v0.0.12 #11
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Prod | |
| on: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| validate-tag: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Validate semver tag | |
| run: | | |
| TAG="${{ github.event.release.tag_name }}" | |
| if [[ ! "$TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| echo "::error::Tag '$TAG' is not valid semver (expected vX.Y.Z)" | |
| exit 1 | |
| fi | |
| docker-backend: | |
| runs-on: ubuntu-latest | |
| needs: [validate-tag] | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: backend/Dockerfile | |
| push: true | |
| platforms: linux/amd64 | |
| tags: | | |
| ghcr.io/${{ github.repository }}/backend:${{ github.event.release.tag_name }} | |
| ghcr.io/${{ github.repository }}/backend:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| docker-frontend: | |
| runs-on: ubuntu-latest | |
| needs: [validate-tag] | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: frontend/Dockerfile | |
| push: true | |
| platforms: linux/amd64 | |
| tags: | | |
| ghcr.io/${{ github.repository }}/frontend:${{ github.event.release.tag_name }} | |
| ghcr.io/${{ github.repository }}/frontend:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [docker-backend, docker-frontend] | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| repository: breithorn-poc/rob-poc | |
| token: ${{ secrets.ARGO_PAT }} | |
| path: argocd | |
| - name: Update prod image tags | |
| run: | | |
| TAG="${{ github.event.release.tag_name }}" | |
| sed -i "s|image: ghcr.io/swiss-ai/serving-api/backend:.*|image: ghcr.io/swiss-ai/serving-api/backend:$TAG|" argocd/serving-api/prod/backend-deployment.yaml | |
| sed -i "s|image: ghcr.io/swiss-ai/serving-api/frontend:.*|image: ghcr.io/swiss-ai/serving-api/frontend:$TAG|" argocd/serving-api/prod/frontend-deployment.yaml | |
| - name: Commit and push | |
| run: | | |
| cd argocd | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add serving-api/prod/ | |
| git diff --staged --quiet && echo "No changes to deploy" || (git commit -m "release serving-api ${{ github.event.release.tag_name }}" && git push) | |
| notify: | |
| name: Slack Notification | |
| runs-on: ubuntu-latest | |
| needs: [validate-tag, docker-backend, docker-frontend, deploy] | |
| if: always() | |
| steps: | |
| - name: Notify Slack | |
| uses: slackapi/slack-github-action@v2 | |
| with: | |
| webhook-type: incoming-webhook | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| payload: | | |
| { | |
| "text": "${{ github.repository }} Release — ${{ contains(needs.*.result, 'failure') && 'FAILED' || 'published' }}\nTag: ${{ github.event.release.tag_name }}\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View run>" | |
| } |