-
Notifications
You must be signed in to change notification settings - Fork 127
98 lines (95 loc) · 3.63 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
name: Dagger CI Workflow
on:
repository_dispatch:
types: [test-success]
workflow_dispatch: # manually triggered
env:
# Dagger
DAGGER_PLAN: cue.mod/pkg/github.com/3box/pipeline-tools/ci/plans/ceramic.cue
STATUS_PLAN: cue.mod/pkg/github.com/3box/pipeline-tools/ci/plans/status.cue
DAGGER_LOG_FORMAT: "plain"
# Secrets
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
GH_TOKEN: ${{ secrets.GH_TOKEN }}
# Miscellaneous
RUN_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
STATUS_URL: "https://api.github.com/repos/ceramicnetwork/js-ceramic/statuses/${{ github.event.client_payload.sha || github.sha }}"
BRANCH: ${{ github.event.client_payload.branch || github.ref_name }}
SHA: ${{ github.event.client_payload.sha || github.sha }}
jobs:
image:
name: Verify and publish Docker image
runs-on: ubuntu-latest
steps:
-
name: Checkout code
uses: actions/checkout@v4
with:
# Use specified SHA, otherwise use the branch
ref: ${{ github.event.client_payload.sha || env.BRANCH }}
-
name: Install Dagger
uses: dagger/dagger-for-github@v3
with:
install-only: true
version: "0.2.36"
-
name: Setup Dagger
run: |
dagger project init
dagger project update
dagger project update "github.com/3box/pipeline-tools/ci"
-
name: Set commit status "pending"
run: dagger do pending -p ${{ env.STATUS_PLAN }}
-
name: Set sha tag
run: |
SHA_TAG=$(echo ${{ env.SHA }} | head -c 12)
echo "SHA_TAG=$SHA_TAG" >> $GITHUB_ENV
-
name: Set main branch tag
if: ${{ env.BRANCH == 'main' }}
run: |
echo "ENV_TAG=prod" >> $GITHUB_ENV
-
name: Set rc branch tag
if: ${{ env.BRANCH == 'release-candidate' }}
run: |
echo "ENV_TAG=tnet" >> $GITHUB_ENV
-
name: Set develop branch tag
if: ${{ env.BRANCH == 'develop' || env.ENV_TAG == '' }}
run: |
echo "ENV_TAG=dev" >> $GITHUB_ENV
-
name: Verify Docker image
run: dagger do verify -p ${{ env.DAGGER_PLAN }}
-
name: Set publish flag
if: ${{ env.BRANCH == 'main' || env.BRANCH == 'release-candidate' || env.BRANCH == 'develop' }}
run: echo "PUBLISH=true" >> $GITHUB_ENV
-
name: Get version
if: ${{ env.PUBLISH == 'true' }}
run: echo "VERSION=$(dagger do -l error --output-format json version -p ${{ env.DAGGER_PLAN }} | jq -r '.version')" >> $GITHUB_ENV
-
name: Push Docker image
if: ${{ env.PUBLISH == 'true' }}
run: dagger do push -w "actions:push:\"${{ env.AWS_REGION }}\":\"${{ env.ENV_TAG }}\":\"${{ env.BRANCH }}\":\"${{ env.SHA }}\":\"${{ env.SHA_TAG }}\":\"${{ env.VERSION }}\":_" -p ${{ env.DAGGER_PLAN }}
-
name: Create deployment job
if: ${{ env.PUBLISH == 'true' }}
run: dagger do -l error deploy -w "actions:deploy:\"${{ env.AWS_REGION }}\":\"${{ env.ENV_TAG }}\":latest:\"${{ env.SHA_TAG }}\":_" -p ${{ env.DAGGER_PLAN }}
-
name: Set commit status "success"
run: dagger do success -p ${{ env.STATUS_PLAN }}
-
name: Set commit status "failure"
if: ${{ failure() }}
run: dagger do failure -p ${{ env.STATUS_PLAN }}