Merge pull request #197 from wunderio/feature/cicd-node-versions #198
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and push docker images | |
on: | |
push: | |
branches: | |
- master | |
paths: | |
- '**/**/TAGS' | |
jobs: | |
changed_files: | |
name: Get changed tag files | |
runs-on: ubuntu-latest | |
env: | |
BUILD_CURRENT: ${{ github.sha }} | |
BUILD_PREVIOUS: ${{ github.event.before }} | |
outputs: | |
matrix: ${{ steps.changes.outputs.matrix}} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Get changed TAGS files | |
id: changes | |
run: | | |
tagfile_list_json=$(git diff-tree --no-commit-id --name-only -r \ | |
$BUILD_CURRENT $BUILD_PREVIOUS \ | |
| grep TAGS$ \ | |
| jq -Rsc '. / "\n" - [""]' ) | |
echo "matrix=${tagfile_list_json}" > $GITHUB_OUTPUT | |
build_and_push_docker_hub: | |
name: Build and push to Docker Hub | |
runs-on: ubuntu-latest | |
# Secrets | |
# DOCKER_HUB_REGISTRY_URL: "wunderio" | |
env: | |
DOCKER_REGISTRY_URL: ${{ secrets.DOCKER_REGISTRY_URL }} | |
DOCKER_USER: ${{secrets.DOCKER_USER}} | |
DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} | |
needs: changed_files | |
strategy: | |
fail-fast: false | |
matrix: | |
dockerfile: ${{ fromJson(needs.changed_files.outputs.matrix) }} | |
if: ${{needs.changed_files.outputs.matrix}} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: docker login | |
run: | | |
docker login -u $DOCKER_USER -p $DOCKER_PASSWORD | |
- name: Build and push images | |
run: | | |
set -ex | |
tagsFilePath=${{matrix.dockerfile}} | |
# Remove "/TAGS" from the path | |
folder=${tagsFilePath%"/TAGS"}; | |
# Split first two directores and use as image name and tag respectively. | |
# This only works with bash, make sure the shell is correct! | |
read IMAGE_NAME LEFTOVERS <<<$(IFS="/"; echo $folder); | |
# Read TAGS file, tag image with each tag and push to remote | |
IMAGE_ID=$DOCKER_REGISTRY_URL/$IMAGE_NAME | |
cat $tagsFilePath | while read TAG || [[ -n $TAG ]]; | |
do | |
# Add tags | |
docker build $folder --file $folder/Dockerfile --tag $IMAGE_ID:$TAG | |
# Push image | |
docker push $IMAGE_ID:$TAG | |
done; | |
circleci-k8s-test-build: | |
name: Test released images | |
runs-on: ubuntu-latest | |
needs: | |
- build_and_push_docker_hub | |
strategy: | |
matrix: | |
project: [ | |
{org: "wunderio", repo: "drupal-project-k8s", branch: "master"}, | |
{org: "wunderio", repo: "frontend-project-k8s", branch: "master"}, | |
{org: "wunderio", repo: "simple-project-k8s", branch: "master"} | |
] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Validate released images with ${{ matrix.project.repo }} | |
run: | | |
REPO_NAME="${{ matrix.project.repo }}" | |
ORG_NAME="${{ matrix.project.org }}" | |
BRANCH_NAME="${{ matrix.project.branch }}" | |
CIRCLECI_DEV_API_TOKEN_B64=$(echo -n "${{ secrets.CIRCLECI_DEV_API_TOKEN }}:" | base64) | |
if [ -z "${{ secrets.CIRCLECI_DEV_API_TOKEN }}" ]; then | |
echo "Repository secrets is missing CIRCLECI_DEV_API_TOKEN variable." | |
exit 1 | |
fi | |
echo "Running ${ORG_NAME}/${REPO_NAME}/${BRANCH_NAME} build on CircleCI" | |
echo "Project link: https://app.circleci.com/pipelines/github/${ORG_NAME}/${REPO_NAME}?branch=${BRANCH_NAME}" | |
# Trigger a new pipeline | |
PIPELINE_ID=$(curl --request POST \ | |
--url "https://circleci.com/api/v2/project/gh/wunderio/${REPO_NAME}/pipeline" \ | |
--header "content-type: application/json" \ | |
--data "{\"branch\":\"${BRANCH_NAME}\"}" \ | |
--header "authorization: Basic ${CIRCLECI_DEV_API_TOKEN_B64}" --silent | jq -r '.id') | |
echo "Pipeline ID: ${PIPELINE_ID}" | |
sleep 10 | |
# Wait for pipeline to be complete | |
while true; do | |
PIPELINE_STATUS=$(curl --request GET \ | |
--url "https://circleci.com/api/v2/pipeline/${PIPELINE_ID}/workflow" \ | |
--header "authorization: Basic ${CIRCLECI_DEV_API_TOKEN_B64}" --silent | jq -r '.items[0].status') | |
if [ "${PIPELINE_STATUS}" = "success" ]; then | |
echo "Pipeline completed successfully" | |
break | |
elif [ "${PIPELINE_STATUS}" != "created" ] && [ "${PIPELINE_STATUS}" != "running" ]; then | |
echo "Pipeline status: ${PIPELINE_STATUS}, failing the test" | |
exit 1 | |
fi | |
echo "current status: ${PIPELINE_STATUS}" | |
sleep 10 | |
done |