Add SDLC workflows

Emil Matyjaszewski · Emil Matyjaszewski · commit b56fb98fee6f · 2025-04-07T14:35:02.000+02:00
diff --git a/.github/workflows/sdlc-develop-push.yml b/.github/workflows/sdlc-develop-push.yml
@@ -0,0 +1,47 @@
+name: SDLC - Develop push
+
+on:
+  push:
+    branches:
+      - develop
+
+jobs:
+  build-push-develop:
+    name: "Build & push image"
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/develop'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push develop image
+        run: |
+          IMAGE_TAG="develop"
+          docker buildx create --use
+          docker buildx build \
+            --cache-from ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:cache-$IMAGE_TAG-dist \
+            --cache-to ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:cache-$IMAGE_TAG-dist \
+            -t ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:$IMAGE_TAG-dist \
+            -f ./Dockerfile \
+            --push \
+            ./
+
+  deploy:
+    name: "Trigger deployment"
+    needs: [build-push-develop]
+    uses: ./.github/workflows/trigger-azure-pipeline.yml
+    with:
+      azure-organization: ${{ vars.AZURE_ORGANIZATION }}
+      azure-project: ${{ vars.AZURE_PROJECT }}
+      azure-pipeline-id: 1634
+    secrets:
+      azure-pat: ${{ secrets.AZURE_PAT }}
diff --git a/.github/workflows/sdlc-stable.yml b/.github/workflows/sdlc-stable.yml
@@ -0,0 +1,54 @@
+name: SDLC - Stable create
+
+on:
+  create:
+    branches:
+      - 'stable/*'
+
+jobs:
+  stable-create:
+    name: "Prepare application version"
+    runs-on: ubuntu-latest
+    if: github.event_name == 'create' && startsWith(github.ref, 'refs/heads/stable/')
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - id: version
+        name: Extract stable version from branch name
+        run: |
+          BRANCH_NAME=${GITHUB_REF#refs/heads/stable/}
+          VERSION=$(echo $BRANCH_NAME | cut -d '.' -f1,2)
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Remove "-RC" suffix in pyproject.toml
+        run: |
+          git checkout $GITHUB_REF_NAME
+          sed -i 's/-RC//' pyproject.toml
+          git config user.name "github-actions"
+          git config user.email "github-actions@github.com"
+          git commit -am "Remove -RC suffix for stable release ${{ env.VERSION }}"
+          git push origin $GITHUB_REF_NAME
+
+  build-push-stable:
+    name: "Build & push image"
+    runs-on: ubuntu-latest
+    needs: [stable-create]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Retag and push stable image
+        run: |
+          docker pull ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.stable-create.outputs.version }}-RC
+          docker tag ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.stable-create.outputs.version }}-RC ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ env.VERSION }}
+          docker push ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.stable-create.outputs.version }}
diff --git a/.github/workflows/sdlc-uat-create.yml b/.github/workflows/sdlc-uat-create.yml
@@ -0,0 +1,73 @@
+name: SDLC - UAT create
+
+on:
+  create:
+    branches:
+      - 'uat/*'
+
+jobs:
+  version-bump-on-uat-create:
+    name: "Bump application version"
+    runs-on: ubuntu-latest
+    if: github.event_name == 'create' && startsWith(github.ref, 'refs/heads/uat/')
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Extract version from branch name
+        run: |
+          BRANCH_NAME=${GITHUB_REF#refs/heads/uat/}
+          VERSION=$(echo $BRANCH_NAME | cut -d '.' -f1,2)
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+
+      - name: Bump minor version in develop
+        run: |
+          git remote update
+          git fetch
+          git checkout develop
+          OLD_VERSION=$(grep '^version =' pyproject.toml | awk '{print $3}')
+          MAJOR=$(echo $OLD_VERSION | cut -d. -f1)
+          MINOR=$(echo $OLD_VERSION | cut -d. -f2)
+          PATCH=$(echo $OLD_VERSION | cut -d. -f3)
+          NEW_MINOR=$((MINOR + 1))
+          NEW_VERSION="$MAJOR.$NEW_MINOR.$PATCH"
+          sed -i "s/^version = .*/version = $NEW_VERSION/" pyproject.toml
+          git config user.name "github-actions"
+          git config user.email "github-actions@github.com"
+          git commit -am "Bump version to $NEW_VERSION"
+          git push origin develop
+
+      - id: version
+        name: Add RC suffix in pyproject.toml
+        run: |
+          git checkout $GITHUB_REF_NAME
+          OLD_VERSION=$(grep '^version =' pyproject.toml | awk '{print $3}')
+          NEW_VERSION="$OLD_VERSION-RC"
+          echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
+          echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT
+          sed -i "s/^version = .*/version = $NEW_VERSION/" pyproject.toml
+          git config user.name "github-actions"
+          git config user.email "github-actions@github.com"
+          git commit -am "Bump version to $NEW_VERSION"
+          git push origin $GITHUB_REF_NAME
+
+  build-push-uat:
+    name: "Build & push image"
+    runs-on: ubuntu-latest
+    needs: [version-bump-on-uat-create]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push RC image
+        run: |
+          docker build -t ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.version-bump-on-uat-create.outputs.version }} .
