cd / containers #900
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: cd / containers | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| workflow_run: | |
| workflows: | |
| - ci / ui | |
| - ci / core | |
| types: | |
| - completed | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| component-name: | |
| type: string | |
| default: core | |
| required: true | |
| jobs: | |
| prepare: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' }} | |
| outputs: | |
| components: ${{ steps.components.outputs.components }} | |
| release-name: ${{ steps.release-name.outputs.release-name }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - id: components | |
| run: | | |
| COMPONENT_NAME=$(echo ${{ github.event_name == 'workflow_run' && github.event.workflow_run.name || inputs.component-name }} | awk '{ print $NF }') | |
| case $COMPONENT_NAME in | |
| core) COMPONENTS='[{"name":"core","container-image-name":"infrahq/infra","container-image-context":"."}]' ;; | |
| ui) COMPONENTS='[{"name":"ui","container-image-name":"infrahq/ui","container-image-context":"ui"}]' ;; | |
| *) COMPONENTS='[{"name":"core","container-image-name":"infrahq/infra","container-image-context":"."},{"name":"ui","container-image-name":"infrahq/ui","container-image-context":"ui"}]' ;; | |
| esac | |
| echo "components=$COMPONENTS" >>$GITHUB_OUTPUT | |
| - id: release-name | |
| run: | | |
| RELEASE_NAME=${{ startsWith(github.ref, 'refs/tags/') && github.ref_name || '$(git describe --tags)' }} | |
| echo "release-name=$(echo ${RELEASE_NAME#v} | sed 's/-/+/')" >>$GITHUB_OUTPUT | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: [prepare] | |
| if: ${{ github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' }} | |
| strategy: | |
| matrix: | |
| component: ${{ fromJson(needs.prepare.outputs.components) }} | |
| env: | |
| IMAGE: ${{ matrix.component.container-image-name }} | |
| CONTEXT: ${{ matrix.component.container-image-context }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - id: metadata | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: ${{ env.IMAGE }} | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=sha,prefix= | |
| type=edge | |
| - uses: docker/setup-buildx-action@v2 | |
| - uses: docker/setup-qemu-action@v2 | |
| - uses: docker/build-push-action@v4 | |
| with: | |
| context: ${{ env.CONTEXT }} | |
| push: true | |
| platforms: linux/amd64,linux/arm64 | |
| build-args: | | |
| BUILDVERSION=${{ needs.prepare.outputs.release-name }} | |
| TELEMETRY_WRITE_KEY=${{ secrets.TELEMETRY_WRITE_KEY }} | |
| tags: ${{ steps.metadata.outputs.tags }} | |
| labels: ${{ steps.metadata.outputs.labels }} | |
| cache-from: type=registry,ref=${{ env.IMAGE }}:edge | |
| cache-to: type=inline | |
| provenance: false | |
| synchronize: | |
| runs-on: ubuntu-latest | |
| needs: [prepare, build] | |
| if: ${{ !contains(fromJson('["workflow_run","tag"]'), github.event_name) || github.event.workflow_run.conclusion == 'success' }} | |
| strategy: | |
| matrix: | |
| component: ${{ fromJson(needs.prepare.outputs.components) }} | |
| environment: | |
| - name: Development | |
| - name: Production | |
| environment: ${{ matrix.environment.name }} | |
| concurrency: | |
| group: ${{ github.workflow }}-synchronize-${{ matrix.environment.name }}-${{ matrix.component.name }} | |
| cancel-in-progress: true | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: ./.github/actions/setup-infra | |
| with: | |
| infra-server: ${{ secrets.INFRA_SERVER }} | |
| infra-access-key: ${{ secrets.INFRA_ACCESS_KEY }} | |
| infra-destination: ${{ secrets.INFRA_DESTINATION }} | |
| - uses: ./.github/actions/setup-argocd | |
| with: | |
| argocd-tools: | | |
| argocd-image-updater | |
| - run: | | |
| for TRY in $(seq $MAX_TRIES); do | |
| # argocd-image-updater exits 0 so need to consult the logs to determine if there's a failure | |
| argocd-image-updater run --once --match-application-label=ci.infrahq.com/component=${{ matrix.component.name }} 2>&1 \ | |
| | tee /dev/stderr \ | |
| | grep level=error \ | |
| || exit 0 | |
| sleep $(( 3 ** $TRY )) | |
| done | |
| # all attempts to sync image have failed | |
| exit 1 | |
| env: | |
| MAX_TRIES: 5 |