-
Notifications
You must be signed in to change notification settings - Fork 4
68 lines (62 loc) · 2.82 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: CI
on: push
jobs:
build_test_and_push:
name: Build Docker images, run tests and push to Docker registry
runs-on: self-hosted
env:
DOCKER_IMAGE: docker.kausal.tech/watch-ui
DOCKER_BUILDKIT: 1
BUILDKIT_PROGRESS: plain
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Check for deployment branch
if: github.ref == 'refs/heads/deployment/production' || github.ref == 'refs/heads/deployment/staging' || github.ref == 'refs/heads/deployment/testing'|| github.ref == 'refs/heads/deployment/wip'
run: |
echo "DEPLOYMENT_TYPE=$(echo ${{ github.ref }} | cut -d / -f 4)" >> $GITHUB_ENV
- name: Building Docker base container
run: |
docker build \
--build-arg YARN_NPM_REGISTRY_SERVER=${{ secrets.NPM_REGISTRY_SERVER }} \
--build-arg YARN_NPM_AUTH_IDENT=${{ secrets.NPM_AUTH_IDENT }} \
--tag kausal-watch-ui/base \
--target base .
- name: Running Jest unit tests
run: docker run --rm --entrypoint '' kausal-watch-ui/base yarn test
- name: Set Sentry authentication token
if: env.DEPLOYMENT_TYPE
run: |
echo "SENTRY_AUTH_TOKEN=$SENTRY_AUTH_TOKEN" >> $GITHUB_ENV
env:
SENTRY_AUTH_TOKEN: '${{ secrets.SENTRY_AUTH_TOKEN }}'
- name: Building NextJS bundles
run: |
docker build \
--build-arg SENTRY_ORG=${{ secrets.SENTRY_ORG }} \
--build-arg SENTRY_URL=${{ secrets.SENTRY_URL }} \
--build-arg SENTRY_PROJECT=${{ secrets.SENTRY_PROJECT }} \
--build-arg GIT_REV=${{ github.sha }} \
--build-arg GIT_REPO=${{ github.repository }} \
--build-arg SENTRY_AUTH_TOKEN=$SENTRY_AUTH_TOKEN \
--tag ${{ env.DOCKER_IMAGE }} \
.
- name: Log into Docker registry
if: env.DEPLOYMENT_TYPE
uses: docker/login-action@v1
with:
registry: docker.kausal.tech
username: docker
# FIXME: Instead of using the password, we should probably switch to token authentication with limited scope
password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
# - name: Push latest tag to Docker registry
# if: github.ref == 'refs/heads/master'
# run: |
# docker push ${{ env.DOCKER_IMAGE }}:latest
- name: Tag and push to registry
if: env.DEPLOYMENT_TYPE
run: |
docker tag ${{ env.DOCKER_IMAGE }} ${{ env.DOCKER_IMAGE }}:${{ env.DEPLOYMENT_TYPE }}-${{ github.run_number }}
docker tag ${{ env.DOCKER_IMAGE }} ${{ env.DOCKER_IMAGE }}:${{ env.DEPLOYMENT_TYPE }}-latest
docker push ${{ env.DOCKER_IMAGE }}:${{ env.DEPLOYMENT_TYPE }}-${{ github.run_number }}
docker push ${{ env.DOCKER_IMAGE }}:${{ env.DEPLOYMENT_TYPE }}-latest