Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create and publish a container image, update helm chart 'appVersion' | |
| on: | |
| push: | |
| branches: ["main", "develop", "fix/cicd"] | |
| ############################################# | |
| # | |
| # Branch | |
| # - develop > github packages | |
| # - main > amazon ecr repository | |
| # | |
| ############################################# | |
| # # [origin] start | |
| # jobs: | |
| # build: | |
| # name: Build Docker Image | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@v3 | |
| # - name: Set up JDK 21 | |
| # uses: actions/setup-java@v2 | |
| # with: | |
| # distribution: 'adopt' | |
| # java-version: '21' | |
| # - name: Build JAR | |
| # run: ./gradlew build -x test | |
| # - name: Determine ECR Repository | |
| # id: ecr_repo | |
| # run: | | |
| # REPO_NAME=$(echo ${{ github.repository }} | awk -F '/' '{print $2}' | tr '[:upper:]' '[:lower:]') | |
| # echo "repo=${REPO_NAME}" >> $GITHUB_OUTPUT | |
| # if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then | |
| # echo "environment=prod" >> $GITHUB_OUTPUT | |
| # elif [[ "${{ github.ref }}" == "refs/heads/develop" ]]; then | |
| # echo "environment=stag" >> $GITHUB_OUTPUT | |
| # else | |
| # echo "::error::Unsupported branch: ${{ github.event_name }} on ${{ github.ref }}" | |
| # exit 1 | |
| # fi | |
| # - name: Configure AWS credentials | |
| # uses: aws-actions/configure-aws-credentials@v2 | |
| # with: | |
| # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| # - name: Login to Amazon ECR | |
| # id: login-ecr | |
| # uses: aws-actions/amazon-ecr-login@v2 | |
| # - name: Docker Build and Push | |
| # run: | | |
| # docker build -t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ steps.ecr_repo.outputs.repo }}_${{ steps.ecr_repo.outputs.environment }}:${{ github.sha }} . | |
| # docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/${{ steps.ecr_repo.outputs.repo }}_${{ steps.ecr_repo.outputs.environment }}:${{ github.sha }} | |
| # - name: Checkout Private Repository | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # repository: NTF-marketplace/devops | |
| # fetch-depth: 0 | |
| # ref: develop | |
| # token: ${{ secrets.PAT }} | |
| # - name: Replace image tag in helm values (LOCAL) | |
| # uses: mikefarah/yq@master | |
| # env: | |
| # IMAGE_TAG: ${{ github.sha }} | |
| # with: | |
| # cmd: yq eval -i '.image.tag = env(IMAGE_TAG)' 'chart/${{ steps.ecr_repo.outputs.repo }}_${{ steps.ecr_repo.outputs.environment }}/values.yaml' | |
| # - name: Commit helm chart changes | |
| # env: | |
| # IMAGE_TAG: ${{ github.sha }} | |
| # run: | | |
| # cd chart/${{ steps.ecr_repo.outputs.repo }}_${{ steps.ecr_repo.outputs.environment }} | |
| # git config --global user.email "[email protected]" | |
| # git config --global user.name "dongdorrong" | |
| # git add values.yaml | |
| # git commit --message "ci: update ${{ steps.ecr_repo.outputs.repo }}_${{ steps.ecr_repo.outputs.environment }} image tag to $IMAGE_TAG" | |
| # - name: Push commit | |
| # uses: ad-m/github-push-action@master | |
| # with: | |
| # github_token: ${{ secrets.PAT }} | |
| # repository: NTF-marketplace/devops | |
| # branch: develop | |
| # # [origin] end | |
| env: | |
| REGISTRY_DEV: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| develop: | |
| ### Reference | |
| # https://docs.github.com/ko/actions/publishing-packages/publishing-docker-images#github-packages%EC%97%90-%EC%9D%B4%EB%AF%B8%EC%A7%80-%EA%B2%8C%EC%8B%9C | |
| ### | |
| # if: github.ref == 'refs/heads/develop' | |
| if: github.ref == 'refs/heads/fix/cicd' | |
| name: Build and Push Docker Image to GitHub Container Registry | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
| with: | |
| registry: ${{ env.REGISTRY_DEV }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Container image | |
| id: meta | |
| uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 | |
| with: | |
| images: ${{ env.REGISTRY_DEV }}/${{ env.IMAGE_NAME }} | |
| tags: type=sha | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v2 | |
