This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy Image | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- workflow | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
GITHUB_IMAGE_REPO: ghcr.io/bcgov/dts-endorser-service | |
OPENSHIFT_IMAGE_REPO: image-registry.apps.silver.devops.gov.bc.ca/4a9599-tools | |
APP_NAMES: aries-endorser-agent,aries-endorser-db,aries-endorser-backup,aries-endorser-proxy,aries-endorser-api | |
TAGS: v1 ${{ github.sha }} | |
jobs: | |
build: | |
if: (github.repository == 'bcgov/dts-endorser-service') || (github.event_name == 'workflow_dispatch') | |
name: Build Image | |
permissions: | |
packages: write | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- service: aries-endorser-agent | |
GIT_REPO_URL: bcgov/aries-endorser-service | |
SOURCE_CONTEXT_DIR: docker/acapy | |
DOCKER_FILE_PATH: Dockerfile.acapy | |
- service: aries-endorser-db | |
GIT_REPO_URL: bcgov/aries-endorser-service | |
PATH: docker/wallet/config | |
BUILDER_IMAGE: 'quay.io/fedora/postgresql-13:13' | |
- service: aries-endorser-backup | |
GIT_REPO_URL: BCDevOps/backup-container | |
DOCKER_FILE_PATH: Dockerfile | |
SOURCE_CONTEXT_DIR: docker | |
# - service: aries-endorser-proxy | |
# DOCKER_FILE_PATH: Dockerfile | |
# SOURCE_CONTEXT_DIR: proxy | |
- service: aries-endorser-api | |
GIT_REPO_URL: bcgov/aries-endorser-service | |
DOCKER_FILE_PATH: Dockerfile.endorser | |
SOURCE_CONTEXT_DIR: endorser | |
outputs: | |
aries-endorser-agent_digest: ${{ steps.digest.outputs.aries-endorser-agent_digest }} | |
aries-endorser-backup_digest: ${{ steps.digest.outputs.aries-endorser-backup_digest }} | |
aries-endorser-api_digest: ${{ steps.digest.outputs.aries-endorser-api_digest }} | |
aries-endorser-db_digest: ${{ steps.digests.outputs.aries-endorser-db_digest }} | |
image_digest: ${{ steps.docker_build.outputs.digest }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ matrix.GIT_REPO_URL }} | |
- name: List Directories | |
run: | | |
ls -l | |
echo $service | |
env: | |
service: ${{ matrix.service }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to the GHCR | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Prepare docker tags for image | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ghcr.io/bcgov/dts-endorser-service/${{ matrix.service }} | |
flavor: | | |
latest=true | |
tags: | | |
type=schedule | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=semver,pattern={{major}} | |
type=sha,value=latest | |
if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) | |
env: | |
service: ${{ matrix.service }} | |
- name: Create Docker file | |
run: | | |
mkdir ${context} && cd ${context} | |
echo "FROM ${BASE_IMAGE}" > Dockerfile | |
echo "RUN chown 1001:root /usr/bin/caddy" >> Dockerfile | |
if: contains(fromJSON('["aries-endorser-proxy"]'), matrix.service) | |
env: | |
context: ${{ matrix.SOURCE_CONTEXT_DIR }} | |
BASE_IMAGE: "artifacts.developer.gov.bc.ca/docker-remote/caddy:latest" | |
- name: Build and push Docker image | |
id: docker_build | |
uses: docker/build-push-action@v3 | |
with: | |
context: ${{ matrix.SOURCE_CONTEXT_DIR }} | |
file: ${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }} | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) | |
- name: Pull base image | |
id: pull_build_image | |
run: | | |
docker pull ${builder_image} | |
env: | |
builder_image: ${{ matrix.BUILDER_IMAGE }} | |
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) | |
- name: Setup and Build | |
id: build_image | |
uses: redhat-actions/s2i-build@v2 | |
with: | |
path_context: ${{ matrix.PATH }} | |
# Builder image for a java project | |
builder_image: ${{ matrix.BUILDER_IMAGE }} | |
image: dts-endorser-service/${{ matrix.service }} | |
tags: ${{ env.TAGS }} | |
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) | |
- name: Push image | |
id: push | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
tags: ${{ steps.build_image.outputs.tags }} | |
image: ${{ steps.build_image.outputs.image }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
registry: ghcr.io/bcgov | |
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) | |
- name: Print image url | |
id: digests | |
run: | | |
echo "registry_path=${{ steps.push.outputs.registry-paths }}" | |
echo "digest=${{ steps.push.outputs.digest }}" | |
echo "${service}_digest=${digest}" >> $GITHUB_OUTPUT | |
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service) | |
env: | |
service: ${{ matrix.service}} | |
- name: Display image results | |
id: digest | |
run: | | |
