Merge pull request #131 from velocitycareerlabs/chore/qa-to-staging-2… #133
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Packages and Images | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - master | |
| - staging | |
| - qa | |
| - dev | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # TODO These jobs reuse the same first 7 steps. Replace with https://github.com/actions/runner/issues/438 | |
| # TODO Instead of suffixing with sha's should suffix with file hashes. In pseudo code we want to => determine all package/server hashes => set versions => filter out existent packages => publish all missing packages/servers | |
| jobs: | |
| # Version Packages | |
| build-server-images: | |
| name: Build Server Images | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image_sha: ${{ env.image_sha }} | |
| steps: | |
| # Checkout Repository | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| # Set Slug | |
| - name: Inject slug/short variables | |
| uses: rlespinasse/github-slug-action@v4 | |
| with: | |
| short-length: 8 | |
| # Set Server Name | |
| - name: Set Server Name | |
| run: echo 'SERVER_NAME=fineract' >> $GITHUB_ENV | |
| # Set Common Variables | |
| - name: Set Common Variables | |
| run: bash ./eng/environments/common.sh | |
| # Set Dev Variables | |
| - name: Set Dev Variables | |
| run: bash ./eng/environments/dev.sh | |
| if: github.ref == 'refs/heads/dev' | |
| # Set QA Variables | |
| - name: Set QA Variables | |
| run: bash ./eng/environments/qa.sh | |
| if: github.ref == 'refs/heads/qa' | |
| # Set Staging Variables | |
| - name: Set Staging Variables | |
| run: bash ./eng/environments/staging.sh | |
| if: github.ref == 'refs/heads/staging' | |
| # Set Prod Variables | |
| - name: Set Prod Variables | |
| run: bash ./eng/environments/prod.sh | |
| if: github.ref == 'refs/heads/master' | |
| # Create GitHub Container Tags | |
| - name: Create GitHub Container Tags | |
| run: | | |
| echo "GITHUB_MAIN_TAG=${{ env.TARGET_CONTAINER_REG }}/${{ env.CONTAINER_REPOSITORY_NAME }}:${{ env.CONTAINER_MAIN_TAG }}" >> $GITHUB_ENV | |
| echo "GITHUB_VER_TAG=${{ env.TARGET_CONTAINER_REG }}/${{ env.CONTAINER_REPOSITORY_NAME }}:${{ env.VER_NUM }}" >> $GITHUB_ENV | |
| # Login to GitHub Packages Container Registry | |
| - name: Login to GitHub Packages Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ env.TARGET_ORG }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.TARGET_CONTAINER_REG }} | |
| # Build and Push to GitHub | |
| - name: Build and Push to GitHub | |
| id: github-build-stage | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| push: true | |
| tags: | | |
| ${{ env.GITHUB_MAIN_TAG }} | |
| ${{ env.GITHUB_VER_TAG }} | |
| build-args: | | |
| FINERACT_SECURITY_AUTH0_DOMAIN=${{ env.FINERACT_SECURITY_AUTH0_DOMAIN }} | |
| FINERACT_SECURITY_AUTH0_ISSUER_URI=${{ env.FINERACT_SECURITY_AUTH0_ISSUER_URI }} | |
| FINERACT_SECURITY_AUTH0_AUDIENCE=${{ env.FINERACT_SECURITY_AUTH0_AUDIENCE }} | |
| # SHA digest used for Prod env | |
| - name: Image id as env | |
| run: echo "image_sha=${{ steps.github-build-stage.outputs.digest }}" >> $GITHUB_ENV | |
| push-to-ecr: | |
| needs: build-server-images | |
| name: Push to ECR | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout Repository | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| # Set Slug | |
| - name: Inject slug/short variables | |
| uses: rlespinasse/github-slug-action@v4 | |
| with: | |
| short-length: 8 | |
| # Set Server Name | |
| - name: Set Server Name | |
| run: echo 'SERVER_NAME=fineract' >> $GITHUB_ENV | |
| # Set Common Variables | |
| - name: Set Common Variables | |
| run: bash ./eng/environments/common.sh | |
| # Set Dev Variables | |
| - name: Set Dev Variables | |
| run: bash ./eng/environments/dev.sh | |
| if: github.ref == 'refs/heads/dev' | |
