Merge pull request #67 from bcgov/ci/add-trigger-to-graphemes-api-dep… #24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build and push graphemes-api image | |
| # Limit GITHUB_TOKEN permissions to only read repo contents. | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| paths: | |
| - graphemes-api/** | |
| branches: [dev, test, main] | |
| workflow_dispatch: | |
| # Cancel any currently running builds to save GitHub Actions hours. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build-and-push: | |
| name: graphemes-api build and push | |
| runs-on: ubuntu-latest | |
| # Don't run on forks | |
| if: github.repository == 'bcgov/standard-graphemes' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| # PRs to the `dev` branch push to the `dev` environment in OpenShift | |
| # PRs to `test` push to `test` | |
| # PRs to `main` push to `prod` | |
| - name: Determine environment tag | |
| id: env-tag | |
| run: | | |
| echo "Evaluating branch: ${{ github.ref }}"; | |
| if [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then | |
| echo "tag=dev" >> $GITHUB_ENV; | |
| elif [[ "${{ github.ref }}" == "refs/heads/test" ]]; then | |
| echo "tag=test" >> $GITHUB_ENV; | |
| elif [[ "${{ github.ref }}" == "refs/heads/main" ]]; then | |
| echo "tag=prod" >> $GITHUB_ENV; | |
| else | |
| echo "Unknown branch: ${{ github.ref }}. Exiting..."; | |
| exit 1; | |
| fi; | |
| shell: bash | |
| - name: Build image with docker build | |
| run: docker build ./graphemes-api -f ./graphemes-api/Dockerfile -t graphemes-api:latest --build-arg GITHUB_SHA=${{ github.sha }} | |
| - name: Login to OpenShift Silver image registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: image-registry.apps.silver.devops.gov.bc.ca | |
| # This refers to the serviceaccount name alone, not the fully qualified | |
| # value that comes out of `oc whoami` when logged in as the SA. | |
| # Ex: For `system:serviceaccount:<name space>:<service account name>`, | |
| # just use `<service account name>`. | |
| username: ${{ secrets.OPENSHIFT_SILVER_SERVICEACCOUNT_USERNAME }} | |
| password: ${{ secrets.OPENSHIFT_SILVER_SERVICEACCOUNT_TOKEN }} | |
| - name: Tag and push Docker image | |
| run: | | |
| docker tag graphemes-api:latest image-registry.apps.silver.devops.gov.bc.ca/${{ secrets.OPENSHIFT_SILVER_LICENSE_PLATE }}-tools/graphemes-api:${{ env.tag }} | |
| docker push image-registry.apps.silver.devops.gov.bc.ca/${{ secrets.OPENSHIFT_SILVER_LICENSE_PLATE }}-tools/graphemes-api:${{ env.tag }} |