This repository was archived by the owner on Sep 6, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
127 lines (112 loc) · 4.06 KB
/
release.yml
File metadata and controls
127 lines (112 loc) · 4.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: release
run-name: Deploy to ${{ inputs.TARGET_ENVIRONMENT }} by @${{ github.actor }} from ${{ github.ref_name }}
on:
workflow_dispatch:
inputs:
TARGET_ENVIRONMENT:
type: choice
description: "The environment to release to (dev, staging, prod)"
default: "dev"
required: true
options:
- dev
- staging
- prod
APPS:
type: string
description: "The apps to release with this format: `app-dir1=version1,app-dir2=version2`. E. g.: `go=v1.0.0,java=v1.0.0,python=v1.0.0`"
required: true
permissions:
contents: read
packages: read
jobs:
update_apps:
if: ${{ inputs.APPS != '' }}
runs-on: ubuntu-latest
environment: ${{ inputs.TARGET_ENVIRONMENT || 'dev' }}
env:
BUCKET: ${{ secrets.S3_BUCKET }}
FOLDER: ${{ secrets.S3_FOLDER }}
MANIFEST: ${{ secrets.S3_MANIFEST }}
ROLE: ${{ secrets.AWS_DEVTOOLS_ROLE }}
REGION: ${{ secrets.AWS_REGION }}
GH_TOKEN: ${{ github.token }}
API_ENDPOINT: ${{ secrets.API_ENDPOINT }}
CONSOLE_URL: ${{ secrets.CONSOLE_URL }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
GO_VERSION: ""
PYTHON_VERSION: ""
permissions:
id-token: write
contents: write
steps:
- name: Configure git with the bot credentials
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.NEXTMVBOT_SSH_KEY }}"
echo "${{ secrets.NEXTMVBOT_SIGNING_KEY }}" > ~/.ssh/signing.key
chmod 600 ~/.ssh/signing.key
git config --global user.name "nextmv-bot"
git config --global user.email "tech+gh-nextmv-bot@nextmv.io"
git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/signing.key
git clone git@github.com:nextmv-io/templates.git
cd templates
git fetch --all
git checkout ${{ github.ref_name }}
git pull
- name: set Python version
run: |
export PYTHON_VERSION=$(yq '.language-support.python.version' workflow-configuration.yml)
echo "This is the Python version => $PYTHON_VERSION"
echo "PYTHON_VERSION=${PYTHON_VERSION}" >> $GITHUB_ENV
working-directory: ./templates/.nextmv
- name: set up Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: set go version
run: |
export GO_VERSION=$(yq '.language-support.go.version' workflow-configuration.yml)
echo "This is the Go version => $GO_VERSION"
echo "GO_VERSION=${GO_VERSION}" >> $GITHUB_ENV
working-directory: ./templates/.nextmv
- name: set up go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/*.sum"
- name: Install Python dependencies
run: |
pip install --upgrade pip
pip install -r requirements.txt
working-directory: ./templates/.nextmv
- name: Set up AWS CLI
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.ROLE }}
aws-region: ${{ env.REGION }}
role-duration-seconds: 1200
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
cache: "maven"
- name: Upload apps and update manifest
run: |
python update_apps.py \
--apps "${{ inputs.APPS }}" \
--bucket "${{ env.BUCKET }}" \
--folder "${{ env.FOLDER }}" \
--manifest "${{ env.MANIFEST }}"
working-directory: ./templates/.nextmv
- name: Commit new versions
if: ${{ github.ref_name == 'develop' && inputs.TARGET_ENVIRONMENT == 'prod' }}
run: |
git add */VERSION
git commit -S -m "Bump app versions: ${{ inputs.APPS }}"
git push
working-directory: ./templates