Skip to content

Update Dependencies for Envoy #3792

Update Dependencies for Envoy

Update Dependencies for Envoy #3792

Workflow file for this run

name: Containers
on:
push:
branches:
- main
tags:
- "v*"
pull_request:
branches:
- main
# Each container image is built in its own job. To add an image, simply copy and paste
# one of the jobs and configure the build to point to the container's Dockerfile and
# tags. If the build is main or for a tag then the images are pushed to dockerhub and
# gcr; images are not pushed on pull requests.
jobs:
# GDS Backend Service
gds:
name: GDS
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set Environment
id: vars
run: |
echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/gds
gcr.io/trisa-gds/gds
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/gds/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64,darwin/arm64
build-args: |
GIT_REVISION=${{ steps.vars.outputs.revision }}
- name: Slack Notify GDS Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify GDS Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# GDS Backend for Front-End Service
gds-bff:
name: GDS BFF
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set Environment
id: vars
run: |
echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/gds-bff
gcr.io/trisa-gds/gds-bff
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/bff/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64,darwin/arm64
build-args: |
GIT_REVISION=${{ steps.vars.outputs.revision }}
- name: Slack Notify BFF Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify BFF Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# GDS User UI: vaspdirectory.net
gds-user-ui:
name: GDS UI
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set Environment
id: vars
run: |
echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/gds-user-ui
gcr.io/trisa-gds/gds-user-ui
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
# note: the build args cannot include REACT_APP_AUTH0_SCOPE without breaking;
# this may be related to the format of the build-args text string because the
# scope requires spaces and "openid profile email" may not be parsed correctly
context: .
file: ./containers/gds-user-ui/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
REACT_APP_TRISA_BASE_URL=https://bff.vaspdirectory.net/v1/
REACT_APP_ANALYTICS_ID=${{ secrets.REACT_APP_VASPDIRECTORY_ANALYTICS_ID }}
REACT_APP_VERSION_NUMBER=${{ steps.vars.outputs.tag }}
REACT_APP_GIT_REVISION=${{ steps.vars.outputs.revision }}
REACT_APP_AUTH0_DOMAIN=${{ secrets.REACT_APP_AUTH0_DOMAIN }}
REACT_APP_AUTH0_CLIENT_ID=${{ secrets.REACT_APP_AUTH0_CLIENT_ID }}
REACT_APP_AUTH0_REDIRECT_URI=https://vaspdirectory.net/auth/callback
REACT_APP_AUTH0_AUDIENCE=https://bff.vaspdirectory.net
REACT_APP_SENTRY_DSN=${{ secrets.REACT_APP_SENTRY_DSN }}
- name: Slack Notify User UI Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify User UI Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# GDS Admin UI: admin.vaspdirectory.net
gds-admin-ui:
name: GDS Admin UI
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/gds-admin-ui
gcr.io/trisa-gds/gds-admin-ui
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/gds-admin-ui/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
REACT_APP_VERSION_NUMBER=${{ steps.vars.outputs.tag }}
REACT_APP_GIT_REVISION=${{ steps.vars.outputs.revision }}
REACT_APP_GDS_API_ENDPOINT=https://api.admin.vaspdirectory.net/v2
REACT_APP_GDS_IS_TESTNET=false
REACT_APP_GOOGLE_CLIENT_ID=${{ secrets.REACT_APP_VASPDIRECTORY_CLIENT_ID }}
REACT_APP_SENTRY_DSN=${{ secrets.REACT_APP_ADMIN_SENTRY_DSN }}
- name: Slack Notify Admin UI Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify Admin UI Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# GDS TestNet Admin UI: admin.trisatest.net
gds-testnet-admin-ui:
name: GDS TestNet Admin UI
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/gds-testnet-admin-ui
gcr.io/trisa-gds/gds-testnet-admin-ui
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/gds-admin-ui/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
REACT_APP_VERSION_NUMBER=${{ steps.vars.outputs.tag }}
REACT_APP_GIT_REVISION=${{ steps.vars.outputs.revision }}
REACT_APP_GDS_API_ENDPOINT=https://api.admin.trisatest.net/v2
REACT_APP_GDS_IS_TESTNET=true
REACT_APP_GOOGLE_CLIENT_ID=${{ secrets.REACT_APP_TRISATEST_CLIENT_ID }}
REACT_APP_SENTRY_DSN=${{ secrets.REACT_APP_ADMIN_SENTRY_DSN }}
- name: Slack Notify TestNet Admin UI Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify TestNet Admin UI Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# Trtl - Globally Replicated Key-Value Store
trtl:
name: TRTL
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set Environment
id: vars
run: |
echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/trtl
gcr.io/trisa-gds/trtl
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/trtl/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64,darwin/arm64
build-args: |
GIT_REVISION=${{ steps.vars.outputs.revision }}
- name: Slack Notify Trtl Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify Trtl Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# Initialization container for trtl statefulsets
trtl-init:
name: TRTL Initialization Container
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/trtl-init
gcr.io/trisa-gds/trtl-init
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: ./containers/trtl-init
file: ./containers/trtl-init/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Slack Notify Trtl Init Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify Trtl Init Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# Cathy - Staging CA for Integration
cathy:
name: Cathy CA
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set Environment
id: vars
run: |
echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/cathy
gcr.io/trisa-gds/cathy
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/cathy/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64,darwin/arm64
build-args: |
GIT_REVISION=${{ steps.vars.outputs.revision }}
- name: Slack Notify Cathy Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify Cathy Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger
# Maintenance mode placeholder for web uis
maintenance:
name: Maintenance Site Container
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as basenames for tags
# this should be configured for each container built
images: |
trisa/maintenance
gcr.io/trisa-gds/maintenance
tags: |
type=semver,pattern={{raw}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix=,suffix=,format=short
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Login to GCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: gcr.io
username: _json_key
password: ${{ secrets.GCR_SERVICE_ACCOUNT }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
with:
# context and Dockerfile - should be configured for each image
context: .
file: ./containers/maintenance/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Slack Notify Maintenance Build Success
if: success()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: SUCCESS
color: good
- name: Slack Notify Maintenance Build Fail
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/[email protected]
with:
channel: gds-containers
status: FAILED
color: danger