test | |
# ROCKETCHAT_WEBHOOK: ${{ secrets.ROCKETCHAT_WEBHOOK }} | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# github_image_name: ghcr.io/bcgov/von-bc-registries-audit/audit | |
# openshift_image_name: image-registry.apps.silver.devops.gov.bc.ca/ca7f8f-tools/audit | |
# deploy2prod: | |
# needs: [build, deploy2dev, deploy2test] | |
# permissions: | |
# packages: write | |
# runs-on: ubuntu-latest | |
# environment: prod | |
# # ToDo: | |
# # - Define the 'environment' using an environment variable so it can also be used to define the tags. | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@v3 | |
# - name: deploy to prod | |
# uses: ./.github/workflows/actions/deploy | |
# with: | |
# environment: prod | |
# password: ${{ secrets.GITHUB_TOKEN }} | |
# openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} | |
# OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }} | |
# image_digest: ${{ needs.build.outputs.image_digest }} | |
# namespace: ca7f8f-prod | |
# ROCKETCHAT_WEBHOOK: ${{ secrets.ROCKETCHAT_WEBHOOK }} | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# github_image_name: ghcr.io/bcgov/von-bc-registries-audit/audit | |
# openshift_image_name: image-registry.apps.silver.devops.gov.bc.ca/ca7f8f-tools/audit | |