fix: Pushing of image and getting its sha256 swapped! (#93)

pagopa · May 29, 2024 · a19268b · a19268b
1 parent 93487d5
commit a19268b
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 18 deletions.
diff --git a/.github/workflows/build-n-push-main.yml b/.github/workflows/build-n-push-main.yml
@@ -113,6 +113,12 @@ jobs:
           echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
           docker push -a ghcr.io/${{ github.repository }}
 
+      #
+      # Get sha256 of Docker image.
+      #
+      - name: Get sha256 of Docker image
+        run: echo "image_sha256=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:$BRANCH_NAME | sha256sum | cut -d' ' -f1)" >> "$GITHUB_ENV"
+
       #
       # Login to Azure.
       #
@@ -131,5 +137,4 @@ jobs:
         with:
           inlineScript: |
             az config set extension.use_dynamic_install=yes_without_prompt
-            az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -image ghcr.io/${{ github.repository }}:$BRANCH_NAME
-
+            az containerapp update -n ${{ secrets.AZURE_CONTAINER_APP_NAME }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} -i ${{ env.image_sha256 }}
diff --git a/.github/workflows/post-merge.yml b/.github/workflows/post-merge.yml
@@ -142,14 +142,7 @@ jobs:
       #
       - name: RELEASE CANDIDATE - Build Docker image
         if: steps.semantic.outputs.new_release_published == 'true'
-        run: docker build -f src/main/docker/Dockerfile.native-micro -t ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}-RC -t ghcr.io/${{ github.repository }}:${{ github.sha }}-RC .
-
-      #
-      # RELEASE CANDICATE - Get sha256 of Docker image.
-      #
-      - name: RELEASE CANDIDATE - Get sha256 of Docker image
-        if: steps.semantic.outputs.new_release_published == 'true'
-        run: echo "image_sha256_rc=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}-RC | sha256sum | cut -d' ' -f1)" >> "$GITHUB_ENV"
+        run: docker build -f src/main/docker/Dockerfile.native-micro -t ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}-RC .
 
       #
       # RELEASE CANDIDATE - Push Docker image.
@@ -160,6 +153,13 @@ jobs:
           echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
           docker push -a ghcr.io/${{ github.repository }}
 
+      #
+      # RELEASE CANDICATE - Get sha256 of Docker image.
+      #
+      - name: RELEASE CANDIDATE - Get sha256 of Docker image
+        if: steps.semantic.outputs.new_release_published == 'true'
+        run: echo "image_sha256_rc=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }}-RC | sha256sum | cut -d' ' -f1)" >> "$GITHUB_ENV"
+
       #
       # Login to Azure.
       #
@@ -258,14 +258,7 @@ jobs:
       #
       - name: STABLE - Build Docker image
         if: steps.semantic.outputs.new_release_published == 'true'
-        run: docker build -f src/main/docker/Dockerfile.native-micro -t ghcr.io/${{ github.repository }}:latest -t ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }} -t ghcr.io/${{ github.repository }}:${{ github.sha }} .
-
-      #
-      # STABLE - Get sha256 of Docker image.
-      #
-      - name: STABLE - Get sha256 of Docker image
-        if: steps.semantic.outputs.new_release_published == 'true'
-        run: echo "image_sha256=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }} | sha256sum | cut -d' ' -f1)" >> "$GITHUB_ENV"
+        run: docker build -f src/main/docker/Dockerfile.native-micro -t ghcr.io/${{ github.repository }}:latest -t ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }} .
 
       #
       # STABLE - Push Docker image.
@@ -276,6 +269,13 @@ jobs:
           echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
           docker push -a ghcr.io/${{ github.repository }}
 
+      #
+      # STABLE - Get sha256 of Docker image.
+      #
+      - name: STABLE - Get sha256 of Docker image
+        if: steps.semantic.outputs.new_release_published == 'true'
+        run: echo "image_sha256=$(docker image inspect -f '{{index .RepoDigests 0}}' ghcr.io/${{ github.repository }}:${{ steps.semantic.outputs.new_release_version }} | sha256sum | cut -d' ' -f1)" >> "$GITHUB_ENV"
+
       #
       # STABLE - Update Container App.
       #