superlint/.github/workflows/deploy-release.yml

156 lines
6.1 KiB
YAML

---
name: Deploy super-linter release container images
on:
release:
types: [published]
workflow_dispatch:
inputs:
release_version:
description: 'version to release. Ex: v4.3.2'
required: true
default: 'v'
jobs:
build:
name: Deploy container image - Release
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
images:
- container-image-id-prefix: slim-
deployment-environment-identifier: Release-SLIM
- container-image-id-prefix: ""
deployment-environment-identifier: Release
timeout-minutes: 60
steps:
- name: Setup Docker BuildX
uses: docker/setup-buildx-action@v2.0.0
- name: Login to DockerHub
uses: docker/login-action@v2.0.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2.0.0
with:
registry: ghcr.io
username: ${{ secrets.GCR_USERNAME }}
password: ${{ secrets.GCR_TOKEN }}
- name: Get current release identifier
# shellcheck disable=SC2062
run: |
RELESE_VERSION="${{ github.event.release.name }}"
if [ -z "${RELEASE_VERSION}" ]; then
echo "No release version found in environment, using input..."
RELEASE_VERSION="${{ github.event.inputs.release_version }}"
fi
# Check the RELEASE_VERSION again
if [ -z "${RELEASE_VERSION}" ]; then
echo "Error RELEASE_VERSION is empty. Exiting..."
exit 1
fi
if ! echo "${RELEASE_VERSION}" | grep -E -o "v[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+"; then
echo "Error: RELEASE_VERSION doesn't look like a semantic version: ${RELEASE_VERSION}"
exit 2
fi
{
echo "RELEASE_VERSION=${RELESE_VERSION}"
echo "SEMVER_VERSION=${RELEASE_VERSION#v}"
echo "SEMVER_MAJOR_VERSION=${SEMVER_VERSION%%.*}"
echo "SEMVER_MAJOR_VERSION_WITH_PREFIX=v${SEMVER_MAJOR_VERSION}"
} >> "${GITHUB_ENV}"
- name: Start deployment for the ${{ matrix.images.deployment-environment-identifier }} environment
uses: bobheadxi/deployments@v1.3.0
id: deployment
with:
step: start
token: ${{ secrets.GITHUB_TOKEN }}
env: ${{ matrix.images.deployment-environment-identifier }}
# We don't rebuild the image to avoid that the latest tag and the release tags don't point to what the release tag is pointing to.
# Instead, we pull the latest image and tag it.
- name: Add release tags and push image
uses: akhilerm/tag-push-action@v2.0.0
with:
src: ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}latest
dst: |
github/super-linter:${{ matrix.images.container-image-id-prefix }}v4
github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ env.RELEASE_VERSION }}
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}v4
ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ env.RELEASE_VERSION }}
- name: Checkout code
uses: actions/checkout@v3
with:
# Full git history is needed to get a proper list of commits and tags
fetch-depth: 0
# We use ^{} to recursively deference the tag to get the commit the tag is pointing at.
# Then, we use that reference to create new tags, so that the new tags point to the commit
# the original tag was pointing to, and not to the original tag.
# This notation is documented at https://git-scm.com/docs/gitrevisions#Documentation/gitrevisions.txt-emltrevgtemegemv0998em
- name: Update the major version and latest tags
run: |
git tag --force "${SEMVER_MAJOR_VERSION_WITH_PREFIX}" "${RELEASE_VERSION}^{}"
git tag --force latest "${RELEASE_VERSION}^{}"
git push --force origin "refs/tags/${SEMVER_MAJOR_VERSION_WITH_PREFIX}" "refs/tags/latest"
- name: Update the deployment status for the ${{ matrix.images.deployment-environment-identifier }} environment
uses: bobheadxi/deployments@v1.3.0
if: always()
with:
step: finish
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
deployment_id: ${{ steps.deployment.outputs.deployment_id }}
env: ${{ steps.deployment.outputs.env }}
env_url: https://github.com/github/super-linter/releases/tag/${{ env.RELEASE_VERSION }}
- name: Create a GitHub issue on failure
if: failure()
uses: actions/github-script@v6
id: create-issue
with:
# https://octokit.github.io/rest.js/v18#issues-create
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const create = await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: "Failed to deploy release to production",
body: "Automation has failed us! Failed to push release ${{ env.RELEASE_VERSION }}\nMore information can be found at:\n - ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
})
console.log('create', create)
return create.data.number
- name: Assign admins to the issue created on failure
uses: actions/github-script@v6
if: failure()
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
github.rest.issues.addAssignees({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: "${{ steps.create-issue.outputs.result }}",
assignees: [
'admiralawkbar',
'lindluni',
'IAmHughes',
'nemchik',
'Hanse00',
'GaboFDC',
'ferrarimarco'
]
})