statgpt-backend/.github/workflows/release.yml at f36696d9d43643efc90cfbb829cd4efdc2541bdb · epam/statgpt-backend · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Release Workflow

on:
  push:
    branches: [development, release-*]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  test:
    uses: ./.github/workflows/test.yml
    secrets: inherit
    with:
      bypass-checks: false
      style-checks-enabled: true
      style-checks-bypassed: false
      code-checks-enabled: true
      code-checks-bypassed: false
      ort-enabled: true
      ort-bypassed: false
      ort-version: "latest"
      python-version: "3.11"
      poetry-version: "2.1.1"
      runs-on: '["ubuntu-24.04"]'

  calculate_version:
    runs-on: ubuntu-24.04
    outputs:
      next-version: ${{ steps.semantic_versioning.outputs.next-version }}
      next-version-without-hyphens: ${{ steps.semantic_versioning.outputs.next-version-without-hyphens }}
      is-latest: ${{ steps.semantic_versioning.outputs.is-latest }}
      latest-tag: ${{ steps.semantic_versioning.outputs.latest-tag }}
    steps:
      - uses: epam/ai-dial-ci/actions/semantic_versioning@2.7.3
        id: semantic_versioning

  release:
    runs-on: ubuntu-24.04
    needs: [test, calculate_version]
    permissions:
      contents: read
      packages: write
      security-events: write
    strategy:
      matrix:
        include:
          - image-name: "epam/statgpt-chat-backend"
            dockerfile: "docker/chat.Dockerfile"
          - image-name: "epam/statgpt-admin-backend"
            dockerfile: "docker/admin.Dockerfile"

    steps:
      - name: Maximize build space
        uses: nepalevov/maximize-build-space@a1a975ceb44dddb1023067778f5c0111825ade6c # v1.0.1
        if: false # Maximize build space by removing unwanted software if set to true
        with:
          remove-dotnet: "true"
          remove-android: "true"
          remove-haskell: "true"
          remove-codeql: "true"
          docker-cleanup: "true"
          remove-large-packages: "true"
          remove-cached-tools: "true"
          remove-swapfile: "true"
          remove-java: "true"
          remove-swift: "true"
          remove-julia: "true"
          remove-browsers: "true"
          remove-cloud-tools: "true"
          remove-kubernetes-tools: "true"
          remove-powershell: "true"
          remove-container-tools: "true"
          remove-rust: "true"
          remove-python: "true"
          remove-node: "true"
          remove-go: "true"
          remove-ruby: "true"
          set-tmpdir: "true"

      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          lfs: true
          token: ${{ secrets.ACTIONS_BOT_TOKEN }}

      - name: Set version in pyproject.toml for Docker build
        shell: bash
        run: |
          sed -i "s/^version = .*/version = \"${{ needs.calculate_version.outputs.next-version-without-hyphens }}\"/g" pyproject.toml

      - uses: ./.github/actions/build_docker
        with:
          image-name: ${{ matrix.image-name }}
          dockerfile-path: ${{ matrix.dockerfile }}
          image-tag: ${{ needs.calculate_version.outputs.next-version }}
          push-enabled: true
          trivy-enabled: true
          bypass-checks: false
          trivy-severity: "CRITICAL,HIGH"
          trivy-severity-for-sarif: "CRITICAL,HIGH"
          trivy-limit-severities-for-sarif: true
          platforms: "linux/amd64"
          ghcr-username: ${{ github.actor }}
          ghcr-password: ${{ secrets.ACTIONS_BOT_TOKEN }}
          dockerhub-username: ${{ secrets.DOCKERHUB_LOGIN }}
          dockerhub-password: ${{ secrets.DOCKERHUB_TOKEN }}
          image-extra-aliases: |
            ghcr.io/${{ matrix.image-name }}:${{ needs.calculate_version.outputs.next-version }}
            ${{ github.ref == 'refs/heads/development' && format('{0}:development', matrix.image-name) || '' }}
            ${{ github.ref == 'refs/heads/development' && format('ghcr.io/{0}:development', matrix.image-name) || '' }}
            ${{ startsWith(github.ref, 'refs/heads/release-') && needs.calculate_version.outputs.is-latest == 'true' && format('{0}:latest', matrix.image-name) || '' }}
            ${{ startsWith(github.ref, 'refs/heads/release-') && needs.calculate_version.outputs.is-latest == 'true' && format('ghcr.io/{0}:latest', matrix.image-name) || '' }}

  create_release:
    runs-on: ubuntu-24.04
    needs: [calculate_version, release]
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          token: ${{ secrets.ACTIONS_BOT_TOKEN }}

      - name: Set version in pyproject.toml for release
        shell: bash
        run: |
          sed -i "s/^version = .*/version = \"${{ needs.calculate_version.outputs.next-version-without-hyphens }}\"/g" pyproject.toml

      - uses: epam/ai-dial-ci/actions/generate_release_notes@2.7.3
        with:
          latest-tag: ${{ needs.calculate_version.outputs.latest-tag }}

      - uses: epam/ai-dial-ci/actions/publish_tag_release@2.7.3
        with:
          tag-version: ${{ needs.calculate_version.outputs.next-version }}
          changelog-file: "/tmp/my_changelog" # Comes from generate_release_notes step
          extra-commit-command: |
            git config --global user.name "statgpt-actions"
            git config --global user.email "231008922+statgpt-actions@users.noreply.github.com"
            git add pyproject.toml
            git commit -m '[skip ci] Update version' || true