This repository was archived by the owner on Feb 24, 2026. It is now read-only.
Generate API dependencies image #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate API dependencies image | |
| on: | |
| workflow_call: | |
| inputs: | |
| ref: | |
| description: 'The branch, tag or SHA to checkout' | |
| required: false | |
| type: string | |
| default: '' | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: 'Environment to deploy to' | |
| type: choice | |
| required: true | |
| default: 'staging' | |
| options: | |
| - staging | |
| - production | |
| jobs: | |
| check-changes: | |
| name: Check for dependency changes | |
| runs-on: ubuntu-latest | |
| outputs: | |
| changes_detected: ${{ steps.check-changes.outputs.changes_detected }} | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.ref || github.ref }} | |
| fetch-depth: 0 | |
| - name: Check for changes in dependency files | |
| id: check-changes | |
| run: | | |
| # For manual triggers or workflow calls, check if files have changed | |
| if git rev-parse --verify HEAD^1 >/dev/null 2>&1; then | |
| # If we have a parent commit, compare with it | |
| CHANGED_FILES=$(git diff --name-only HEAD^1 HEAD) | |
| else | |
| # If this is the first commit or we're on a different branch | |
| # List all tracked files | |
| CHANGED_FILES=$(git ls-tree -r --name-only HEAD) | |
| fi | |
| # Define the pattern for dependency-related files | |
| DEPENDENCY_PATTERN="^package\.json$|^yarn\.lock$|^apps\/api\/package\.json$" | |
| DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/(auth|common|config|contracts|core|plugin|utils)\/.*package\.json$" | |
| DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^packages\/plugins\/[a-z\-]+[^u][^i]\/.*package\.json$" | |
| DEPENDENCY_PATTERN="$DEPENDENCY_PATTERN|^\.deploy\/dependencies\/api\/|^\.github\/workflows\/api-dependencies\.yml$" | |
| if echo "$CHANGED_FILES" | grep -q -E "$DEPENDENCY_PATTERN"; then | |
| echo "changes_detected=true" >> $GITHUB_OUTPUT | |
| echo "Dependency changes detected" | |
| else | |
| echo "changes_detected=false" >> $GITHUB_OUTPUT | |
| echo "No dependency changes detected" | |
| fi | |
| handle-no-changes: | |
| name: Handle no changes | |
| needs: check-changes | |
| if: needs.check-changes.outputs.changes_detected != 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: No changes required | |
| run: | | |
| echo "No dependency changes detected. No rebuild required." | |
| exit 0 | |
| generate-dependencies: | |
| name: Generate dependencies image | |
| needs: check-changes | |
| if: needs.check-changes.outputs.changes_detected == 'true' | |
| runs-on: ubuntu-latest | |
| # Determine environment based on manual input or ref | |
| environment: ${{ inputs.environment || (startsWith(github.ref, 'refs/tags/v') && 'production' || 'staging') }} | |
| permissions: | |
| contents: read | |
| id-token: write | |
| # Environment variables are defined at the job level | |
| env: | |
| # These values come from the environment configuration in GitHub | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| ECR_REGISTRY: ${{ vars.ECR_REGISTRY }} | |
| ECR_REPOSITORY_DEPENDENCIES: ${{ vars.ECR_REPOSITORY_DEPENDENCIES }} | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.ref || github.ref }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| - name: Build dependency images | |
| run: | | |
| docker build \ | |
| -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_DEPENDENCIES }}:latest-api-dev \ | |
| -f .deploy/dependencies/api/Dockerfile \ | |
| . | |
| docker build \ | |
| --build-arg ENVIRONMENT=production \ | |
| -t ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_DEPENDENCIES }}:latest-api-prod -f \ | |
| .deploy/dependencies/api/Dockerfile \ | |
| . | |
| - name: Push images to Amazon ECR | |
| run: | | |
| docker push ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY_DEPENDENCIES }} --all-tags |