+          docker push ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.version-bump-on-uat-create.outputs.version }}
diff --git a/.github/workflows/sdlc-uat-push.yml b/.github/workflows/sdlc-uat-push.yml
@@ -0,0 +1,66 @@
+name: SDLC - UAT push
+
+on:
+  push:
+    branches:
+      - 'uat/*'
+
+jobs:
+  version-bump-on-uat-push:
+    name: "Bump application version"
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/uat/') &&
+      github.event.created == false
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - id: version
+        name: Bump patch version in pyproject.toml
+        run: |
+          OLD_VERSION=$(grep '^version =' pyproject.toml | awk '{print $3}')
+          MAJOR=$(echo $OLD_VERSION | cut -d. -f1)
+          MINOR=$(echo $OLD_VERSION | cut -d. -f2)
+          PATCH=$(echo $OLD_VERSION | cut -d. -f3)
+          NEW_PATCH=$((PATCH + 1))
+          NEW_VERSION="$MAJOR.$MINOR.$NEW_PATCH-RC"
+          echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
+          echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT
+          sed -i "s/^version = .*/version = $NEW_VERSION/" pyproject.toml
+          git config user.name "github-actions"
+          git config user.email "github-actions@github.com"
+          git commit -am "Bump version to $NEW_VERSION"
+          git push origin $GITHUB_REF_NAME
+
+  build-push-uat:
+    name: "Build & push image"
+    runs-on: ubuntu-latest
+    needs: [version-bump-on-uat-push]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push RC image
+        run: |
+          docker build -t ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.version-bump-on-uat-push.outputs.version }} .
+          docker push ${{ vars.DOCKERHUB_ORGANIZATION }}/${{ var.DOCKERHUB_REPOSITORY }}:${{ needs.version-bump-on-uat-push.outputs.version }}
+
+
+  deploy:
+    name: "Trigger deployment"
+    needs: [build-push-uat]
+    uses: ./.github/workflows/trigger-azure-pipeline.yml
+    with:
+      azure-organization: ${{ vars.AZURE_ORGANIZATION }}
+      azure-project: ${{ vars.AZURE_PROJECT }}
+      azure-pipeline-id: 1634
+    secrets:
+      azure-pat: ${{ secrets.AZURE_PAT }}
diff --git a/.github/workflows/trigger-azure-pipeline.yml b/.github/workflows/trigger-azure-pipeline.yml
@@ -0,0 +1,50 @@
+name: Trigger pipeline in Azure Pipelines
+
+on:
+  workflow_call:
+    inputs:
+      azure-organization:
+        required: true
+        type: string
+      azure-project:
+        required: true
+        type: string
+      azure-pipeline-id:
+        required: true
+        type: number
+    secrets:
+      azure-pat:
+        required: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Trigger deploy
+        run: |
+          pipelineId=${{ inputs.azure-pipeline-id }} 
+
+          IFS=',' read -ra pipelines <<< "$pipelineId"
+          for pipeline in "${pipelines[@]}"; do
+            jsonBody='{"variables": {"sha": {"isSecret": false, "value": "${{ github.sha }}"}, "tag": {"isSecret": false, "value": "${{ github.sha }}"}}}'
+            contentLength=$(echo -n $jsonBody | wc -c)
+            organization=${{ inputs.azure-organization }}
+            project=${{ inputs.azure-project }}
+
+            echo Triggering deploy for pipeline $pipeline
+            echo JSON body: $jsonBody
+
+            curl -f -v -L \
+              -u ":${{ secrets.azure-pat }}" \
+              -H "Content-Type: application/json" \
+              -H "Content-Length: $contentLength" \
+              -d "$jsonBody" \
+              https://dev.azure.com/$organization/$project/_apis/pipelines/$pipeline/runs?api-version=7.1-preview.1
+            if [ $? -ne 0 ]; then
+              echo "Failed to trigger deploy for pipeline $pipeline"
+              exit 1
+            fi
+          done