| # Set QA Variables | |
| - name: Set QA Variables | |
| run: bash ./eng/environments/qa.sh | |
| if: github.ref == 'refs/heads/qa' | |
| # Set Staging Variables | |
| - name: Set Staging Variables | |
| run: bash ./eng/environments/staging.sh | |
| if: github.ref == 'refs/heads/staging' | |
| # Set Prod Variables | |
| - name: Set Prod Variables | |
| run: bash ./eng/environments/prod.sh | |
| if: github.ref == 'refs/heads/master' | |
| # Create GitHub Container Tags | |
| - name: Create GitHub Container Tags | |
| run: | | |
| echo "GITHUB_VER_TAG=${{ env.TARGET_CONTAINER_REG }}/${{ env.CONTAINER_REPOSITORY_NAME }}:${{ env.VER_NUM }}" >> $GITHUB_ENV | |
| # Login to GitHub Packages Container Registry | |
| - name: Login to GitHub Packages Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ env.TARGET_ORG }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.TARGET_CONTAINER_REG }} | |
| # Pull from GitHub | |
| - name: Pull from GitHub | |
| run: docker pull $GITHUB_VER_TAG | |
| # Configure AWS credentials | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| # Login to Amazon ECR | |
| - name: Login to Amazon ECR | |
| id: ecr-login | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| # Create AWS Container Tags | |
| - name: Create GitHub Container Tags | |
| env: | |
| ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }} | |
| run: | | |
| echo "AWS_MAIN_TAG=${{ env.ECR_REGISTRY }}/${{ env.SERVER_NAME }}:${{ env.CONTAINER_MAIN_TAG }}" >> $GITHUB_ENV | |
| echo "AWS_VER_TAG=${{ env.ECR_REGISTRY }}/${{ env.SERVER_NAME }}:${{ env.VER_NUM }}" >> $GITHUB_ENV | |
| # Tag Image | |
| - name: Tag Image | |
| env: | |
| ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }} | |
| run: | | |
| docker tag $GITHUB_VER_TAG $AWS_MAIN_TAG | |
| docker tag $GITHUB_VER_TAG $AWS_VER_TAG | |
| # Push to Amazon ECR | |
| - name: Push Image | |
| id: push-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.ecr-login.outputs.registry }} | |
| run: | | |
| docker push $AWS_MAIN_TAG | |
| docker push $AWS_VER_TAG | |
| update-tfenv-versions: | |
| needs: | |
| - build-server-images | |
| - push-to-ecr | |
| name: Update tfvars | |
| runs-on: ubuntu-latest | |
| env: | |
| IMAGE_SHA: ${{ needs.build-server-images.outputs.image_sha }} | |
| UPDATE_SERVICE_NAME: 'fineract' | |
| steps: | |
| # Checkout monorepo repository | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| # Set Slug | |
| - name: Inject slug/short variables | |
| uses: rlespinasse/github-slug-action@v4 | |
| with: | |
| short-length: 8 | |
| # Set Common Variables | |
| - name: Set Common Variables | |
| run: bash ./eng/environments/common.sh | |
| # Set Dev Variables | |
| - name: Set Dev Variables | |
| run: bash ./eng/environments/dev.sh | |
| if: github.ref == 'refs/heads/dev' | |
| # Set QA Variables | |
| - name: Set QA Variables | |
| run: bash ./eng/environments/qa.sh | |
| if: github.ref == 'refs/heads/qa' | |
| # Set Staging Variables | |
| - name: Set Staging Variables | |
| run: bash ./eng/environments/staging.sh | |
| if: github.ref == 'refs/heads/staging' | |
| # Set Prod Variables | |
| - name: Set Prod Variables | |
| run: bash ./eng/environments/prod.sh | |
| if: github.ref == 'refs/heads/master' | |
| # Run worflow update tf in monorepo | |
| - name: Run worflow update tf in monorepo | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ secrets.VNF_GITHUB_TOKEN }} | |
| script: | | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: 'velocitycareerlabs', | |
| repo: 'engineering', | |
| workflow_id: 'external-version-update.yml', | |
| ref: 'main', | |
| inputs: { | |
| 'config-env': '${{ github.ref_name }}', | |
| 'version': '${{ env.VER_NUM }}', | |
| 'service_name': '${{ env.UPDATE_SERVICE_NAME }}', | |
| 'image_sha': '${{ env.IMAGE_SHA }}' | |
| } | |
| }) |