From d58774bedd952bd23fe11054055ab20b2033423f Mon Sep 17 00:00:00 2001 From: Tomo Norman Date: Thu, 25 Jan 2024 15:18:41 +0900 Subject: [PATCH] internal callable workflows --- .../callable_bump_described_version.yml | 53 ++++++++++++++++++ .github/workflows/callable_bump_version.yml | 51 +++++++++++++++++ .github/workflows/callable_dockerbuild.yml | 55 +++++++++++++++++++ .github/workflows/callable_publish.yml | 53 ++++++++++++++++++ .github/workflows/development_deploy.yml | 6 +- .github/workflows/main.yml | 6 +- 6 files changed, 218 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/callable_bump_described_version.yml create mode 100644 .github/workflows/callable_bump_version.yml create mode 100644 .github/workflows/callable_dockerbuild.yml create mode 100644 .github/workflows/callable_publish.yml diff --git a/.github/workflows/callable_bump_described_version.yml b/.github/workflows/callable_bump_described_version.yml new file mode 100644 index 0000000..dc5fa19 --- /dev/null +++ b/.github/workflows/callable_bump_described_version.yml @@ -0,0 +1,53 @@ +name: "Bump version using git describe" + +on: + workflow_call: + outputs: + version: + description: "The new version determined by this workflow" + value: "${{ jobs.bump.outputs.version }}" + +jobs: + bump: + runs-on: ubuntu-22.04 + outputs: + version: ${{ steps.bump_version.outputs.version }} + steps: + - uses: actions/checkout@v3 + with: + # This fetches the entire git history, including tags. + # Needed in order to bump versions using bump-version + fetch-depth: 0 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install bump-my-version + + - name: Bump version + id: bump_version + env: + GIT_NAME: ${{ github.event.head_commit.author.name }} + GIT_EMAIL: ${{ github.event.head_commit.author.email }} + REF: ${{ github.ref }} + run: | + git config user.email $GIT_EMAIL + git config user.name "$GIT_NAME" + + # Determine new version by cutting the output of git describe + # We do this such that the versioning is based on how many commits we are away from main + # Not bullet proof, but allows some freedom in deploying development releases + MAJORMINOR=$(git describe --abbrev=0 | cut -c2- | cut -d "." -f1,2) + PATCH=$(git describe | cut -d "-" -f2) + export VERSION=$MAJORMINOR.$PATCH + bump-my-version --tag --new-version $VERSION + + git push --tags + export VERSION=$(git describe --abbrev=0 | cut -c2- ) + echo "New version: $VERSION" + echo "version=$VERSION" >> "$GITHUB_OUTPUT" \ No newline at end of file diff --git a/.github/workflows/callable_bump_version.yml b/.github/workflows/callable_bump_version.yml new file mode 100644 index 0000000..cbd5904 --- /dev/null +++ b/.github/workflows/callable_bump_version.yml @@ -0,0 +1,51 @@ +name: "Bump version" + +on: + workflow_call: + inputs: + bump_part: + default: 'minor' + type: string + description: "The semver component to bump(major, minor, patch)" + outputs: + version: + description: "The new version determined by this workflow" + value: "${{ jobs.bump.outputs.version }}" + +jobs: + bump: + runs-on: ubuntu-22.04 + outputs: + version: ${{ steps.bump_version.outputs.version }} + steps: + - uses: actions/checkout@v3 + with: + # This fetches the entire git history, including tags. + # Needed in order to bump versions using bump-version + fetch-depth: 0 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install bump-my-version + + - name: Bump version + id: bump_version + env: + GIT_NAME: ${{ github.event.head_commit.author.name }} + GIT_EMAIL: ${{ github.event.head_commit.author.email }} + REF: ${{ github.ref }} + run: | + git config user.email $GIT_EMAIL + git config user.name "$GIT_NAME" + + bump-my-version --tag --current-version $(git describe --abbrev=0) ${{ inputs.bump_part }} + git push --tags + export VERSION=$(git describe --abbrev=0 | cut -c2- ) + echo "New version: $VERSION" + echo "version=$VERSION" >> "$GITHUB_OUTPUT" \ No newline at end of file diff --git a/.github/workflows/callable_dockerbuild.yml b/.github/workflows/callable_dockerbuild.yml new file mode 100644 index 0000000..112f77e --- /dev/null +++ b/.github/workflows/callable_dockerbuild.yml @@ -0,0 +1,55 @@ +name: "CD: Build docker container" + +on: + workflow_call: + inputs: + version: + required: true + type: string + repository_name: + required: true + type: string + dockerfile: + default: 'Dockerfile' + type: string + build_context: + default: '.' + type: string + secrets: + access_key_id: + required: true + secret_access_key: + required: true + aws_region: + required: true + +jobs: + build_docker: + runs-on: ubuntu-22.04 + + steps: + - name: Get the source + uses: actions/checkout@v3 + + # Needed for