From ec9fb8af8f37b8ba54cc8e8289a11aa15f54c2c2 Mon Sep 17 00:00:00 2001 From: Thomas Burkhalter Date: Mon, 14 Oct 2024 23:18:58 +0200 Subject: [PATCH] Use image updater from hitobito --- .github/workflows/build-int-on-push.yaml | 8 ++- .../reusable_lint_test_build_update.yaml | 22 ++++++- .github/workflows/reusable_update_image.yaml | 59 ++++++++++++------- 3 files changed, 66 insertions(+), 23 deletions(-) diff --git a/.github/workflows/build-int-on-push.yaml b/.github/workflows/build-int-on-push.yaml index 227e31c..a54b736 100644 --- a/.github/workflows/build-int-on-push.yaml +++ b/.github/workflows/build-int-on-push.yaml @@ -13,9 +13,15 @@ jobs: build-image: uses: ./.github/workflows/reusable_lint_test_build_update.yaml with: + # repository: gitlab.puzzle.ch/pitc_ruby/deployments/decidim.git + # file: ./deployments/${{ needs.settings.outputs.namespace_name }}/kustomization.yaml + # image_tag: ${{ needs.version.outputs.version }} + # image_ref: rails + # identifier: ${{ needs.settings.outputs.namespace_name }} + image_repo: "https://harbor.puzzle.ch" image_url: "harbor.puzzle.ch/decidim/stzh-int-rails" configmanagement: "gitlab.puzzle.ch/pitc_ruby/deployments/decidim/" configmanagement_branch: "main" - kustomization_path: "./deployments/pitc-stzh-decidim-int/kustomization.yaml" + kustomization_path: "./deployments/pitc-decidim-stzh-int/kustomization.yaml" secrets: inherit diff --git a/.github/workflows/reusable_lint_test_build_update.yaml b/.github/workflows/reusable_lint_test_build_update.yaml index 6af2030..2881088 100644 --- a/.github/workflows/reusable_lint_test_build_update.yaml +++ b/.github/workflows/reusable_lint_test_build_update.yaml @@ -39,12 +39,30 @@ jobs: repository_url: ${{ inputs.image_repo }} images: ${{ inputs.image_url }} flavor: latest=true - update_tag: + + extract_info: needs: [build] + runs-on: 'ubuntu-latest' + outputs: + version: ${{ steps.extracted.outputs.version }} + steps: + - name: Save JSON + run: echo '${{ needs.build.outputs.json }}' > build_info.json + - name: Extract version + id: get_version + uses: mikefarah/yq@master + with: + cmd: yq -r '(.tags[] | select(. | test("sha-"))) | sub(".*(sha-.*)","${1}")' build_info.json + - name: Prepare outputs + id: extracted + run: echo 'version=${{ steps.get_version.outputs.result }}' >> "$GITHUB_OUTPUT" + + update_tag: + needs: [build, extract_info] uses: ./.github/workflows/reusable_update_image.yaml secrets: inherit with: repository: ${{ inputs.configmanagement }} repository_branch: ${{ inputs.configmanagement_branch }} file: ${{ inputs.kustomization_path }} - json: ${{ needs.build.outputs.json }} + image_tag: ${{ needs.extract_info.outputs.version }} diff --git a/.github/workflows/reusable_update_image.yaml b/.github/workflows/reusable_update_image.yaml index d91bb6b..9d70ce2 100644 --- a/.github/workflows/reusable_update_image.yaml +++ b/.github/workflows/reusable_update_image.yaml @@ -19,16 +19,16 @@ on: required: false default: 'git' repository_branch: - description: "The branch that should be edited" + description: 'Branch on the repository to edit' type: string required: false - default: main + default: 'main' file: description: 'File in the repo to update' type: string required: true - json: - description: 'Image tag to update the image to' + image_tag: + description: 'Tag to be set' type: string required: true image_ref: @@ -36,48 +36,67 @@ on: type: string required: false default: rails + identifier: + description: 'Identifier for commit-message, could be a namespace or project-name' + type: string + required: false + default: 'deployment' secrets: REPOSITORY_TOKEN: - description: 'Token for repository login' + description: 'Token for repository login, e.g. gitlab-token as Dev with R/W rights on content' required: true jobs: write_tag: - environment: deploy runs-on: 'ubuntu-latest' steps: - name: Pull from repository env: REPO_URL: ${{ inputs.repository }} REPO_USER: ${{ inputs.repository_username }} - REPO_TOKEN: ${{ secrets.REPOSITORY_TOKEN }} REPO_BRANCH: ${{ inputs.repository_branch }} + REPO_TOKEN: ${{ secrets.REPOSITORY_TOKEN }} run: | git clone https://${REPO_USER}:${REPO_TOKEN}@${REPO_URL} ./management_repo cd ./management_repo - git switch ${REPO_BRANCH} - git config user.name "Decidim Github Action Image updater" + git config user.name "Github Action Image updater" git config user.email "robot@puzzle.ch" git remote set-url origin "https://${REPO_USER}:${REPO_TOKEN}@${REPO_URL}" - - name: Update image tag + git switch ${REPO_BRANCH} + cd ../ + - name: Read old tag + id: get_old_image_tag + uses: mikefarah/yq@master + env: + FILE: ./management_repo/${{ inputs.file }} + IMAGE_REF: ${{ inputs.image_ref }} + with: + cmd: | + yq '.images.[] | select(.name == env(IMAGE_REF)).newTag' "${FILE}" + - name: Update image tag if it is newer + if: inputs.image_tag != steps.get_old_image_tag.outputs.result + id: set_image_tag uses: mikefarah/yq@master env: - FILE: ${{ inputs.file }} IMAGE_REF: ${{ inputs.image_ref }} - JSON: ${{ inputs.json }} + NEW_TAG: ${{ inputs.image_tag }} + OLD_TAG: ${{ steps.get_old_image_tag.outputs.result }} + FILE: ./management_repo/${{ inputs.file }} with: cmd: | - ls -lha - # TAG=$(echo "${JSON}" | yq -r '.tags[] | select(. | test("sha-"))') - # echo $TAG - # yq -i '.images.[] | select(.name == env(IMAGE_REF)) += {"newTag": env(TAG)}' "${FILE}" + yq -i '(.images.[] | select(.name == env(IMAGE_REF)).newTag) |= env(NEW_TAG)' "${FILE}" - name: Commit & push back to repository + if: inputs.image_tag != steps.get_old_image_tag.outputs.result env: + REPO_BRANCH: ${{ inputs.repository_branch }} IMAGE_REF: ${{ inputs.image_ref }} - TAG: ${{ inputs.tag }} + OLD_TAG: ${{ steps.get_old_image_tag.outputs.result }} + NEW_TAG: ${{ inputs.image_tag }} + PARENT: ${{ inputs.identifier }} run: | + cd ./management_repo + echo git diff git add . - git commit -m "Setting image reference of '${IMAGE_REF} to '${TAG}'" - git push origin master - + git commit -m "Update ${PARENT}/${IMAGE_REF} from '${OLD_TAG}' to '${NEW_TAG}'" + git push origin "${REPO_BRANCH}"