chore(deps): update alpine docker tag to v3.21 (#239) #1471
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ main ] | |
tags: [ 'v[0-9]+.[0-9]+.[0-9]+*' ] | |
pull_request: {} | |
env: | |
GO_VERSION: "1.23" | |
BUILD_PLATFORMS: linux/amd64,linux/arm64 | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Cache Go tools | |
uses: actions/cache@v4 | |
with: | |
path: ~/go/bin | |
key: ${{ runner.os }}-go-tools-${{ hashFiles('tools/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go-tools- | |
- name: Sanity check | |
run: make check | |
- name: Build | |
run: make build | |
- name: Lint | |
run: make lint | |
- name: Unit test | |
run: make test | |
docker: | |
runs-on: ubuntu-latest | |
needs: build | |
outputs: | |
version: ${{ steps.docker_push.outputs.version }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
# Don't use merge ref to ensure sha- image tag is accurate | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- id: docker_push | |
name: Push Docker image to GHCR | |
uses: ./.github/actions/push-docker-image | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
platforms: ${{ env.BUILD_PLATFORMS }} | |
- name: Push Docker image to Quay | |
uses: ./.github/actions/push-docker-image | |
with: | |
registry: quay.io | |
repository: domino/hephaestus | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
platforms: ${{ env.BUILD_PLATFORMS }} | |
helm: | |
runs-on: ubuntu-latest | |
needs: docker | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Helm | |
uses: azure/setup-helm@v4 | |
with: | |
version: v3.15.4 | |
- id: helm_pkg | |
name: Package Helm chart | |
shell: bash | |
run: | | |
app_version="${{ needs.docker.outputs.version }}" | |
if [[ $app_version =~ ^(pr-[[:digit:]]+|main)$ ]]; then | |
semantic_version="0.0.0-$app_version" | |
else | |
semantic_version=$app_version | |
fi | |
helm package deployments/helm/hephaestus --app-version "$app_version" --version "$semantic_version" | |
echo "artifact=hephaestus-${semantic_version}.tgz" >> $GITHUB_OUTPUT | |
- name: Push Helm chart to GHCR | |
uses: ./.github/actions/push-helm-chart | |
with: | |
registry: ghcr.io | |
namespace: "${{ github.repository_owner }}/helm" | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
artifact: ${{ steps.helm_pkg.outputs.artifact }} | |
- name: Push Helm chart to GCR | |
uses: ./.github/actions/push-helm-chart | |
with: | |
registry: gcr.io | |
namespace: ${{ secrets.GCR_NAMESPACE }} | |
username: ${{ secrets.GCR_USERNAME }} | |
password: ${{ secrets.GCR_PASSWORD }} | |
password_base64_encoded: "true" | |
artifact: ${{ steps.helm_pkg.outputs.artifact }} | |
sdks: | |
runs-on: ubuntu-latest | |
needs: build | |
env: | |
MAVEN_DOCKER_IMAGE: maven:3-eclipse-temurin-17 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Generate SDKS | |
run: | | |
export BRANCH_NAME=$(echo ${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} | sed -r 's|/+|-|g') | |
make sdks | |
- name: Generate Java JAR | |
run: | | |
docker run -q --rm \ | |
--workdir /wd \ | |
--volume $HOME/.m2:/root/.m2 \ | |
--volume $(pwd)/sdks/java:/wd \ | |
$MAVEN_DOCKER_IMAGE mvn --settings settings.xml package | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: hephaestus-client-java.jar | |
path: sdks/java/target/*.jar | |
if-no-files-found: error | |
- name: Publish JAR to GitHub | |
run: | | |
docker run --rm \ | |
--workdir /wd \ | |
--volume $HOME/.m2:/root/.m2 \ | |
--volume $(pwd)/sdks/java:/wd \ | |
--env ARTIFACTORY_USERNAME=${{ secrets.ARTIFACTORY_USERNAME }} \ | |
--env ARTIFACTORY_PASSWORD=${{ secrets.ARTIFACTORY_PASSWORD }} \ | |
--env GITHUB_USERNAME=${{ github.actor }} \ | |
--env GITHUB_PASSWORD=${{ secrets.GITHUB_TOKEN }} \ | |
$MAVEN_DOCKER_IMAGE mvn --settings settings.xml --activate-profiles github -DskipTests deploy | |
- name: Publish Jar to Artifactory | |
uses: nick-fields/retry@v3 | |
with: | |
retry_on: error | |
max_attempts: 10 | |
timeout_minutes: 1 | |
retry_wait_seconds: 5 | |
command: | | |
docker run --rm \ | |
--workdir /wd \ | |
--volume $HOME/.m2:/root/.m2 \ | |
--volume $(pwd)/sdks/java:/wd \ | |
--env ARTIFACTORY_USERNAME=${{ secrets.ARTIFACTORY_USERNAME }} \ | |
--env ARTIFACTORY_PASSWORD=${{ secrets.ARTIFACTORY_PASSWORD }} \ | |
--env GITHUB_USERNAME=${{ github.actor }} \ | |
--env GITHUB_PASSWORD=${{ secrets.GITHUB_TOKEN }} \ | |
$MAVEN_DOCKER_IMAGE mvn --settings settings.xml --activate-profiles artifactory -DskipTests deploy |