echo 'imageid=${{ steps.docker_build.outputs.imageid }}' | |
echo 'digest=${{ steps.docker_build.outputs.digest }}' | |
echo "${service}_digest=${digest}" >> $GITHUB_OUTPUT | |
cat $GITHUB_OUTPUT | |
if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service) | |
env: | |
service: ${{ matrix.service}} | |
deploy2dev: | |
needs: build | |
env: | |
ENVIRONMENT: dev | |
aries-endorser-agent_digest : ${{ needs.build.outputs.aries-endorser-agent_digest }} | |
aries-endorser-db_digest : ${{ needs.build.outputs.aries-endorser-db_digest }} | |
aries-endorser-api_digest : ${{ needs.build.outputs.aries-endorser-api_digest }} | |
# aries-endorser-proxy_digest : ${{ needs.build.outputs.aries-endorser-proxy_digest }} | |
aries-endorser-backup_digest : ${{ needs.build.outputs.aries-endorser-backup_digest }} | |
permissions: | |
packages: write | |
runs-on: ubuntu-latest | |
environment: dev | |
strategy: | |
matrix: | |
include: | |
- service: aries-endorser-agent | |
# - service: aries-endorser-db | |
# - service: aries-endorser-backup | |
# - service: aries-endorser-proxy | |
# - service: aries-endorser-api | |
steps: | |
- name: id | |
run: | | |
echo "${digest}" | |
echo "${needs}" | |
env: | |
digest: ${{ env.aries-endorser-api_digest }} | |
new: ${{ fromJson(needs.build )}} | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Deploy to ${{ env.ENVIRONMENT }} | |
uses: ./.github/workflows/actions/deploy | |
with: | |
environment: ${{ env.ENVIRONMENT }} | |
ghcr_token: ${{ secrets.GITHUB_TOKEN }} | |
github_image_name: ${{ env.GITHUB_IMAGE_REPO }}/${{ matrix.service }} | |
image_digest: ${{ needs.build.outputs.aries-endorser-agent_digest }} | |
openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}/${{ matrix.service }} | |
openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} | |
namespace: ${{ vars.NAMESPACE }} | |
deployment_configuration: ${{ matrix.service }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
# docker pull ghcr.io/bcgov/dts-endorser-service@sha256:57f946ab1053726ac6fcb71c85a98d355e926904ebe26db4798353668b3f6c68 | |
# docker pull ghcr.io/bcgov/dts-endorser-service/aries-endorser-api:sha-e237467 | |
# docker pull ${{ inputs.github_image_name }}@${{ inputs.image_digest }} | |
# github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }} | |
# GITHUB_IMAGE_REPO: ghcr.io/bcgov/dts-endorser-service | |
# docker pull ghcr.io/bcgov/dts-endorser-service | |
# github_image_name: ghcr.io/bcgov/dts-endorser-service | |
# docker push ghcr.io/bcgov/dts-endorser-service/aries-endorser-api | |
# rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} | |
# deploy2test: | |
# needs: [build, deploy2dev] | |
# env: | |
# ENVIRONMENT: test | |
# permissions: | |
# packages: write | |
# runs-on: ubuntu-latest | |
# environment: test | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@v3 | |
# - name: deploy to ${{ env.ENVIRONMENT }} | |
# uses: ./.github/workflows/actions/deploy | |
# with: | |
# environment: ${{ env.ENVIRONMENT }} | |
# ghcr_token: ${{ secrets.GITHUB_TOKEN }} | |
# github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ env.APP_NAME }} | |
# image_digest: ${{ needs.build.outputs.image_digest }} | |
# openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ env.APP_NAME }} | |
# openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} | |
# namespace: ${{ vars.NAMESPACE }} | |
# deployment_configuration: ${{ env.APP_NAME }} | |
# openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
# rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} | |
# deploy2prod: | |
# needs: [build, deploy2dev, deploy2test] | |
# env: | |
# ENVIRONMENT: prod | |
# permissions: | |
# packages: write | |
# runs-on: ubuntu-latest | |
# environment: prod | |
# steps: | |
# - name: Checkout | |
# uses: actions/checkout@v3 | |
# - name: deploy to prod | |
# uses: ./.github/workflows/actions/deploy | |
# with: | |
# environment: ${{ env.ENVIRONMENT }} | |
# ghcr_token: ${{ secrets.GITHUB_TOKEN }} | |
# github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ env.APP_NAME }} | |
# image_digest: ${{ needs.build.outputs.image_digest }} | |
# openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ env.APP_NAME }} | |
# openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }} | |
# namespace: ${{ vars.NAMESPACE }} | |
# deployment_configuration: ${{ env.APP_NAME }} | |
# openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
# rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }} | |
# aries-endorser-db, aries-endorser-backup, aries-endorser-proxy, aries-endorser-api |