-
Notifications
You must be signed in to change notification settings - Fork 2
131 lines (119 loc) · 4.36 KB
/
publish-image.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Publish Image
on:
push:
branches: [staging, master]
workflow_call:
inputs:
sha:
description: The commit SHA to run the workflow on
required: false
type: string
secrets:
rails_master_key:
description: The Rails master key
required: true
sentry_auth_token:
description: The Sentry integration's token
required: true
workflow_dispatch:
env:
PROJECT_NAME: sofia
jobs:
metadata:
name: Metadata
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.get_metadata.outputs.tag }}
build_args: ${{ steps.get_metadata.outputs.build_args }}
steps:
- name: Get metadata
id: get_metadata
env:
INPUT_SHA: ${{ inputs.sha }}
run: |
if [ "$GITHUB_REF_NAME" = 'master' ]; then
echo 'tag=latest' >> "$GITHUB_OUTPUT"
else
echo 'tag='"$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT"
fi
if [ "$GITHUB_REF_NAME" = 'staging' ] || [ "$GITHUB_REF_NAME" = 'master' ]; then
BUILD_ARGS='BUILD_HASH='${INPUT_SHA:-$GITHUB_SHA}
echo 'build_args='"$BUILD_ARGS" >> "$GITHUB_OUTPUT"
fi
publish:
name: Publish
runs-on: ubuntu-latest
needs: metadata
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ inputs.sha }}
fetch-depth: 0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ vars.DOCKER_REGISTRY_URL }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push image
id: build_push_image
uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
with:
push: true
context: .
build-args: ${{ needs.metadata.outputs.build_args }}
secrets: |
rails_master_key=${{ secrets.RAILS_MASTER_KEY }}
cache-from: type=gha,scope=main
cache-to: type=gha,scope=main
tags: |
${{ vars.DOCKER_REGISTRY_URL }}/${{ github.repository_owner }}/${{ env.PROJECT_NAME }}:${{
needs.metadata.outputs.tag }}
- name: Get sourcemaps from image
if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }}
env:
IMAGE_NAME: ${{ fromJSON(steps.build_push_image.outputs.metadata)['image.name'] }}
run: |
docker cp "$(docker create "$IMAGE_NAME")":/app/public/packs/js/. sourcemaps
- name: Create Sentry release
if: ${{ !(github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image') }}
uses: getsentry/action-release@e769183448303de84c5a06aaaddf9da7be26d6c7 # v1.7.0
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ vars.SENTRY_ORG_NAME }}
SENTRY_PROJECT: ${{ env.PROJECT_NAME }}
with:
finalize: false
sourcemaps: sourcemaps
version: ${{ inputs.sha }}
url_prefix: ~/packs/js/
update_check_run:
name: Update Check Run
runs-on: ubuntu-latest
needs: [metadata, publish]
if: github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image' && always()
permissions:
checks: write
steps:
- name: Get conclusion
id: get_conclusion
env:
RESULTS: ${{ join(needs.*.result, ' ') }}
run: |
echo 'conclusion=success' >> "$GITHUB_OUTPUT"
for RESULT in $RESULTS; do
if [ "$RESULT" = 'cancelled' ] || [ "$RESULT" = 'failure' ]; then
echo 'conclusion='"$RESULT" >> "$GITHUB_OUTPUT"
break
fi
done
- name: Update Publish Image check run
uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0
with:
token: ${{ github.token }}
name: Publish Image
conclusion: ${{ steps.get_conclusion.outputs.conclusion }}
details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}