-
Notifications
You must be signed in to change notification settings - Fork 7
130 lines (117 loc) · 4.61 KB
/
publish_container.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Publish version tag
on:
merge_group:
pull_request:
branches:
- main
paths-ignore:
- ".github/**"
- ".gitignore"
- "**/*.md"
- "charts/**"
- "Makefile"
- "sda-admin/**"
- "tools/*"
types: [ closed ]
jobs:
tag_release:
if: github.event.pull_request.merged == true
name: tag version
outputs:
part: ${{ steps.bump_tag.outputs.part }}
tag: ${{ steps.bump_tag.outputs.tag }}
new_tag: ${{ steps.bump_tag.outputs.new_tag }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: '0'
- name: Bump version and push tag
id: bump_tag
uses: anothrNick/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WITH_V: true
DEFAULT_BUMP: patch
push_to_registry:
needs: tag_release
if: needs.tag_release.outputs.tag != ''
name: Push Docker image to Github Container registry
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Log in to the Github Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Pull PR containers
run : |
for t in -download -postgres -rabbitmq -sftp-inbox; do
docker pull ghcr.io/${{ github.repository }}:PR${{ github.event.number }}$t
done
docker pull ghcr.io/${{ github.repository }}:PR${{ github.event.number }}
- name: Retag PR image for download
run: |
docker tag ghcr.io/${{ github.repository }}:PR${{ github.event.number }}-download ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-download
docker push ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-download
- name: Retag PR image for postgres
run: |
docker tag ghcr.io/${{ github.repository }}:PR${{ github.event.number }}-postgres ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-postgres
docker push ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-postgres
- name: Retag PR image for rabbitmq
run: |
docker tag ghcr.io/${{ github.repository }}:PR${{ github.event.number }}-rabbitmq ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-rabbitmq
docker push ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-rabbitmq
- name: Retag PR image for sftp-inbox
run: |
docker tag ghcr.io/${{ github.repository }}:PR${{ github.event.number }}-sftp-inbox ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-sftp-inbox
docker push ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}-sftp-inbox
- name: Retag PR image for sensitive-data-archive
run: |
docker tag ghcr.io/${{ github.repository }}:PR${{ github.event.number }} ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}
docker push ghcr.io/${{ github.repository }}:${{ needs.tag_release.outputs.tag }}
bump_chart_version:
needs: [tag_release, push_to_registry]
if: ${{ needs.tag_release.outputs.tag != '' && needs.push_to_registry.result == 'success' }}
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: '0'
- name: Install PyBump
run: |
python3 -m pip install pybump
shell: bash
- name: Automated Version Bump
id: version-bump
run: |
for name in sda-db sda-mq sda-svc; do
pybump set --file charts/"$name"/Chart.yaml --set-version ${{ needs.tag_release.outputs.tag }} --app-version
pybump bump --file charts/"$name"/Chart.yaml --level patch
done
shell: bash
- name: Create Pull Request
uses: peter-evans/create-pull-request@v7
with:
token: ${{ secrets.GHCR_TOKEN }}
commit-message: Bump chart version
author: neicnordic <[email protected]>
base: main
branch: bump
delete-branch: true
title: '[charts] Bump version'
body: |
Bump the appVersion to: ${{ needs.tag_release.outputs.tag }}
labels: |
automated pr
team-reviewers: neicnordic/sensitive-data-development-collaboration