Skip to content

Commit 23afcc4

Browse files
authored
Merge pull request #24 from nixopus/feat/staging-image-pipeline
ci: add staging image pipeline
2 parents 0cd0f1a + 6e7fcfa commit 23afcc4

4 files changed

Lines changed: 143 additions & 3 deletions

File tree

.github/workflows/build-and-push.yml

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,10 @@ name: Build and Push Container
77

88
on:
99
push:
10-
branches:
11-
- main
10+
tags:
11+
- 'v*'
12+
release:
13+
types: [published]
1214
workflow_dispatch:
1315

1416
concurrency:
@@ -145,7 +147,9 @@ jobs:
145147
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
146148
tags: |
147149
type=raw,value=latest
148-
type=sha,prefix={{branch}}-
150+
type=semver,pattern={{version}}
151+
type=semver,pattern={{major}}.{{minor}}
152+
type=semver,pattern={{major}}
149153
150154
- name: Create manifest list and push
151155
if: steps.check.outputs.has_digests == 'true'
Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
# Workflow: Build and Push Staging Docker Container
2+
# Description: Builds and pushes amd64-only staging image for Auth on every main merge.
3+
# Why: Provides a :staging floating tag and immutable :sha-* tags for pre-release validation,
4+
# completely separate from the :latest production tags pushed by build-and-push.yml.
5+
6+
name: Staging Package Manager
7+
8+
on:
9+
push:
10+
branches:
11+
- main
12+
workflow_dispatch:
13+
14+
concurrency:
15+
group: ${{ github.workflow }}-${{ github.ref }}
16+
cancel-in-progress: true
17+
18+
env:
19+
REGISTRY: ghcr.io
20+
IMAGE_NAME: ${{ github.repository }}
21+
22+
jobs:
23+
build-auth:
24+
# Skip commits pushed by the release bot (chore(release): vX.Y.Z commits from release.yml)
25+
if: github.actor != 'github-actions[bot]'
26+
runs-on: ubuntu-latest
27+
permissions:
28+
contents: read
29+
packages: write
30+
31+
steps:
32+
- name: Checkout repository
33+
uses: actions/checkout@v6
34+
with:
35+
fetch-depth: 0
36+
37+
- name: Create .env file
38+
run: cp .env.sample .env
39+
40+
- name: Set up Docker Buildx
41+
uses: docker/setup-buildx-action@v3
42+
with:
43+
driver-opts: |
44+
image=moby/buildkit:latest
45+
network=host
46+
47+
- name: Log in to the Container registry
48+
uses: docker/login-action@v3
49+
with:
50+
registry: ${{ env.REGISTRY }}
51+
username: ${{ github.actor }}
52+
password: ${{ secrets.GITHUB_TOKEN }}
53+
54+
- name: Extract metadata for Auth
55+
id: meta-auth
56+
uses: docker/metadata-action@v5
57+
with:
58+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
59+
tags: |
60+
type=raw,value=staging
61+
type=sha,prefix=sha-,format=short
62+
63+
- name: Build and push Auth image
64+
uses: docker/build-push-action@v6
65+
with:
66+
context: .
67+
platforms: linux/amd64
68+
push: true
69+
tags: ${{ steps.meta-auth.outputs.tags }}
70+
labels: ${{ steps.meta-auth.outputs.labels }}
71+
cache-from: type=gha,scope=staging-auth
72+
cache-to: type=gha,mode=max,scope=staging-auth
73+
provenance: false

.github/workflows/release.yml

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
# Workflow: Release
2+
# Description: Generates a release tag and GitHub release
3+
# Why: Provides versioned releases for production deployments
4+
5+
name: Create Release
6+
7+
on:
8+
workflow_dispatch:
9+
10+
jobs:
11+
create-release:
12+
runs-on: ubuntu-latest
13+
permissions:
14+
contents: write
15+
pull-requests: write
16+
outputs:
17+
released: ${{ steps.changelog.outputs.skipped == 'false' }}
18+
tag: ${{ steps.changelog.outputs.tag }}
19+
steps:
20+
- name: Checkout Repository
21+
uses: actions/checkout@v6
22+
with:
23+
fetch-depth: 0
24+
25+
- name: Conventional Changelog Action
26+
id: changelog
27+
uses: TriPSs/conventional-changelog-action@v5
28+
with:
29+
github-token: ${{ secrets.GITHUB_TOKEN }}
30+
git-user-name: 'github-actions[bot]'
31+
git-user-email: 'github-actions[bot]@users.noreply.github.com'
32+
git-message: 'chore(release): {version}'
33+
preset: 'angular'
34+
tag-prefix: 'v'
35+
version-file: 'package.json'
36+
skip-on-empty: 'false'
37+
skip-ci: 'true'
38+
create-summary: 'true'
39+
git-push: 'false'
40+
release-count: 0
41+
42+
- name: Commit release artifacts
43+
if: ${{ steps.changelog.outputs.skipped == 'false' }}
44+
run: |
45+
git config user.name 'github-actions[bot]'
46+
git config user.email 'github-actions[bot]@users.noreply.github.com'
47+
git add package.json
48+
git tag -d "${{ steps.changelog.outputs.tag }}" 2>/dev/null || true
49+
git commit -m "chore(release): ${{ steps.changelog.outputs.tag }}"
50+
git tag "${{ steps.changelog.outputs.tag }}"
51+
git push origin HEAD:main --tags
52+
53+
- name: Create GitHub Release
54+
if: ${{ steps.changelog.outputs.skipped == 'false' }}
55+
uses: softprops/action-gh-release@v2
56+
with:
57+
tag_name: ${{ steps.changelog.outputs.tag }}
58+
name: ${{ steps.changelog.outputs.tag }}
59+
body: ${{ steps.changelog.outputs.clean_changelog }}
60+
prerelease: false

commitlint.config.cjs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
module.exports = {
2+
extends: ['@commitlint/config-conventional'],
3+
};

0 commit comments

Comments
 (0)