Skip to content

feat: supporting namespaced auth tokens #533

feat: supporting namespaced auth tokens

feat: supporting namespaced auth tokens #533

Workflow file for this run

name: Build Images and Deploy Preview Environment
on:
pull_request:
types: [opened, reopened, synchronize, closed]
jobs:
build:
name: Build and Push `flipt`
runs-on: ubuntu-latest
if: ${{ github.triggering_actor != 'dependabot[bot]' && (github.event_name != 'pull_request' || github.event.action != 'closed') }}
outputs:
tags: ${{ steps.meta.outputs.tags }}
steps:
- name: Checkout git repo
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Generate UUID image name
id: uuid
run: echo "UUID_FLIPT=$(uuidgen)" >> $GITHUB_ENV
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
# An anonymous, emphemeral registry built on ttl.sh
images: registry.uffizzi.com/${{ env.UUID_FLIPT }}
tags: type=raw,value=24h
- name: Build and Push Image to Uffizzi Ephemeral Registry
uses: docker/build-push-action@v5
with:
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
context: .
file: ./build/Dockerfile.uffizzi
cache-from: type=gha
cache-to: type=gha,mode=max
render-compose-file:
name: Render Docker Compose File
runs-on: ubuntu-latest
if: ${{ github.triggering_actor != 'dependabot[bot]' }}
needs:
- build
outputs:
compose-file-cache-key: ${{ env.COMPOSE_FILE_HASH }}
compose-file-cache-path: docker-compose.rendered.yml
steps:
- name: Checkout git repo
uses: actions/checkout@v4
- name: Render Compose File
run: |
FLIPT_IMAGE=$(echo ${{ needs.build.outputs.tags }})
export FLIPT_IMAGE
# Render simple template from environment variables.
envsubst < ./build/docker-compose.uffizzi.yml > docker-compose.rendered.yml
cat docker-compose.rendered.yml
- name: Hash Rendered Compose File
id: hash
run: echo "COMPOSE_FILE_HASH=$(md5sum docker-compose.rendered.yml | awk '{ print $1 }')" >> $GITHUB_ENV
- name: Cache Rendered Compose File
uses: actions/cache@v3
with:
path: docker-compose.rendered.yml
key: ${{ env.COMPOSE_FILE_HASH }}
deploy-uffizzi-preview:
name: Preview on Uffizzi
needs: render-compose-file
if: ${{ github.triggering_actor != 'dependabot[bot]' }}
uses: UffizziCloud/preview-action/.github/workflows/reusable.yaml@v3
with:
compose-file-cache-key: ${{ needs.render-compose-file.outputs.compose-file-cache-key }}
compose-file-cache-path: ${{ needs.render-compose-file.outputs.compose-file-cache-path }}
server: https://app.uffizzi.com
permissions:
contents: read
pull-requests: write
id-token: write
delete-uffizzi-preview:
name: Delete Existing Preview
uses: UffizziCloud/preview-action/.github/workflows/reusable.yaml@v3
if: ${{ github.triggering_actor != 'dependabot[bot]' && github.event_name == 'pull_request' && github.event.action == 'closed' }}
with:
compose-file-cache-key: ""
compose-file-cache-path: docker-compose.rendered.yml
server: https://app.uffizzi.com
permissions:
contents: read
pull-requests: write
id-token: write