Skip to content
Build and Deploy Image

test #115

Sign in to view logs

test

test #115

Workflow file for this run

.github/workflows/main.yaml at 2659714
name: Build and Deploy Image
on:
workflow_dispatch:
inputs:
tag:
description: 'Define the tag for the code'
required: false
branch:
description: 'Define branch name'
required: false
default: 'main'
push:
branches:
- workflow
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
GITHUB_IMAGE_REPO: ghcr.io/bcgov/dts-endorser-service/
OPENSHIFT_IMAGE_REPO: image-registry.apps.silver.devops.gov.bc.ca/4a9599-tools/
APP_NAMES: aries-endorser-agent,aries-endorser-db,aries-endorser-backup,aries-endorser-proxy,aries-endorser-api
jobs:
build:
if: (github.repository == 'bcgov/dts-endorser-service') || (github.event_name == 'workflow_dispatch')
name: Build Image
permissions:
packages: write
runs-on: ubuntu-latest
strategy:
matrix:
include:
- service: aries-endorser-agent
GIT_REPO_URL: hyperledger/aries-endorser-service
DOCKER_FILE_PATH: Dockerfile.acapy # The docker path, file, is the relative path to the docker file from the root of the repo.
SOURCE_CONTEXT_DIR: docker/acapy # The context dir, context, sets the context for the build. i.e. where the build will source files from
- service: aries-endorser-db
GIT_REPO_URL: hyperledger/aries-endorser-service
PATH: docker/wallet/config
BUILDER_IMAGE: 'quay.io/fedora/postgresql-13:13'
- service: aries-endorser-backup
GIT_REPO_URL: BCDevOps/backup-container
DOCKER_FILE_PATH: Dockerfile # The docker path, file, is the relative path to the docker file from the root of the repo.
SOURCE_CONTEXT_DIR: docker # The context dir, context, sets the context for the build. i.e. where the build will source files from
- service: aries-endorser-proxy
DOCKER_FILE_PATH: Dockerfile # The docker path, file, is the relative path to the docker file from the root of the repo.
SOURCE_CONTEXT_DIR: proxy # The context dir, context, sets the context for the build. i.e. where the build will source files from
SOURCE_IMAGE_REGISTRY: "artifacts.developer.gov.bc.ca/docker-remote/"
SOURCE_IMAGE_NAME: caddy
SOURCE_IMAGE_TAG: latest
- service: aries-endorser-api
GIT_REPO_URL: hyperledger/aries-endorser-service
DOCKER_FILE_PATH: Dockerfile.endorser # The docker path, file, is the relative path to the docker file from the root of the repo.
SOURCE_CONTEXT_DIR: endorser # The context dir, context, sets the context for the build. i.e. where the build will source files from
BASE_SOURCE_IMAGE_REGISTRY: artifacts.developer.gov.bc.ca/docker-remote/
BASE_SOURCE_IMAGE_NAME: python
BASE_SOURCE_IMAGE_TAG: 3.10-slim-buster
REGISTRY_USERNAME_SECRET_NAME: ARTIFACTORY_USERNAME
REGISTRY_PASSWORD_SECRET_NAME: ARTIFACTORY_PASSWORD
outputs:
aries-endorser-agent_digest: ${{ steps.digest.outputs.aries-endorser-agent_digest }}
aries-endorser-backup_digest: ${{ steps.digest.outputs.aries-endorser-backup_digest }}
aries-endorser-api_digest: ${{ steps.digest.outputs.aries-endorser-api_digest }}
aries-endorser-proxy_digest: ${{ steps.digest.outputs.aries-endorser-proxy_digest }}
aries-endorser-db_digest: ${{ steps.digests.outputs.aries-endorser-db_digest }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
repository: ${{ matrix.GIT_REPO_URL }}
ref: ${{ github.event.tag }}
if: ${{ github.event.tag != '' }}
- name: Checkout
uses: actions/checkout@v4
with:
repository: ${{ matrix.GIT_REPO_URL }}
ref: ${{ github.event.branch }}
if: ${{ github.event.tag == '' }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Pull base image for proxy and Create Docker file
if: contains(fromJSON('["aries-endorser-proxy"]'), matrix.service)
run: |
if [[ -n "${BASE_SOURCE_IMAGE_REGISTRY}" ]]; then
docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $BASE_SOURCE_IMAGE_REGISTRY
BASE_IMAGE="${BASE_SOURCE_IMAGE_REGISTRY}${BASE_SOURCE_IMAGE_NAME}:${BASE_SOURCE_IMAGE_TAG}"
else
docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $SOURCE_IMAGE_REGISTRY
BASE_IMAGE=${SOURCE_IMAGE_REGISTRY}${SOURCE_IMAGE_NAME}:${SOURCE_IMAGE_TAG}
fi
docker pull "${BASE_IMAGE}"
mkdir ${context} && cd ${context}
echo "FROM ${BASE_IMAGE}" > Dockerfile
echo "RUN chown 1001:root /usr/bin/caddy" >> Dockerfile
env:
context: ${{ matrix.SOURCE_CONTEXT_DIR }}
SOURCE_IMAGE_REGISTRY: ${{ matrix.SOURCE_IMAGE_REGISTRY }}
SOURCE_IMAGE_NAME: ${{ matrix.SOURCE_IMAGE_NAME }}
SOURCE_IMAGE_TAG: ${{ matrix.SOURCE_IMAGE_TAG }}
BASE_SOURCE_IMAGE_REGISTRY: ${{ matrix.BASE_SOURCE_IMAGE_REGISTRY }}
BASE_SOURCE_IMAGE_NAME: ${{ matrix.BASE_SOURCE_IMAGE_NAME }}
BASE_SOURCE_IMAGE_TAG: ${{ matrix.BASE_SOURCE_IMAGE_TAG }}
REGISTRY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
- name: Log in to the GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Prepare docker tags for image
id: meta
if: contains(fromJSON('["aries-endorser-db","aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service)
uses: docker/metadata-action@v5
with:
images: ghcr.io/bcgov/dts-endorser-service/${{ matrix.service }}
flavor: |
latest=true
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,value=latest
annotations: |
org.opencontainers.image.description="Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized id"
- name: Update Docker base image and pull the base image if access is required
if: matrix.BASE_SOURCE_IMAGE_REGISTRY != '' && contains(fromJSON('["aries-endorser-db","aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service)
run: |
if [[ -n "${REGISTRY_USERNAME}" ]]; then
docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $BASE_SOURCE_IMAGE_REGISTRY
fi
BASE_IMAGE="${BASE_SOURCE_IMAGE_REGISTRY}${BASE_SOURCE_IMAGE_NAME}:${BASE_SOURCE_IMAGE_TAG}"
sed -i -e "s;FROM .*;FROM ${BASE_IMAGE};g" "$file"
docker pull $BASE_IMAGE
env:
context: ${{ matrix.SOURCE_CONTEXT_DIR }}
BASE_SOURCE_IMAGE_REGISTRY: ${{ matrix.BASE_SOURCE_IMAGE_REGISTRY }}
BASE_SOURCE_IMAGE_NAME: ${{ matrix.BASE_SOURCE_IMAGE_NAME }}
BASE_SOURCE_IMAGE_TAG: ${{ matrix.BASE_SOURCE_IMAGE_TAG }}
file: ${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }}
REGISTRY_USERNAME: ${{ secrets[matrix.REGISTRY_USERNAME_SECRET_NAME]}}
REGISTRY_PASSWORD: ${{ secrets[matrix.REGISTRY_PASSWORD_SECRET_NAME]}}
REPO_URL: ${{ github.repositoryUrl }}
- name: Build and push Docker image
id: docker_build
if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service)
uses: docker/build-push-action@v5
with:
context: ${{ matrix.SOURCE_CONTEXT_DIR }}
file: ${{ matrix.SOURCE_CONTEXT_DIR }}/${{ matrix.DOCKER_FILE_PATH }}
push: true
tags: ${{ steps.meta.outputs.tags }}
outputs: type=image,name=target,annotation-index.org.opencontainers.image.description=Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized id
labels: |

