Fix race condition in media version archival and metadata management #337
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This action currently only handles building and pushing the container image to the registry. | |
| # We will expand it in the future to also handle deployments for our Atlos-native infrastructure. | |
| name: Build and deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - deployments/gap | |
| - deployments/prod | |
| paths: | |
| - "platform/**" | |
| - ".github/workflows/build-and-deploy.yml" | |
| release: | |
| types: [published] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| build: | |
| runs-on: "ubuntu-latest" | |
| permissions: | |
| contents: read | |
| packages: write | |
| defaults: | |
| run: | |
| working-directory: ./platform | |
| outputs: | |
| image_digest: ${{ steps.docker-build.outputs.digest }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Log in to registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Build and push container image to registry | |
| uses: docker/build-push-action@v3 | |
| id: docker-build | |
| with: | |
| push: true | |
| context: ./platform | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| file: ./platform/Dockerfile | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: APP_REVISION=${{ github.sha }} | |
| deploy-staging: | |
| # Only runs if the build job was successful | |
| needs: build | |
| # Only runs if the branch is main | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: deploy:${{ github.ref }} | |
| environment: | |
| name: "Staging (Azure)" # TODO: Figure out the right environment from the branch name | |
| url: "staging.atlos.org" | |
| steps: | |
| - name: Azure Login | |
| uses: azure/login@v1 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Deploy New Revision | |
| run: az containerapp revision copy --name ${{ secrets.AZURE_CONTAINER_APP_NAME }} --resource-group ${{ secrets.AZURE_CONTAINER_APP_RESOURCE_GROUP }} --image "ghcr.io/atlosdotorg/atlos@${{ needs.build.outputs.image_digest }}" | |
| deploy-prod: | |
| # Only runs if the build job was successful | |
| needs: build | |
| # Only runs if the branch is `deployments/prod` | |
| if: github.ref == 'refs/heads/deployments/prod' | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: deploy:${{ github.ref }} | |
| environment: | |
| name: "Prod (Azure)" # TODO: Figure out the right environment from the branch name | |
| url: "platform.atlos.org" | |
| steps: | |
| - name: Azure Login | |
| uses: azure/login@v1 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Deploy New Revision | |
| run: az containerapp revision copy --name ${{ secrets.AZURE_CONTAINER_APP_NAME }} --resource-group ${{ secrets.AZURE_CONTAINER_APP_RESOURCE_GROUP }} --image "ghcr.io/atlosdotorg/atlos@${{ needs.build.outputs.image_digest }}" | |