-
Notifications
You must be signed in to change notification settings - Fork 223
76 lines (73 loc) · 2.55 KB
/
build-and-push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
name: Build, test and push a Docker image
on:
push:
branches:
- main
tags:
- v20[0-9][0-9].[01][0-9].[0-3][0-9] # e.g. v2023.12.04
- v20[0-9][0-9].[01][0-9].[0-3][0-9]-[0-9] # e.g. v2023.12.04-2
pull_request:
branches:
- main
merge_group:
jobs:
build:
permissions:
contents: read
deployments: write
id-token: write
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Get info
run: |
uname -v
docker info
- name: Create version.json
run: |
# create a version.json per
# https://github.com/mozilla-services/Dockerflow/blob/master/docs/version_object.md
printf '{"commit":"%s","version":"%s","source":"%s","build":"%s"}\n' \
"$GITHUB_SHA" \
"$GITHUB_REF_NAME" \
"$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
"$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" > version.json
- name: Install just
run: sudo apt-get update && sudo apt-get install -y just
- name: Output version.json
run: cat version.json
- name: Build Docker images
run: |
just build
docker compose images
- name: Verify requirements.txt contains correct dependencies
run: |
just exec-no-deps ./bin/verify_reqs.sh
- name: Run lint check
run: |
just lint
- name: Run tests
run: |
just test-ci
- name: Set Docker image tag to "latest" for updates of the main branch
if: github.ref == 'refs/heads/main'
run: |
echo IMAGE_TAG=latest >> "$GITHUB_ENV"
# Updates to the main branch are deployed to stage.
echo DEPLOYMENT_ENV=stage >> "$GITHUB_ENV"
- name: Set Docker image tag to the git tag for tagged builds
if: startsWith(github.ref, 'refs/tags/')
run: |
echo IMAGE_TAG="$GITHUB_REF_NAME" >> "$GITHUB_ENV"
# Version tags are deployed to prod.
echo DEPLOYMENT_ENV=prod >> "$GITHUB_ENV"
- name: Push the Docker image to GAR
if: env.IMAGE_TAG != ''
uses: mozilla-it/deploy-actions/[email protected]
with:
local_image: local/socorro_app:latest
image_repo_path: ${{ secrets.DOCKER_IMAGE_PATH }}
image_tag: ${{ env.IMAGE_TAG }}
workload_identity_pool_project_number: ${{ secrets.WORKLOAD_IDENTITY_POOL_PROJECT_NUMBER }}
project_id: ${{ secrets.GCP_PROJECT_ID }}
deployment_env: ${{ env.DEPLOYMENT_ENV }}