fix(build): Updated github workflow to push production with correct tag #541
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| # Allow manual triggering of the workflow | |
| workflow_dispatch: | |
| # Trigger on push to main or tags matching v* | |
| push: | |
| branches: | |
| - "main" | |
| - "production" | |
| - "staging" | |
| tags: | |
| - release* | |
| pull_request: | |
| branches: | |
| - main | |
| - production | |
| - staging | |
| env: | |
| DOCKER_BUILDKIT: 1 | |
| TARGET_PLATFORMS: linux/amd64,linux/arm64 | |
| DOCKERHUB_REGISTRY: docker.io | |
| GITHUB_REGISTRY: ghcr.io | |
| IMAGE_NAME: kcworks | |
| RELEASE_VERSION: unset | |
| INVENIO_RECORD_IMPORTER_LOCAL_DATA_DIR: ${{vars.INVENIO_RECORD_IMPORTER_LOCAL_DATA_DIR}} | |
| INVENIO_RECORD_IMPORTER_DATA_DIR: ${{vars.INVENIO_RECORD_IMPORTER_DATA_DIR}} | |
| INVENIO_SEARCH_DOMAIN: ${{vars.INVENIO_SEARCH_DOMAIN}} | |
| INVENIO_INSTANCE_PATH: ${{vars.INVENIO_INSTANCE_PATH}} | |
| INVENIO_SECRET_KEY: ${{secrets.INVENIO_SECRET_KEY}} | |
| REDIS_DOMAIN: ${{vars.REDIS_DOMAIN}} | |
| INVENIO_SQLALCHEMY_DATABASE_URI: ${{vars.INVENIO_SQLALCHEMY_DATABASE_URI}} | |
| POSTGRES_USER: ${{vars.POSTGRES_USER}} | |
| POSTGRES_PASSWORD: ${{secrets.POSTGRES_PASSWORD}} | |
| POSTGRES_DB: ${{vars.POSTGRES_DB}} | |
| PGADMIN_DEFAULT_EMAIL: ${{secrets.PGADMIN_DEFAULT_EMAIL}} | |
| PGADMIN_DEFAULT_PASSWORD: ${{secrets.PGADMIN_DEFAULT_PASSWORD}} | |
| jobs: | |
| build_and_release: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Get release version | |
| id: get_release_version | |
| if: startsWith(github.ref, 'refs/tags/') | |
| run: | | |
| # Remove 'release-' prefix if present, otherwise use the full ref name | |
| release_version=$(echo ${{ github.ref_name }} | sed 's/^release-//') | |
| echo "Building release version: $release_version" | |
| echo "RELEASE_VERSION=${release_version}" >> $GITHUB_ENV | |
| shell: bash | |
| - name: Label latest | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| run: | | |
| echo "RELEASE_VERSION=latest" >> $GITHUB_ENV | |
| - name: Label production | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/production' | |
| run: | | |
| echo "RELEASE_VERSION=production" >> $GITHUB_ENV | |
| - name: Label staging | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/staging' | |
| run: | | |
| echo "RELEASE_VERSION=staging" >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| with: | |
| mask-password: true | |
| # Checks-out your repository under $GITHUB_WORKSPACE | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| # Set up Python 3.9 environment | |
| - name: Set up Python 3.9 | |
| uses: actions/setup-python@v1 | |
| with: | |
| python-version: "3.9" | |
| # Cache docker images so they don't rebuild every time | |
| # - name: Cache Local Images | |
| # id: local-images | |
| # uses: actions/cache@v3 | |
| # with: | |
| # path: /var/lib/docker/ | |
| # key: local-docker-directory | |
| - name: Build Image | |
| env: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| docker build . --file Dockerfile --platform=linux/amd64 --tag $DOCKERHUB_REGISTRY/$DOCKERHUB_USERNAME/$IMAGE_NAME:$RELEASE_VERSION --tag $GITHUB_REGISTRY/$DOCKERHUB_USERNAME/$IMAGE_NAME:$RELEASE_VERSION --tag $ECR_REGISTRY/kcworks:$RELEASE_VERSION | |
| docker image ls | |
| - name: Push Image to Docker Hub | |
| env: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| run: | | |
| docker push $DOCKERHUB_REGISTRY/$DOCKERHUB_USERNAME/$IMAGE_NAME --all-tags | |
| - name: Push image to Amazon ECR | |
| if: env.RELEASE_VERSION == 'production' || env.RELEASE_VERSION == 'staging' | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| RELEASE_VERSION: ${{ env.RELEASE_VERSION }} | |
| run: | | |
| docker push $ECR_REGISTRY/kcworks:$RELEASE_VERSION | |
| - name: Start containers | |
| if: always() | |
| run: | | |
| touch .env | |
| docker compose --file docker-compose.yml --file docker-compose.dev.yml up -d | |
| # - name: Run unit tests | |
| # run: | | |
| # docker exec -it kcworks-ui bash -c "cd /opt/invenio/src/site && PIPENV_DOTENV_LOCATION=/Users/ianscott/Development/knowledge-commons-works/site/tests/.env pipenv run python -m pytest" | |
| - name: Destroy containers | |
| if: always() | |
| run: | | |
| touch .env | |
| docker compose --file docker-compose.yml --file docker-compose.dev.yml down | |
| - name: Prune Docker | |
| run: docker system prune -af | |