Check failure on line 168 in .github/workflows/main.yaml

View workflow run for this annotation

GitHub Actions / Build and Deploy Image

Invalid workflow file 

The workflow is not valid. .github/workflows/main.yaml (Line: 168, Col: 17): Unexpected symbol: '('. Located at position 21 within expression: env.REPO_URL.replace('git://', 'https://')
io.openshift.build.source-location: ${{ env.REPO_URL.replace('git://', 'https://') }}
io.openshift.build.commit.id: ${{ github.sha }}
# labels: |
# acapy.version=0.1O.3
# description = aries-cloudagent provides a base image for running Hyperledger Aries agents in Docker. This
# io.buildah.version=126.4
# io.k8s.description=aries-cloudagent provides a base image for running Hyperledger Aries agents in Docker. This
# io.k8s.display-name=aries-endorser-agent-15
# 4a9599-tools
# io.openshift.build.namespace=
# io.openshift.build.source-context-dir=docker/acapy
# maintainer=aries-coudagent
# org.opencontainers.image.created=2023-09-29T16:15:13.175Z
# org.opencontainers.image.description=Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized id
# org.opencontainers.image.licenses=Apache-2.0
# org.opencontainers.image.revision=736cdfb38b68900b779e6159f8a16d299127fdc8
# org.opencontainers.image.source=https://github.com/hyperledger/aries-cloudagent-python
# org.opencontainers.image.title=aries-doudagent-Python
# org.opencontainers.image.url=https://github.com/hyperledger/aries-cloudagent-python
# Py39-0103
# org.opencontainers.image.version=aries-cloudaaent image
- name: Pull database image
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service)
run: |
docker pull ${{ matrix.BUILDER_IMAGE }}
- name: Extract Values
id: extract
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service)
run: echo "tags=$(echo '${{ steps.meta.outputs.tags }}' | grep -oE ':([^[:space:]]+)' | sed '/workflow/d' | sed 's/://g' | tr '\n' ' ')" >> $GITHUB_OUTPUT
- name: Build database image
id: build_image
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service)
uses: redhat-actions/s2i-build@v2
with:
path_context: ${{ matrix.PATH }}
# Builder image for a java project
builder_image: ${{ matrix.BUILDER_IMAGE }}
image: dts-endorser-service/${{ matrix.service }}
tags: ${{ steps.extract.outputs.tags }}
- name: Push database image
id: push
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service)
uses: redhat-actions/push-to-registry@v2
with:
tags: ${{ steps.build_image.outputs.tags }}
image: ${{ steps.build_image.outputs.image }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: ghcr.io/bcgov
- name: Display ${{ matrix.service }} image results
id: digests
if: contains(fromJSON('["aries-endorser-db"]'), matrix.service)
run: |
echo "registry_path=${{ steps.push.outputs.registry-paths }}"
digest=${{ steps.push.outputs.digest }}
echo 'digest=${digest}'
echo "${{ matrix.service }}_digest=${digest}" >> $GITHUB_OUTPUT
- name: Display ${{ matrix.service}} image results
id: digest
if: contains(fromJSON('["aries-endorser-agent","aries-endorser-backup","aries-endorser-api","aries-endorser-proxy"]'), matrix.service)
run: |
echo 'imageid=${{ steps.docker_build.outputs.imageid }}'
digest=${{ steps.docker_build.outputs.digest }}
echo 'digest=${digest}'
echo "${{ matrix.service }}_digest=${digest}" >> $GITHUB_OUTPUT
cat $GITHUB_OUTPUT
deploy2dev:
needs: build
env:
ENVIRONMENT: dev
permissions:
packages: write
runs-on: ubuntu-latest
environment: dev
