55
66env :
77 GHCR_REGISTRY : ghcr.io
8- GHCR_UI_IMAGE_NAME : " ${{ github.repository }}/ui"
8+ GHCR_UI_IMAGE_NAME : ${{ github.repository }}/ui
9+ GHCR_PS_IMAGE_NAME : ${{ github.repository }}/pathservice
910 QUAY_REGISTRY : quay.io
1011 QUAY_UI_IMAGE_NAME : instructlab-ui/ui
11- GHCR_PS_IMAGE_NAME : " ${{ github.repository }}/pathservice"
1212 QUAY_PS_IMAGE_NAME : instructlab-ui/pathservice
1313
1414jobs :
@@ -23,31 +23,22 @@ jobs:
2323 id-token : write
2424
2525 steps :
26- - name : Extract Release Tag
27- id : get_release_tag
28- run : |-
29- RELEASE_TAG="release-${{ github.event.release.tag_name }}"
30- echo "RELEASE_TAG=${RELEASE_TAG}" >> "$GITHUB_ENV"
31-
3226 - name : Check out the repo
3327 uses : actions/checkout@v4
34- with :
35- token : ${{ secrets.BOT_PAT }}
36- ref : " ${{ steps.get_release_tag.outputs.RELEASE_TAG }}"
3728
3829 - name : Log in to the GHCR container image registry
3930 uses : docker/login-action@v3
4031 with :
41- registry : " ${{ env.GHCR_REGISTRY }}"
42- username : " ${{ github.actor }}"
43- password : " ${{ secrets.GITHUB_TOKEN }}"
32+ registry : ${{ env.GHCR_REGISTRY }}
33+ username : ${{ github.actor }}
34+ password : ${{ secrets.GITHUB_TOKEN }}
4435
4536 - name : Log in to the Quay container image registry
4637 uses : docker/login-action@v3
4738 with :
48- registry : " ${{ env.QUAY_REGISTRY }}"
49- username : " ${{ secrets.QUAY_USERNAME }}"
50- password : " ${{ secrets.QUAY_TOKEN }}"
39+ registry : ${{ env.QUAY_REGISTRY }}
40+ username : ${{ secrets.QUAY_USERNAME }}
41+ password : ${{ secrets.QUAY_TOKEN }}
5142
5243 - name : Set up Docker Buildx
5344 uses : docker/setup-buildx-action@v3
@@ -56,15 +47,15 @@ jobs:
5647 uses : actions/cache@v4
5748 with :
5849 path : /tmp/.buildx-cache
59- key : " ${{ runner.os }}-buildx-${{ github.sha }}"
50+ key : ${{ runner.os }}-buildx-${{ github.sha }}
6051 restore-keys : |-
61- " ${{ runner.os }}-buildx-"
52+ ${{ runner.os }}-buildx-
6253
6354name : Extract metadata (tags, labels) for UI image
6455 id : ghcr_ui_meta
6556 uses : docker/metadata-action@v5
6657 with :
67- images : " ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_UI_IMAGE_NAME }}"
58+ images : ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_UI_IMAGE_NAME }}
6859
6960 - name : Extract metadata (tags, labels) for UI image
7061 id : quay_ui_meta
@@ -78,14 +69,12 @@ jobs:
7869 with :
7970 context : .
8071 push : true
81- tags : |-
82- "${{ steps.ghcr_ui_meta.outputs.tags }}"
83- "${{ env.GHCR_REGISTRY }}/${{ env.GHCR_UI_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}"
72+ tags : ${{ steps.ghcr_ui_meta.outputs.tags }}
8473 labels : ${{ steps.ghcr_ui_meta.outputs.labels }}
8574 platforms : linux/amd64,linux/arm64
8675 cache-from : type=gha
8776 cache-to : type=gha,mode=max
88- file : Containerfile
77+ file : src/ Containerfile
8978
9079 - name : Generate Prod UI GHCR artifact attestation
9180 uses : actions/attest-build-provenance@v2
@@ -100,27 +89,25 @@ jobs:
10089 with :
10190 context : .
