-
Notifications
You must be signed in to change notification settings - Fork 2
116 lines (101 loc) · 3.86 KB
/
test.yml
File metadata and controls
116 lines (101 loc) · 3.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Test
on:
push:
branches:
- develop
pull_request: ~
permissions:
actions: read
contents: write
issues: write
pull-requests: write
id-token: write
env:
PYTHONUNBUFFERED: 1
jobs:
ci:
runs-on: ubuntu-24.04
steps:
- name: Checkout Code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # ratchet:actions/checkout@v6.0.1
with:
fetch-depth: 2
- name: Install Python
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # ratchet:actions/setup-python@v6.1.0
with:
python-version: "3.12"
- name: Setup mise
uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # ratchet:jdx/mise-action@v3.5.1
with:
install: true
cache: true
experimental: true
- name: Run CI
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
mise run install
mise run ci
build:
name: Build and Push Docker Image
runs-on: ubuntu-24.04
steps:
- name: Checkout Code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # ratchet:actions/checkout@v6.0.1
with:
fetch-depth: 2
- name: Set environment variables
run: |
if [[ ${{ github.event_name }} != 'pull_request' ]]; then
echo "GIT_SHORT_HASH=$(echo ${{ github.sha }} | cut -c -7)" >> $GITHUB_ENV
else
echo "GIT_SHORT_HASH=$(echo ${{ github.event.pull_request.head.sha }} | cut -c -7)" >> $GITHUB_ENV
fi
- name: Decode cluster key
env:
SECRET_ENV: ${{ secrets.CLUSTER_KEY }}
run: echo $SECRET_ENV | base64 -d > cluster.key
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # ratchet:aws-actions/configure-aws-credentials@v5.1.1
with:
role-to-assume: arn:aws:iam::610829907584:role/default-github-actions-ci-role
role-session-name: ${{ github.repository_owner }}-${{ github.event.repository.name }}
aws-region: ap-southeast-2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # ratchet:docker/setup-buildx-action@v3.12.0
- name: Login to Amazon ECR
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # ratchet:aws-actions/amazon-ecr-login@v2
- name: Build and push image
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # ratchet:docker/build-push-action@v6
with:
context: "."
file: Dockerfile
cache-from: type=gha
cache-to: type=gha, mode=max
provenance: false
platforms: linux/amd64,linux/arm64
push: true
tags: |
610829907584.dkr.ecr.ap-southeast-2.amazonaws.com/gitops:test-${{ env.GIT_SHORT_HASH }}
- name: Prepare Docker image comment
id: docker_comment
if: github.event_name == 'pull_request'
run: |
{
echo "comment<<EOF"
echo "## Docker Images"
echo ""
echo "**Commit:** \`${{ github.event.pull_request.head.sha }}\`"
echo ""
echo "| Tag |"
echo "| --- |"
echo "| \`610829907584.dkr.ecr.ap-southeast-2.amazonaws.com/gitops:test-${{ env.GIT_SHORT_HASH }}\` |"
echo "EOF"
} >> "$GITHUB_OUTPUT"
- name: Comment Docker images on PR
if: github.event_name == 'pull_request'
uses: marocchino/sticky-pull-request-comment@67d0dec7b07ed060a405f9b2a64b8ab319fdd7db # ratchet:marocchino/sticky-pull-request-comment@v2.9.2
with:
header: docker-image-tags
message: ${{ steps.docker_comment.outputs.comment }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}