| with: | |
| distribution: 'adopt' | |
| java-version: '21' | |
| - name: Build JAR | |
| run: ./gradlew clean build -x test | |
| - name: Build and push Docker image | |
| id: push | |
| uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # ### Error | |
| # # [message] Failed to persist attestation | |
| # # Feature not available for the NTF-marketplace organization. | |
| # # To enable this feature, please upgrade the billing plan, or make this repository public. | |
| # # https://docs.github.com/rest/repos/repos#create-an-attestation | |
| # ### | |
| # - name: Generate artifact attestation | |
| # uses: actions/attest-build-provenance@v1 | |
| # with: | |
| # subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | |
| # subject-digest: ${{ steps.push.outputs.digest }} | |
| # push-to-registry: true | |
| # - name: Docker Build and Push to GitHub Container Registry | |
| # run: | | |
| # docker build -t ghcr.io/${{ github.repository }}:${{ github.sha }} . | |
| # echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| # docker push ghcr.io/${{ github.repository }}:${{ github.sha }} | |
| # - name: Checkout Private Repository | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # repository: NTF-marketplace/devops | |
| # fetch-depth: 0 | |
| # ref: develop | |
| # token: ${{ secrets.PAT }} | |
| # - name: Replace image tag in helm values (LOCAL) | |
| # uses: mikefarah/yq@master | |
| # env: | |
| # IMAGE_TAG: ${{ github.sha }} | |
| # with: | |
| # cmd: yq eval -i '.image.tag = env(IMAGE_TAG)' 'chart/my-repo_dev/values.yaml' | |
| # - name: Commit helm chart changes | |
| # env: | |
| # IMAGE_TAG: ${{ github.sha }} | |
| # run: | | |
| # cd chart/my-repo_dev | |
| # git config --global user.email "[email protected]" | |
| # git config --global user.name "dongdorrong" | |
| # git add values.yaml | |
| # git commit --message "ci: update my-repo_dev image tag to $IMAGE_TAG" | |
| # - name: Push commit | |
| # uses: ad-m/github-push-action@master | |
| # with: | |
| # github_token: ${{ secrets.PAT }} | |
| # repository: NTF-marketplace/devops | |
| # branch: develop | |
| # main: | |
| # if: github.ref == 'refs/heads/main' | |
| # name: Build and Push Docker Image to ECR | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@v3 | |
| # - name: Set up JDK 21 | |
| # uses: actions/setup-java@v2 | |
| # with: | |
| # distribution: 'adopt' | |
| # java-version: '21' | |
| # - name: Build JAR | |
| # run: ./gradlew clean build -x test | |
| # - name: Configure AWS credentials | |
| # uses: aws-actions/configure-aws-credentials@v2 | |
| # with: | |
| # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| # - name: Login to Amazon ECR | |
| # uses: aws-actions/amazon-ecr-login@v2 | |
| # - name: Docker Build and Push to ECR | |
| # run: | | |
| # docker build -t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/my-repo_prod:${{ github.sha }} . | |
| # docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_DEFAULT_REGION }}.amazonaws.com/my-repo_prod:${{ github.sha }} | |
| # - name: Checkout Private Repository | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # repository: NTF-marketplace/devops | |
| # fetch-depth: 0 | |
| # ref: develop | |
| # token: ${{ secrets.PAT }} | |
| # - name: Replace image tag in helm values (LOCAL) | |
| # uses: mikefarah/yq@master | |
| # env: | |
| # IMAGE_TAG: ${{ github.sha }} | |
| # with: | |
| # cmd: yq eval -i '.image.tag = env(IMAGE_TAG)' 'chart/my-repo_prod/values.yaml' | |
| # - name: Commit helm chart changes | |
| # env: | |
| # IMAGE_TAG: ${{ github.sha }} | |
| # run: | | |
| # cd chart/my-repo_prod | |
| # git config --global user.email "[email protected]" | |
| # git config --global user.name "dongdorrong" | |
| # git add values.yaml | |
| # git commit --message "ci: update my-repo_prod image tag to $IMAGE_TAG" | |
| # - name: Push commit | |
| # uses: ad-m/github-push-action@master | |
| # with: | |
| # github_token: ${{ secrets.PAT }} | |
| # repository: NTF-marketplace/devops | |
| # branch: develop |