Build And Upload Job #3198
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build And Upload Job | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| commit_sha: | |
| description: "Specific commit SHA to checkout" | |
| required: true | |
| type: string | |
| tracking_id: | |
| description: "Unique tracking ID used for identifying the workflow run" | |
| required: false | |
| type: string | |
| environment: | |
| description: "Target environment for deployment, e.g. staging" | |
| required: true | |
| type: string | |
| job_names: | |
| description: "Name of the jobs to build-and-upload, e.g. api, template-manager, separated by ;" | |
| required: true | |
| type: string | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: deploy-${{ inputs.environment }} | |
| cancel-in-progress: false | |
| jobs: | |
| deploy: | |
| name: Build and upload job to the ${{ inputs.environment }} environment | |
| runs-on: ci-builder | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ inputs.commit_sha }} | |
| - name: Setup environment | |
| uses: ./.github/actions/deploy-setup | |
| with: | |
| environment: ${{ inputs.environment }} | |
| infisical_client_id: ${{ secrets.INFISICAL_CLIENT_ID }} | |
| infisical_client_secret: ${{ secrets.INFISICAL_CLIENT_SECRET }} | |
| install_gcloud: "true" | |
| - name: Set up Docker | |
| env: | |
| GCP_REGION: ${{ env.GCP_REGION }} | |
| run: | | |
| gcloud auth configure-docker "${GCP_REGION}-docker.pkg.dev" --quiet | |
| export ACCESS_TOKEN=$(gcloud auth print-access-token) | |
| export DOCKER_AUTH_BASE64=$(echo -n "{\"username\":\"oauth2accesstoken\",\"password\":\"$ACCESS_TOKEN\"}" | base64 -w 0) | |
| echo "::add-mask::$DOCKER_AUTH_BASE64" | |
| echo "DOCKER_AUTH_BASE64=${DOCKER_AUTH_BASE64}" >> $GITHUB_ENV | |
| shell: bash | |
| - name: Build and upload jobs | |
| env: | |
| AUTO_CONFIRM_DEPLOY: true | |
| run: | | |
| # Parse semicolon-separated job names | |
| IFS=';' read -ra JOBS <<< "${{ inputs.job_names }}" | |
| # Build and upload each job | |
| for job_name in "${JOBS[@]}"; do | |
| # Trim whitespace | |
| job_name=$(echo "$job_name" | xargs) | |
| if [ -n "$job_name" ]; then | |
| echo "::group::Building and uploading job: $job_name" | |
| make build-and-upload/$job_name | |
| echo "::endgroup::" | |
| fi | |
| done |