Skip to content

test-success

test-success #1345

Workflow file for this run

name: Dagger CI Workflow
on:
repository_dispatch:
types: [test-success]
paths-ignore:
- '.github/**'
- 'auth/**'
workflow_dispatch: # manually triggered
env:
# Dagger
DAGGER_PLAN: cue.mod/pkg/github.com/3box/pipeline-tools/ci/plans/cas.cue
STATUS_PLAN: cue.mod/pkg/github.com/3box/pipeline-tools/ci/plans/status.cue
DAGGER_LOG_FORMAT: "plain"
# Secrets
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
GH_TOKEN: ${{ secrets.GH_TOKEN }}
# Miscellaneous
RUN_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
STATUS_URL: "https://api.github.com/repos/ceramicnetwork/ceramic-anchor-service/statuses/${{ github.event.client_payload.sha || github.sha }}"
BRANCH: ${{ github.event.client_payload.branch || github.ref_name }}
SHA: ${{ github.event.client_payload.sha || github.sha }}
jobs:
image:
name: Verify and publish Docker image
runs-on: ubuntu-latest
steps:
-
name: Checkout code
uses: actions/checkout@v3
with:
# Use specified SHA, otherwise use the branch
ref: ${{ github.event.client_payload.sha || env.BRANCH }}
-
name: Install Dagger
uses: dagger/dagger-for-github@v3
with:
install-only: true
version: "0.2.36"
-
name: Setup Dagger
run: |
dagger project init
dagger project update
dagger project update "github.com/3box/pipeline-tools/ci"
-
name: Set commit status "pending"
run: dagger do pending -p ${{ env.STATUS_PLAN }}
-
name: Set sha tag
run: |
SHA_TAG=$(echo ${{ env.SHA }} | head -c 12)
echo "SHA_TAG=$SHA_TAG" >> $GITHUB_ENV
-
name: Set main branch tag
if: ${{ env.BRANCH == 'main' }}
run: |
echo "ENV_TAG=prod" >> $GITHUB_ENV
-
name: Set rc branch tag
if: ${{ env.BRANCH == 'release-candidate' }}
run: |
echo "ENV_TAG=tnet" >> $GITHUB_ENV
-
name: Set develop branch tag
if: ${{ env.BRANCH == 'develop' || env.ENV_TAG == '' }}
run: |
echo "ENV_TAG=dev" >> $GITHUB_ENV
-
name: Verify Docker image
run: dagger do verify -p ${{ env.DAGGER_PLAN }}
-
name: Set publish flag
if: ${{ env.BRANCH == 'main' || env.BRANCH == 'release-candidate' || env.BRANCH == 'develop' }}
run: echo "PUBLISH=true" >> $GITHUB_ENV
-
name: Push private Docker image
if: ${{ env.PUBLISH == 'true' }}
run: dagger do push -w "actions:push:\"${{ env.AWS_REGION }}\":\"${{ env.ENV_TAG }}\":\"${{ env.BRANCH }}\":\"${{ env.SHA }}\":\"${{ env.SHA_TAG }}\":_" -p ${{ env.DAGGER_PLAN }}
-
name: Login to public ECR
if: ${{ env.BRANCH == 'develop' }}
uses: docker/login-action@v2
with:
registry: public.ecr.aws
username: ${{ env.AWS_ACCESS_KEY_ID }}
password: ${{ env.AWS_SECRET_ACCESS_KEY }}
env:
AWS_REGION: us-east-1
-
name: Push public Docker image
if: ${{ env.BRANCH == 'develop' }}
run: |
docker buildx build --load --target base -t 3box/cas .
docker tag 3box/cas:latest public.ecr.aws/r5b3e0r5/3box/cas:latest
docker push public.ecr.aws/r5b3e0r5/3box/cas:latest
-
name: Create deployment job
if: ${{ env.PUBLISH == 'true' }}
run: dagger do -l error deploy -w "actions:deploy:\"${{ env.AWS_REGION }}\":\"${{ env.ENV_TAG }}\":latest:\"${{ env.SHA_TAG }}\":_" -p ${{ env.DAGGER_PLAN }}
-
name: Set commit status "success"
run: dagger do success -p ${{ env.STATUS_PLAN }}
-
name: Set commit status "failure"
if: ${{ failure() }}
run: dagger do failure -p ${{ env.STATUS_PLAN }}