strategy:
# Serialize the deployments
max-parallel: 1
matrix:
include:
- service: aries-endorser-db
- service: aries-endorser-agent
- service: aries-endorser-backup
- service: aries-endorser-proxy
- service: aries-endorser-api
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Deploy to ${{ env.ENVIRONMENT }}
uses: ./.github/workflows/actions/deploy
with:
environment: ${{ env.ENVIRONMENT }}
ghcr_token: ${{ secrets.GITHUB_TOKEN }}
github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }}
image_digest: ${{ needs.build.outputs[format ('{0}_digest', matrix.service)] }}
openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ matrix.service }}
openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }}
namespace: ${{ vars.NAMESPACE }}
deployment_configuration: ${{ matrix.service }}
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
# rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }}
# # docker pull ghcr.io/bcgov/dts-endorser-service@sha256:57f946ab1053726ac6fcb71c85a98d355e926904ebe26db4798353668b3f6c68
# # docker pull ghcr.io/bcgov/dts-endorser-service/aries-endorser-api:sha-e237467
# # docker pull ${{ inputs.github_image_name }}@${{ inputs.image_digest }}
# # github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ matrix.service }}
# # GITHUB_IMAGE_REPO: ghcr.io/bcgov/dts-endorser-service
# # docker pull ghcr.io/bcgov/dts-endorser-service
# # github_image_name: ghcr.io/bcgov/dts-endorser-service
# # docker push ghcr.io/bcgov/dts-endorser-service/aries-endorser-api
# # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }}
# # deploy2test:
# # needs: [build, deploy2dev]
# # env:
# # ENVIRONMENT: test
# # permissions:
# # packages: write
# # runs-on: ubuntu-latest
# # environment: test
# # steps:
# # - name: Checkout
# # uses: actions/checkout@v3
# # - name: deploy to ${{ env.ENVIRONMENT }}
# # uses: ./.github/workflows/actions/deploy
# # with:
# # environment: ${{ env.ENVIRONMENT }}
# # ghcr_token: ${{ secrets.GITHUB_TOKEN }}
# # github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ env.APP_NAME }}
# # image_digest: ${{ needs.build.outputs.image_digest }}
# # openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ env.APP_NAME }}
# # openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }}
# # namespace: ${{ vars.NAMESPACE }}
# # deployment_configuration: ${{ env.APP_NAME }}
# # openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
# # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }}
# # deploy2prod:
# # needs: [build, deploy2dev, deploy2test]
# # env:
# # ENVIRONMENT: prod
# # permissions:
# # packages: write
# # runs-on: ubuntu-latest
# # environment: prod
# # steps:
# # - name: Checkout
# # uses: actions/checkout@v3
# # - name: deploy to prod
# # uses: ./.github/workflows/actions/deploy
# # with:
# # environment: ${{ env.ENVIRONMENT }}
# # ghcr_token: ${{ secrets.GITHUB_TOKEN }}
# # github_image_name: ${{ env.GITHUB_IMAGE_REPO }}${{ env.APP_NAME }}
# # image_digest: ${{ needs.build.outputs.image_digest }}
# # openshift_image_name: ${{ env.OPENSHIFT_IMAGE_REPO }}${{ env.APP_NAME }}
# # openshift_server_url: ${{ vars.OPENSHIFT_SERVER_URL }}
# # namespace: ${{ vars.NAMESPACE }}
# # deployment_configuration: ${{ env.APP_NAME }}
# # openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
# # rocketchat_webhook: ${{ secrets.ROCKETCHAT_WEBHOOK }}
# # aries-endorser-db, aries-endorser-backup, aries-endorser-proxy, aries-endorser-api