84 lines
3.7 KiB
YAML
84 lines
3.7 KiB
YAML
name: CD Pipeline
|
|
on: # rebuild any PRs and main branch changes
|
|
push:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- 'containers/**'
|
|
env:
|
|
CSP_API_URL: https://console.cloud.vmware.com
|
|
CSP_API_TOKEN: ${{ secrets.CSP_API_TOKEN }}
|
|
VIB_PUBLIC_URL: https://cp.bromelia.vmware.com
|
|
jobs:
|
|
get-containers:
|
|
runs-on: ubuntu-latest
|
|
name: Get modified containers path
|
|
outputs:
|
|
result: ${{ steps.get-containers.outputs.result }}
|
|
containers: ${{ steps.get-containers.outputs.containers }}
|
|
steps:
|
|
- id: get-containers
|
|
name: Get modified containers path
|
|
env:
|
|
GITHUB_COMMITS: ${{ toJson(github.event.commits) }}
|
|
run: |
|
|
if [[ "${{ github.event.forced }}" == "false" ]]; then
|
|
# Get all commits associated to the push
|
|
commits=($(echo "${GITHUB_COMMITS}" | jq -r '.[] | .id'))
|
|
containers=()
|
|
for commit in "${commits[@]}"; do
|
|
# Using the Github API to detect the files changed as git merge-base stops working when the branch is behind
|
|
URL="https://api.github.com/repos/${{ github.repository }}/commits/${commit}"
|
|
files_changed_data=$(curl -s --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -X GET -G "$URL")
|
|
files_changed="$(echo $files_changed_data | jq -r '.files[] | .filename')"
|
|
# Adding || true to avoid "Process exited with code 1" errors
|
|
containers+=($(echo "$files_changed" | xargs dirname | grep -o "containers/[^/]*/[^/]*/[^/]*" | sort | uniq || true))
|
|
done
|
|
|
|
if [[ "${#containers[@]}" -le "0" ]]; then
|
|
echo "No changes detected in containers. The rest of the steps will be skipped."
|
|
echo "::set-output name=result::skip"
|
|
else
|
|
containers_json=$(printf "%s\n" "${containers[@]}" | jq -R . | jq -cs .)
|
|
echo "::set-output name=result::ok"
|
|
echo "::set-output name=containers::${containers_json}"
|
|
fi
|
|
else
|
|
echo "Forced push detected. CD pipeline will be skipped"
|
|
echo "::set-output name=result::skip"
|
|
fi
|
|
vib-publish:
|
|
runs-on: ubuntu-latest
|
|
needs: get-containers
|
|
if: ${{ needs.get-containers.outputs.result == 'ok' }}
|
|
name: publish
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
container: ${{ fromJSON(needs.get-containers.outputs.containers) }}
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
name: Checkout Repository
|
|
# Required to search the latest commit with the tag
|
|
with:
|
|
fetch-depth: 0
|
|
- id: get-container-metadata
|
|
name: Get image tag and container name
|
|
run: |
|
|
tag="$(git log --pretty=tformat:"%s" -n 1 --grep=" release$" --author bitnami-bot@vmware.com --author containers@bitnami.com --author containers-bot@bitnami.com -- ${{ matrix.container }} | awk '{print $1}')"
|
|
name="$(echo "${{ matrix.container }}" | awk -F '/' '{print $2}')"
|
|
echo "::set-output name=tag::${tag}"
|
|
echo "::set-output name=name::${name}"
|
|
- uses: vmware-labs/vmware-image-builder-action@main
|
|
name: "Publish ${{ steps.get-container-metadata.outputs.name }}: ${{ steps.get-container-metadata.outputs.tag }}"
|
|
with:
|
|
pipeline: vib-publish.json
|
|
env:
|
|
# Path with docker resources
|
|
VIB_ENV_PATH: ${{ matrix.container }}
|
|
# Container name
|
|
VIB_ENV_CONTAINER: ${{ steps.get-container-metadata.outputs.name }}
|
|
VIB_ENV_TAG: ${{ steps.get-container-metadata.outputs.tag }}
|
|
VIB_ENV_REGISTRY_URL: ${{ secrets.OCI_REGISTRY_URL }}
|
|
VIB_ENV_REGISTRY_USERNAME: ${{ secrets.OCI_REGISTRY_USERNAME }}
|
|
VIB_ENV_REGISTRY_PASSWORD: ${{ secrets.OCI_REGISTRY_PASSWORD }} |