forked from ajosephy/FDMT
-
Notifications
You must be signed in to change notification settings - Fork 1
89 lines (87 loc) · 3.96 KB
/
continuous-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
name: Continuous Deployment
on:
push:
branches:
- '*'
pull_request:
types:
- closed
branches:
- main
delete:
jobs:
build-and-push-image:
runs-on: self-hosted
if: ${{ github.event_name == 'push' }}
steps:
- name: Create Release
id: set-release
if: ${{ github.ref_name == 'main' }}
# Only create the automated release PR if pushing to main (won't be created if this is already the automated release PR)
uses: google-github-actions/release-please-action@v3
with:
release-type: python
package-name: ${{ github.event.repository.name }}
- name: Checkout code
id: set-code
if: ${{ (github.ref_name == 'main' && steps.set-release.outputs.release_created) || github.ref_name != 'main'}}
# Only perform next steps if now merging the automated release PR to main, or if not pushing to main
uses: actions/checkout@v3
with:
fetch-depth: 1
- name: Setup SSH Agent
if: ${{ (github.ref_name == 'main' && steps.set-release.outputs.release_created) || github.ref_name != 'main'}}
uses: webfactory/[email protected]
id: set-ssh
with:
ssh-private-key: ${{ secrets.SPS_SSH_ID }}
- name: Setup Docker Buildx
id: set-docker-buildx
if: ${{ (github.ref_name == 'main' && steps.set-release.outputs.release_created) || github.ref_name != 'main'}}
uses: docker/setup-buildx-action@v1
with:
install: true
- name: Perform DockerHub Login
id: set-dockerhub-login
if: ${{ (github.ref_name == 'main' && steps.set-release.outputs.release_created) || github.ref_name != 'main'}}
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
# Push two images, one with latest as tag (overwriting), and one with its version as tag (for future reference)
- name: Build Docker Image and Push to DockerHub
id: set-build-and-push-latest
if: ${{ (github.ref_name == 'main' && steps.set-release.outputs.release_created)}}
uses: docker/build-push-action@v3
with:
context: .
file: Dockerfile
target: runtime
tags: |
chimefrb/${{ github.event.repository.name }}:latest
chimefrb/${{ github.event.repository.name }}:${{ steps.set-release.outputs.tag_name }}
ssh: "github_ssh_id=${{ steps.set-ssh.outputs.SSH_AUTH_SOCK}}"
push: true
# Push the image with just its branch as tag
- name: Build Docker Image and Push to DockerHub
id: set-build-and-push-branch
if: ${{ github.ref_name != 'main'}}
uses: docker/build-push-action@v3
with:
context: .
file: Dockerfile
target: runtime
tags: |
chimefrb/${{ github.event.repository.name }}:${{ github.ref_name }}
ssh: "github_ssh_id=${{ steps.set-ssh.outputs.SSH_AUTH_SOCK}}"
push: true
delete-image:
runs-on: ubuntu-latest
# If a pull request is merged, or a branch is deleted, delete the associated DockerHub Image Tag
if: ${{ (github.event_name == 'pull_request' && github.event.pull_request.merged && github.actor != 'github-actions' && github.base_ref == 'main') || github.event.ref_type == 'branch'}}
steps:
- name: Delete Docker Image Tag of Branch from DockerHub
run: |
TAG='${{ github.head_ref || github.event.ref}}'
HUB_TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d "{\"username\": \"${{ secrets.DOCKERHUB_USERNAME }}\", \"password\": \"${{ secrets.DOCKERHUB_PASSWORD }}\"}" https://hub.docker.com/v2/users/login/ | jq -r .token)
curl -i -X DELETE \ -H "Accept: application/json" -H "Authorization: JWT $HUB_TOKEN" https://hub.docker.com/v2/namespaces/${{ secrets.DOCKERHUB_USERNAME }}/repositories/${{ github.event.repository.name }}/tags/$TAG/