building to ECR + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.access_key_id }} + aws-secret-access-key: ${{ secrets.secret_access_key}} + aws-region: ${{ secrets.aws_region }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + with: + mask-password: "true" + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build, tag, and push docker image to Amazon ECR Public + env: + REGISTRY: ${{ steps.login-ecr.outputs.registry }} + run: | + docker build --push --file ${{ inputs.dockerfile }} -t $REGISTRY/${{ inputs.repository_name }}:${{ github.sha }} -t $REGISTRY/${{ inputs.repository_name }}:${{ inputs.version }} ${{ inputs.build_context}} \ No newline at end of file diff --git a/.github/workflows/callable_publish.yml b/.github/workflows/callable_publish.yml new file mode 100644 index 0000000..fb0dc97 --- /dev/null +++ b/.github/workflows/callable_publish.yml @@ -0,0 +1,53 @@ +name: "CD: Publish docker images in gitops(update version number)" + +on: + workflow_call: + inputs: + tag: + required: true + type: string + repository_name: + required: true + type: string + environment: + required: true + type: string + secrets: + gitops_repo_pat: + required: true + +jobs: + publish: + runs-on: ubuntu-22.04 + steps: + - name: Checkout gitops + uses: actions/checkout@v3 + with: + token: ${{ secrets.gitops_repo_pat }} + repository: art-e-fact/gitops + ref: main + + - name: Update image tag + run: find . -type f -wholename "**/${{ inputs.environment }}/**" -exec sed -i "s&${{ inputs.repository_name }}:[a-zA-Z0-9.]*&${{ inputs.repository_name }}:${{ inputs.tag }}&g" {} + + + - name: "Debug: Show changes to the repo" + run: git status + + - name: Create PR + uses: peter-evans/create-pull-request@v4 + with: + token: ${{ secrets.gitops_repo_pat }} + # Branches will be unique + branch-suffix: short-commit-hash + commit-message: bump docker image for ${{ github.event.repository.name }} to ${{ inputs.tag }} + title: "Update ${{ github.event.repository.name }} (environment: ${{ inputs.environment }}) to ${{ inputs.tag }}" + body: | + ️⚠️**Automatically generated**⚠️ + The docker container for version `${{ inputs.tag }}` of ${{ github.event.repository.name}} was successfully built - this PR deploys it to ${{ inputs.environment }}. + + ## More details + * Repository: ${{ github.server_url }}/${{ github.repository }} + * Commit: ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} + * Github Action run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} + branch: ${{ github.event.repository.name}}-bump + team-reviewers: "${{ (inputs.environment != 'development' && 'infra') || ''}}" \ No newline at end of file diff --git a/.github/workflows/development_deploy.yml b/.github/workflows/development_deploy.yml index 45a908a..4809219 100644 --- a/.github/workflows/development_deploy.yml +++ b/.github/workflows/development_deploy.yml @@ -8,10 +8,10 @@ jobs: test: uses: ./.github/workflows/callable_ci.yml bump_version: - uses: art-e-fact/reusable-gha-workflows/.github/workflows/callable_bump_described_version.yml@main + uses: ./.github/workflows/callable_bump_described_version.yml needs: [test] build: - uses: art-e-fact/reusable-gha-workflows/.github/workflows/callable_dockerbuild.yml@main + uses: ./.github/workflows/callable_dockerbuild.yml with: version: ${{needs.bump_version.outputs.version}} repository_name: application/${{ github.event.repository.name }} @@ -21,7 +21,7 @@ jobs: aws_region: ${{ secrets.AWS_REGION }} needs: [bump_version] publish: - uses: art-e-fact/reusable-gha-workflows/.github/workflows/callable_publish.yml@main + uses: ./.github/workflows/callable_publish.yml with: tag: ${{needs.bump_version.outputs.version}} environment: development diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3d05666..2451a1d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,12 +11,12 @@ jobs: test: uses: ./.github/workflows/callable_ci.yml bump_version: - uses: art-e-fact/reusable-gha-workflows/.github/workflows/callable_bump_version.yml@main + uses: ./.github/workflows/callable_bump_version.yml with: bump_part: minor needs: [test] build: - uses: art-e-fact/reusable-gha-workflows/.github/workflows/callable_dockerbuild.yml@main + uses: ./.github/workflows/callable_dockerbuild.yml with: version: ${{needs.bump_version.outputs.version}} repository_name: application/${{ github.event.repository.name }} @@ -26,7 +26,7 @@ jobs: aws_region: ${{ secrets.AWS_REGION }} needs: [bump_version] publish: - uses: art-e-fact/reusable-gha-workflows/.github/workflows/callable_publish.yml@main + uses: ./.github/workflows/callable_publish.yml with: tag: ${{needs.bump_version.outputs.version}} environment: production