From 7fa8154e1206caa34bc3ff6f7b1e18e3cb8635ff Mon Sep 17 00:00:00 2001 From: Lachie Underhill Date: Fri, 23 Aug 2024 17:39:33 +1000 Subject: [PATCH] ci: overhaul release and publish workflow --- .../{publish.yml => create-release.yml} | 14 ++------ .../{build-docker.yml => publish-docker.yml} | 34 +++++-------------- 2 files changed, 12 insertions(+), 36 deletions(-) rename .github/workflows/{publish.yml => create-release.yml} (70%) rename .github/workflows/{build-docker.yml => publish-docker.yml} (68%) diff --git a/.github/workflows/publish.yml b/.github/workflows/create-release.yml similarity index 70% rename from .github/workflows/publish.yml rename to .github/workflows/create-release.yml index 81059458..b455dc48 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/create-release.yml @@ -1,21 +1,13 @@ name: Publish on: - workflow_run: - workflows: [Build and Publish Docker Image] - types: - - completed + push: branches: - main concurrency: ${{ github.workflow }}-${{ github.ref }} -permissions: - contents: write - pull-requests: write - jobs: - publish: - if: ${{ github.event.workflow_run.conclusion == 'success' }} + create-release-or-publish: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -32,6 +24,6 @@ jobs: with: title: "Version Packages" commit: "chore(release): version packages" - publish: pnpm changeset tag + publish: pnpm changeset publish env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-docker.yml b/.github/workflows/publish-docker.yml similarity index 68% rename from .github/workflows/build-docker.yml rename to .github/workflows/publish-docker.yml index b6943be6..fe7e557d 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/publish-docker.yml @@ -1,11 +1,9 @@ name: "Build and Publish Docker Image" on: - push: - branches: - - main - tags: - - "*" + release: + types: + - published env: REGISTRY: ghcr.io @@ -23,44 +21,30 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: pnpm/action-setup@v4 - - uses: actions/setup-node@v4 - with: - node-version: 20.x - cache: "pnpm" - - run: pnpm install --frozen-lockfile - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - name: Log in to the Container registry uses: docker/login-action@v3 - if: github.event_name != 'pull_request' with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image id: push uses: docker/build-push-action@v6 with: context: . - push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - name: Generate artifact attestation uses: actions/attest-build-provenance@v1 - if: github.event_name != 'pull_request' with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} subject-digest: ${{ steps.push.outputs.digest }}