10291 push : true
103- tags : |-
104- "${{ steps.quay_ui_meta.outputs.tags }}"
105- "${{ env.QUAY_REGISTRY }}/${{ env.QUAY_UI_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}"
92+ tags : ${{ steps.quay_ui_meta.outputs.tags }}
10693 labels : ${{ steps.quay_ui_meta.outputs.labels }}
10794 platforms : linux/amd64,linux/arm64
10895 cache-from : type=gha
10996 cache-to : type=gha,mode=max
110- file : Containerfile
97+ file : src/ Containerfile
11198
11299 - name : Generate PROD UI Quay artifact attestation
113100 uses : actions/attest-build-provenance@v2
114101 with :
115102 subject-name : ${{ env.QUAY_REGISTRY }}/${{ env.QUAY_UI_IMAGE_NAME}}
116103 subject-digest : ${{ steps.push-ui-quay.outputs.digest }}
117104 push-to-registry : true
118-
105+
119106 - name : Re-Checkout main on the repo
120107 uses : actions/checkout@v4
121108 with :
122- token : " ${{ secrets.BOT_PAT }}"
123- ref : " main"
109+ token : ${{ secrets.BOT_PAT }}
110+ ref : main
124111
125112 - name : Update coderefs before code changes
126113 run : |-
@@ -129,7 +116,7 @@ jobs:
129116name : Update Prod Quay PS image
130117 id : update_prod_ui_manifest_image
131118 env :
132- RELEASE_TAG : ${{ steps.get_release_tag.outputs.RELEASE_TAG }}
119+ RELEASE_TAG : ${{ github.event.release.tag_name }}
133120 run : |-
134121 sudo wget https://github.com/mikefarah/yq/releases/download/v4.34.1/yq_linux_amd64 -O /usr/local/bin/yq
135122 sudo chmod +x /usr/local/bin/yq
@@ -142,7 +129,7 @@ jobs:
142129 git config user.name "platform-engineering-bot"
143130 git config user.email "platform-engineering@redhat.com"
144131 git add deploy/k8s/overlays/openshift/prod/kustomization.yaml
145- git commit -m "[CI AUTOMATION]: Bumping Prod UI image to tag: ${{ steps.get_release_tag.outputs.RELEASE_TAG }}" -s
132+ git commit -m "[CI AUTOMATION]: Bumping Prod UI image to tag: ${{ github.event.release.tag_name }}" -s
146133 git push origin main
147134
148135build_and_publish_ps_prod_image :
@@ -156,17 +143,8 @@ jobs:
156143 id-token : write
157144
158145 steps :
159- - name : Extract Release Tag
160- id : get_release_tag
161- run : |-
162- RELEASE_TAG="release-${{ github.event.release.tag_name }}"
163- echo "RELEASE_TAG=${RELEASE_TAG}" >> "$GITHUB_ENV"
164-
165146 - name : Check out the repo
166147 uses : actions/checkout@v4
167- with :
168- token : ${{ secrets.BOT_PAT }}
169- ref : " ${{ steps.get_release_tag.outputs.RELEASE_TAG }}"
170148
171149 - name : Log in to the GHCR container image registry
172150 uses : docker/login-action@v3
@@ -211,14 +189,12 @@ jobs:
211189 with :
212190 context : .
213191 push : true
214- tags : |-
215- "${{ steps.ghcr_ps_meta.outputs.tags }}"
216- "${{ env.GHCR_REGISTRY }}/${{ env.GHCR_PS_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}"
192+ tags : ${{ steps.ghcr_ps_meta.outputs.tags }}
217193 labels : ${{ steps.ghcr_ps_meta.outputs.labels }}
218194 platforms : linux/amd64,linux/arm64
219195 cache-from : type=gha
220196 cache-to : type=gha,mode=max
221- file : Containerfile
197+ file : pathservice/ Containerfile
222198
223199 - name : Generate GHCR PS Image attestation
224200 uses : actions/attest-build-provenance@v2
@@ -233,14 +209,12 @@ jobs:
233209 with :
234210 context : .
235211 push : true
236- tags : |-
237- "${{ steps.quay_ps_meta.outputs.tags }}"
238- "${{ env.QUAY_REGISTRY }}/${{ env.QUAY_PS_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}"
212+ tags : ${{ steps.quay_ps_meta.outputs.tags }}
239213 labels : ${{ steps.quay_ps_meta.outputs.labels }}
240214 platforms : linux/amd64,linux/arm64
241215 cache-from : type=gha
242216 cache-to : type=gha,mode=max
243- file : Containerfile
217+ file : pathservice/ Containerfile
244218
245219 - name : Generate Quay PS Image attestation
246220 uses : actions/attest-build-provenance@v2
@@ -252,17 +226,17 @@ jobs:
252226 - name : Checkout main on the repo
253227 uses : actions/checkout@v4
254228 with :
255- token : " ${{ secrets.BOT_PAT }}"
256- ref : " main"
229+ token : ${{ secrets.BOT_PAT }}
230+ ref : main
257231
258232 - name : Update coderefs before code changes
259233 run : |-
260234 git pull --ff-only
261-
235+
262236name : Update Prod Quay PS image
263237 id : update_prod_ps_manifest_image
264238 env :
265- RELEASE_TAG : ${{ steps.get_release_tag.outputs.RELEASE_TAG }}
239+ RELEASE_TAG : ${{ github.event.release.tag_name }}
266240 run : |-
267241 sudo wget https://github.com/mikefarah/yq/releases/download/v4.34.1/yq_linux_amd64 -O /usr/local/bin/yq
268242 sudo chmod +x /usr/local/bin/yq
@@ -275,5 +249,5 @@ jobs:
275249 git config user.name "platform-engineering-bot"
276250 git config user.email "platform-engineering@redhat.com"
277251 git add deploy/k8s/overlays/openshift/prod/kustomization.yaml
278- git commit -m "[CI AUTOMATION]: Bumping Prod PS image to tag: ${{ steps.get_release_tag.outputs.RELEASE_TAG }}" -s
252+ git commit -m "[CI AUTOMATION]: Bumping Prod PS image to tag: ${{ github.event.release.tag_name }}" -s
279253 git push origin main
0 commit comments