Skip to content
CI

change #21

Sign in to view logs

change

change #21

Workflow file for this run

.github/workflows/main.yml at 9780c38
name: CI
on:
push:
branches: [ main ]
jobs:
buid:
name: GitOps Workflow
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Build an image from Dockerfile
run: |-
pwd
DOCKER_BUILDKIT=1 docker image build . -f app/Dockerfile --tag ${{ secrets.DH_USERNAME }}/gitops-go-app:${{ github.run_number }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ secrets.DH_USERNAME }}/gitops-go-app:${{ github.run_number }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DH_USERNAME }}
password: ${{ secrets.DH_TOKEN }}
- name: Push Image to Docker Hub
run: |-
docker image push ${{ secrets.DH_USERNAME }}/gitops-go-app:${{ github.run_number }}
- name: Update values.yaml & Pull Request to Config Repository
env:
GIT_SSH_COMMAND: ssh -i ./secret -o StrictHostKeyChecking=no -F /dev/null
run: |-
git clone git@github.com:TOnodera/config-for-helm-sample.git
cd config-for-helm-sample/gitops-helm
# update values.yaml in new branch
git config --global user.email "${{ secrets.EMAIL }}"
git config --global user.name "${{ secrets.GH_USERNAME }}"
git branch feature/${{ github.run_number }}
git checkout feature/${{ github.run_number }}
sed -i 's/tag: [0-9]*/tag: ${{ github.run_number }}/g' values.yaml
# git push
git add values.yaml
git commit -m "Update tag ${{ github.run_number }}"
echo "${{ secrets.GH_SECRET_KEY }}" > secret
chmod 600 secret
git push origin feature/${{ github.run_number }}
# create pull request
echo ${{ secrets.PERSONAL_ACCESS_TOKEN }} > token.txt
gh auth login --with-token < token.txt
gh pr create --title 'Update Tag ${{ github.run_number }}' --body "Please Merge!!"