Production Release - Build and Push From Prepared Tag/Branch #26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Production Release - Build and Push From Prepared Tag/Branch | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| Version: | |
| description: "Version: Repo Integration Version to checkout" | |
| default: "25.10.1" | |
| type: string | |
| required: true | |
| IsLatest: | |
| description: "IsLatest: (default true) If True, merge changes into main branch after successful publish" | |
| default: true | |
| type: boolean | |
| permissions: | |
| contents: write | |
| id-token: write | |
| jobs: | |
| Production_Release_From_Prepared_Version: | |
| runs-on: [ mend-self-hosted, profile=developer-platform-xlarge-od ] | |
| steps: | |
| - name: Checkout Prepared Version | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: "main" | |
| fetch-depth: 0 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: "arn:aws:iam::472613559203:role/github-actions-repo-integration-docker-base-images-role" | |
| aws-region: us-east-1 | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| with: | |
| registries: "054331651301" | |
| region: "us-east-1" | |
| mask-password: true | |
| - name: Log in to Docker Hub (Mend Hub) | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Download All Images from ECR | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| set -e | |
| ./bin/download-ecr-images.sh "${{ github.event.inputs.Version }}" "$ECR_REGISTRY" | |
| if [ $? -ne 0 ]; then | |
| echo "❌ Download ECR images script failed" | |
| exit 1 | |
| fi | |
| - name: Tag Images for Mend Hub | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| set -e | |
| ./bin/tag-ecr-images.sh "${{ github.event.inputs.Version }}" "$ECR_REGISTRY" | |
| if [ $? -ne 0 ]; then | |
| echo "❌ Tag ECR images script failed" | |
| exit 1 | |
| fi | |
| - name: Publish All Images to Mend Hub | |
| run: | | |
| set -e | |
| ./bin/publish-to-mend-hub.sh "${{ github.event.inputs.Version }}" | |
| if [ $? -ne 0 ]; then | |
| echo "❌ Publish to Mend Hub script failed" | |
| exit 1 | |
| fi | |
| - name: Merge to Main Branch | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| set -e | |
| ./bin/merge-to-main.sh "${{ github.event.inputs.Version }}" "${{ github.event.inputs.IsLatest }}" | |
| if [ $? -ne 0 ]; then | |
| echo "❌ Merge to main script failed" | |
| exit 1 | |
| fi | |
| - name: Notify Slack - Images Ready | |
| if: always() | |
| env: | |
| ECR_REGISTRY: "mend" | |
| SLACK_WEBHOOK_URL: ${{ secrets.PRD_SLACK_WEBHOOK_URL }} | |
| run: | | |
| echo "📤 Sending Slack notification..." | |
| ./bin/notify-slack.sh "${{ github.event.inputs.Version }}" "${{ job.status }}" "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |