From b0bfcff029727136315124cbacd01f68a17aafcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Sza=C5=82owski?= Date: Tue, 11 Feb 2025 11:57:28 +0100 Subject: [PATCH 1/9] chore: redeploy frontend --- govtool/frontend/src/components/molecules/Step.tsx | 1 - 1 file changed, 1 deletion(-) diff --git a/govtool/frontend/src/components/molecules/Step.tsx b/govtool/frontend/src/components/molecules/Step.tsx index 7b8e1a0b4..07489df68 100644 --- a/govtool/frontend/src/components/molecules/Step.tsx +++ b/govtool/frontend/src/components/molecules/Step.tsx @@ -40,7 +40,6 @@ export const Step = ({ {stepNumber} - Date: Tue, 11 Feb 2025 12:50:00 +0100 Subject: [PATCH 2/9] chore: add outcome pillars feature flag argument --- govtool/frontend/Dockerfile | 2 ++ govtool/frontend/Dockerfile.qovery | 1 + 2 files changed, 3 insertions(+) diff --git a/govtool/frontend/Dockerfile b/govtool/frontend/Dockerfile index 7c3eb3740..650455b6b 100644 --- a/govtool/frontend/Dockerfile +++ b/govtool/frontend/Dockerfile @@ -9,6 +9,7 @@ ARG VITE_SENTRY_DSN ARG NPMRC_TOKEN ARG VITE_USERSNAP_SPACE_API_KEY ARG VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED='true' +ARG VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED='false' ARG VITE_PDF_API_URL ARG VITE_IPFS_GATEWAY ARG VITE_IPFS_PROJECT_ID @@ -26,6 +27,7 @@ RUN \ : "${NPMRC_TOKEN:?Build argument NPMRC_TOKEN is not set}" && \ : "${VITE_USERSNAP_SPACE_API_KEY:?Build argument VITE_USERSNAP_SPACE_API_KEY is not set}" && \ : "${VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED:?Build argument VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED is not set}" && \ + : "${VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED:?Build argument VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED is not set}" && \ : "${VITE_IPFS_GATEWAY:?Build argument VITE_IPFS_GATEWAY is not set}" && \ : "${VITE_IPFS_PROJECT_ID:?Build argument VITE_IPFS_PROJECT_ID is not set}" diff --git a/govtool/frontend/Dockerfile.qovery b/govtool/frontend/Dockerfile.qovery index 0f871462f..6c75a61f9 100644 --- a/govtool/frontend/Dockerfile.qovery +++ b/govtool/frontend/Dockerfile.qovery @@ -9,6 +9,7 @@ ARG VITE_SENTRY_DSN ARG NPMRC_TOKEN ARG VITE_USERSNAP_SPACE_API_KEY ARG VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED +ARG VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED ARG VITE_PDF_API_URL ARG VITE_IPFS_GATEWAY ARG VITE_IPFS_PROJECT_ID From 4639c98f91d001d6238f7ae02489ef8cd9b96ebd Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Tue, 25 Feb 2025 14:41:55 +0000 Subject: [PATCH 3/9] updates matrix to use main branch with network specific secrets --- .github/workflows/image.yml | 218 ++++++++++++++++++++++++++++++++++++ 1 file changed, 218 insertions(+) create mode 100644 .github/workflows/image.yml diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml new file mode 100644 index 000000000..ce5e83a97 --- /dev/null +++ b/.github/workflows/image.yml @@ -0,0 +1,218 @@ +name: Check and Build Main + +on: + workflow_dispatch + +permissions: + contents: write + pull-requests: write + packages: write + +jobs: + check-build: + environment: ${{ matrix.network }} + strategy: + fail-fast: false + matrix: + include: + - branch: main + network: prod-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-backend + qovery_container_name: govtool-backend + - branch: main + network: prod-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-frontend + qovery_container_name: govtool-frontend + - branch: main + network: prod-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: main + network: pre-prod-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-backend + qovery_container_name: govtool-backend + - branch: main + network: pre-prod-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-frontend + qovery_container_name: govtool-frontend + - branch: main + network: pre-prod-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: main + network: preview-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-backend + qovery_container_name: govtool-backend + - branch: main + network: preview-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-frontend + qovery_container_name: govtool-frontend + - branch: main + network: preview-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + qovery_container_name: govtool-metadata-validation + + + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set TAG Environment Variable + id: set_tag + run: | + if [ "${{ github.ref_name }}" = "main" ]; then + echo "TAG=${{ github.sha }}-${NETWORK}" >> $GITHUB_ENV + else + echo "TAG=${{ github.ref_name }}-${{ github.sha }}-${NETWORK}" >> $GITHUB_ENV + fi + + - name: Lint Dockerfile + id: hadolint + uses: hadolint/hadolint-action@v3.1.0 + with: + failure-threshold: error + format: json + dockerfile: ${{ matrix.dockerfile }} + # output-file: hadolint_output.json + + - name: Save Hadolint output + id: save_hadolint_output + if: always() + run: cd ${{ matrix.workdir }} && echo "$HADOLINT_RESULTS" | jq '.' > hadolint_output.json + + - name: Print Dockerfile lint output + run: | + cd ${{ matrix.workdir }} + echo "-----HADOLINT RESULT-----" + echo "Outcome: ${{ steps.hadolint.outcome }}" + echo "-----DETAILS--------" + cat hadolint_output.json + echo "--------------------" + + - name: Code lint + id: code_lint + run: | + cd ${{ matrix.workdir }} + if [ ! -f lint.sh ]; then + echo "lint skipped" | tee code_lint_output.txt + exit 0 + fi + set -o pipefail + sudo chmod +x lint.sh && ./lint.sh 2>&1 | tee code_lint_output.txt + + - name: Unit tests + id: unit_tests + run: | + cd ${{ matrix.workdir }} + if [ ! -f unit-test.sh ]; then + echo "unit tests skipped" | tee code_lint_output.txt + exit 0 + fi + set -o pipefail + sudo chmod +x unit-test.sh && ./unit-test.sh 2>&1 | tee unit_test_output.txt + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - id: image_lowercase + uses: ASzc/change-string-case-action@v6 + with: + string: ${{ matrix.image }} + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: ${{ matrix.workdir }} + file: ${{ matrix.dockerfile }} + tags: ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }} + load: false + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache + outputs: type=docker,dest=/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar + build-args: | + VITE_APP_ENV=${{ secrets.VITE_APP_ENV }} + VITE_BASE_URL=${{ secrets.VITE_BASE_URL }} + VITE_METADATA_API_URL=${{ secrets.VITE_METADATA_API_URL }} + VITE_GTM_ID=${{ secrets.VITE_GTM_ID }} + VITE_NETWORK_FLAG=${{ secrets.VITE_NETWORK_FLAG }} + VITE_SENTRY_DSN=${{ secrets.VITE_SENTRY_DSN }} + NPMRC_TOKEN=${{ secrets.NPMRC_TOKEN }} + VITE_USERSNAP_SPACE_API_KEY=${{ secrets.VITE_USERSNAP_SPACE_API_KEY }} + VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED=${{ secrets.VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED }} + VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED=${{ secrets.VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED }} + VITE_OUTCOMES_API_URL=${{secrets.VITE_OUTCOMES_API_URL}} + VITE_PDF_API_URL=${{ secrets.VITE_PDF_API_URL }} + VITE_IPFS_GATEWAY=${{ secrets.IPFS_GATEWAY }} + VITE_IPFS_PROJECT_ID=${{ secrets.IPFS_PROJECT_ID }} + IPFS_GATEWAY=${{ secrets.IPFS_GATEWAY }} + IPFS_PROJECT_ID=${{ secrets.IPFS_PROJECT_ID }} + + - name: Login to GHCR + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Scan Docker image with Dockle + id: dockle + run: | + wget -q https://github.com/goodwithtech/dockle/releases/download/v0.4.14/dockle_0.4.14_Linux-64bit.tar.gz + tar zxf dockle_0.4.14_Linux-64bit.tar.gz + sudo mv dockle /usr/local/bin + + dockle --exit-code 1 --exit-level fatal --format json -ak GHC_RELEASE_KEY -ak CABAL_INSTALL_RELEASE_KEY -ak STACK_RELEASE_KEY -ak KEY_SHA512 --input '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' --output ${{ matrix.workdir }}/dockle_scan_output.json + echo " dockle exited w/ $?" + cat ${{ matrix.workdir }}/dockle_scan_output.json + + echo "outcome=success" >> $GITHUB_OUTPUT + + - name: Push Docker image to GHCR + run: | + docker load -i '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' + rm -rf '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' + docker push ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }} + + - name: Add tag as a PR comment + uses: ubie-oss/comment-to-merged-pr-action@v0.3.3 + id: comment-to-merged-pr + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + message: |- + This PR is in the tag: ${{ env.TAG }} , for ${{ matrix.name }} service From 22e042ede032d238ed2b25f7b08e62e984c5c028 Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Tue, 25 Feb 2025 15:17:07 +0000 Subject: [PATCH 4/9] fixes punctuation --- .github/workflows/image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml index ce5e83a97..ce5a620b7 100644 --- a/.github/workflows/image.yml +++ b/.github/workflows/image.yml @@ -1,7 +1,7 @@ name: Check and Build Main on: - workflow_dispatch + workflow_dispatch: permissions: contents: write From b60ba573a6852552bae5af8d32d5decd427b112d Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Tue, 25 Feb 2025 15:42:52 +0000 Subject: [PATCH 5/9] updates workflow name --- .github/workflows/build-from-main.yml | 218 ++++++++++++++++++++++++++ 1 file changed, 218 insertions(+) create mode 100644 .github/workflows/build-from-main.yml diff --git a/.github/workflows/build-from-main.yml b/.github/workflows/build-from-main.yml new file mode 100644 index 000000000..ce5a620b7 --- /dev/null +++ b/.github/workflows/build-from-main.yml @@ -0,0 +1,218 @@ +name: Check and Build Main + +on: + workflow_dispatch: + +permissions: + contents: write + pull-requests: write + packages: write + +jobs: + check-build: + environment: ${{ matrix.network }} + strategy: + fail-fast: false + matrix: + include: + - branch: main + network: prod-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-backend + qovery_container_name: govtool-backend + - branch: main + network: prod-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-frontend + qovery_container_name: govtool-frontend + - branch: main + network: prod-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: main + network: pre-prod-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-backend + qovery_container_name: govtool-backend + - branch: main + network: pre-prod-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-frontend + qovery_container_name: govtool-frontend + - branch: main + network: pre-prod-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: main + network: preview-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-backend + qovery_container_name: govtool-backend + - branch: main + network: preview-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-govtool-frontend + qovery_container_name: govtool-frontend + - branch: main + network: preview-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + qovery_container_name: govtool-metadata-validation + + + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set TAG Environment Variable + id: set_tag + run: | + if [ "${{ github.ref_name }}" = "main" ]; then + echo "TAG=${{ github.sha }}-${NETWORK}" >> $GITHUB_ENV + else + echo "TAG=${{ github.ref_name }}-${{ github.sha }}-${NETWORK}" >> $GITHUB_ENV + fi + + - name: Lint Dockerfile + id: hadolint + uses: hadolint/hadolint-action@v3.1.0 + with: + failure-threshold: error + format: json + dockerfile: ${{ matrix.dockerfile }} + # output-file: hadolint_output.json + + - name: Save Hadolint output + id: save_hadolint_output + if: always() + run: cd ${{ matrix.workdir }} && echo "$HADOLINT_RESULTS" | jq '.' > hadolint_output.json + + - name: Print Dockerfile lint output + run: | + cd ${{ matrix.workdir }} + echo "-----HADOLINT RESULT-----" + echo "Outcome: ${{ steps.hadolint.outcome }}" + echo "-----DETAILS--------" + cat hadolint_output.json + echo "--------------------" + + - name: Code lint + id: code_lint + run: | + cd ${{ matrix.workdir }} + if [ ! -f lint.sh ]; then + echo "lint skipped" | tee code_lint_output.txt + exit 0 + fi + set -o pipefail + sudo chmod +x lint.sh && ./lint.sh 2>&1 | tee code_lint_output.txt + + - name: Unit tests + id: unit_tests + run: | + cd ${{ matrix.workdir }} + if [ ! -f unit-test.sh ]; then + echo "unit tests skipped" | tee code_lint_output.txt + exit 0 + fi + set -o pipefail + sudo chmod +x unit-test.sh && ./unit-test.sh 2>&1 | tee unit_test_output.txt + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - id: image_lowercase + uses: ASzc/change-string-case-action@v6 + with: + string: ${{ matrix.image }} + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: ${{ matrix.workdir }} + file: ${{ matrix.dockerfile }} + tags: ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }} + load: false + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache + outputs: type=docker,dest=/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar + build-args: | + VITE_APP_ENV=${{ secrets.VITE_APP_ENV }} + VITE_BASE_URL=${{ secrets.VITE_BASE_URL }} + VITE_METADATA_API_URL=${{ secrets.VITE_METADATA_API_URL }} + VITE_GTM_ID=${{ secrets.VITE_GTM_ID }} + VITE_NETWORK_FLAG=${{ secrets.VITE_NETWORK_FLAG }} + VITE_SENTRY_DSN=${{ secrets.VITE_SENTRY_DSN }} + NPMRC_TOKEN=${{ secrets.NPMRC_TOKEN }} + VITE_USERSNAP_SPACE_API_KEY=${{ secrets.VITE_USERSNAP_SPACE_API_KEY }} + VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED=${{ secrets.VITE_IS_PROPOSAL_DISCUSSION_FORUM_ENABLED }} + VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED=${{ secrets.VITE_IS_GOVERNANCE_OUTCOMES_PILLAR_ENABLED }} + VITE_OUTCOMES_API_URL=${{secrets.VITE_OUTCOMES_API_URL}} + VITE_PDF_API_URL=${{ secrets.VITE_PDF_API_URL }} + VITE_IPFS_GATEWAY=${{ secrets.IPFS_GATEWAY }} + VITE_IPFS_PROJECT_ID=${{ secrets.IPFS_PROJECT_ID }} + IPFS_GATEWAY=${{ secrets.IPFS_GATEWAY }} + IPFS_PROJECT_ID=${{ secrets.IPFS_PROJECT_ID }} + + - name: Login to GHCR + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Scan Docker image with Dockle + id: dockle + run: | + wget -q https://github.com/goodwithtech/dockle/releases/download/v0.4.14/dockle_0.4.14_Linux-64bit.tar.gz + tar zxf dockle_0.4.14_Linux-64bit.tar.gz + sudo mv dockle /usr/local/bin + + dockle --exit-code 1 --exit-level fatal --format json -ak GHC_RELEASE_KEY -ak CABAL_INSTALL_RELEASE_KEY -ak STACK_RELEASE_KEY -ak KEY_SHA512 --input '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' --output ${{ matrix.workdir }}/dockle_scan_output.json + echo " dockle exited w/ $?" + cat ${{ matrix.workdir }}/dockle_scan_output.json + + echo "outcome=success" >> $GITHUB_OUTPUT + + - name: Push Docker image to GHCR + run: | + docker load -i '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' + rm -rf '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' + docker push ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }} + + - name: Add tag as a PR comment + uses: ubie-oss/comment-to-merged-pr-action@v0.3.3 + id: comment-to-merged-pr + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + message: |- + This PR is in the tag: ${{ env.TAG }} , for ${{ matrix.name }} service From 8a3d918e8bb0cc495126a5ef50c9d8fa9624ed72 Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Tue, 4 Mar 2025 18:15:59 +0000 Subject: [PATCH 6/9] updates matrix to build packages for each network from staging and main branches --- .github/workflows/build-from-main.yml | 129 ++++++++++++++++++++++---- 1 file changed, 110 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build-from-main.yml b/.github/workflows/build-from-main.yml index ce5a620b7..04f86aa70 100644 --- a/.github/workflows/build-from-main.yml +++ b/.github/workflows/build-from-main.yml @@ -1,7 +1,10 @@ name: Check and Build Main on: - workflow_dispatch: + push: + branches: + - main + - staging permissions: contents: write @@ -10,73 +13,137 @@ permissions: jobs: check-build: + if: contains(fromJson('["main", "staging"]'), github.ref_name) environment: ${{ matrix.network }} strategy: fail-fast: false matrix: include: - branch: main - network: prod-govtool + network: preview-govtool workdir: ./govtool/backend name: govtool-backend dockerfile: ./govtool/backend/Dockerfile.qovery - image: ghcr.io/${{ github.repository }}-govtool-backend + image: ghcr.io/${{ github.repository }}-backend qovery_container_name: govtool-backend - branch: main - network: prod-govtool + network: preview-govtool workdir: ./govtool/frontend name: govtool-frontend dockerfile: ./govtool/frontend/Dockerfile.qovery - image: ghcr.io/${{ github.repository }}-govtool-frontend + image: ghcr.io/${{ github.repository }}-frontend qovery_container_name: govtool-frontend - branch: main - network: prod-govtool + network: preview-govtool workdir: ./govtool/metadata-validation name: govtool-metadata-validation dockerfile: ./govtool/metadata-validation/Dockerfile - image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + image: ghcr.io/${{ github.repository }}-metadata-validation qovery_container_name: govtool-metadata-validation - branch: main network: pre-prod-govtool workdir: ./govtool/backend name: govtool-backend dockerfile: ./govtool/backend/Dockerfile.qovery - image: ghcr.io/${{ github.repository }}-govtool-backend + image: ghcr.io/${{ github.repository }}-backend qovery_container_name: govtool-backend - branch: main network: pre-prod-govtool workdir: ./govtool/frontend name: govtool-frontend dockerfile: ./govtool/frontend/Dockerfile.qovery - image: ghcr.io/${{ github.repository }}-govtool-frontend + image: ghcr.io/${{ github.repository }}-frontend qovery_container_name: govtool-frontend - branch: main network: pre-prod-govtool workdir: ./govtool/metadata-validation name: govtool-metadata-validation dockerfile: ./govtool/metadata-validation/Dockerfile - image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + image: ghcr.io/${{ github.repository }}-metadata-validation qovery_container_name: govtool-metadata-validation - branch: main - network: preview-govtool + network: prod-govtool workdir: ./govtool/backend name: govtool-backend dockerfile: ./govtool/backend/Dockerfile.qovery - image: ghcr.io/${{ github.repository }}-govtool-backend + image: ghcr.io/${{ github.repository }}-backend qovery_container_name: govtool-backend - branch: main - network: preview-govtool + network: prod-govtool workdir: ./govtool/frontend name: govtool-frontend dockerfile: ./govtool/frontend/Dockerfile.qovery - image: ghcr.io/${{ github.repository }}-govtool-frontend + image: ghcr.io/${{ github.repository }}-frontend qovery_container_name: govtool-frontend - branch: main + network: prod-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: staging network: preview-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-backend + qovery_container_name: govtool-backend + - branch: staging + network: preview-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-frontend + qovery_container_name: govtool-frontend + - branch: staging + network: preview-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: staging + network: pre-prod-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-backend + qovery_container_name: govtool-backend + - branch: staging + network: pre-prod-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-frontend + qovery_container_name: govtool-frontend + - branch: staging + network: pre-prod-govtool + workdir: ./govtool/metadata-validation + name: govtool-metadata-validation + dockerfile: ./govtool/metadata-validation/Dockerfile + image: ghcr.io/${{ github.repository }}-metadata-validation + qovery_container_name: govtool-metadata-validation + - branch: staging + network: prod-govtool + workdir: ./govtool/backend + name: govtool-backend + dockerfile: ./govtool/backend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-backend + qovery_container_name: govtool-backend + - branch: staging + network: prod-govtool + workdir: ./govtool/frontend + name: govtool-frontend + dockerfile: ./govtool/frontend/Dockerfile.qovery + image: ghcr.io/${{ github.repository }}-frontend + qovery_container_name: govtool-frontend + - branch: staging + network: prod-govtool workdir: ./govtool/metadata-validation name: govtool-metadata-validation dockerfile: ./govtool/metadata-validation/Dockerfile - image: ghcr.io/${{ github.repository }}-govtool-metadata-validation + image: ghcr.io/${{ github.repository }}-metadata-validation qovery_container_name: govtool-metadata-validation @@ -85,14 +152,23 @@ jobs: - name: Checkout code uses: actions/checkout@v3 + - name: Ensure Job Runs Only for Matching Branch + if: github.ref_name != matrix.branch + run: | + echo "Branch mismatch, exiting..." + exit 0 + - name: Set TAG Environment Variable id: set_tag run: | + SANITIZED_BRANCH=$(echo "${{ github.ref_name }}" | tr '/' '-') if [ "${{ github.ref_name }}" = "main" ]; then - echo "TAG=${{ github.sha }}-${NETWORK}" >> $GITHUB_ENV + echo "TAG=${{ github.sha }}-${{ github.run_number }}" >> $GITHUB_ENV else - echo "TAG=${{ github.ref_name }}-${{ github.sha }}-${NETWORK}" >> $GITHUB_ENV + echo "TAG=${SANITIZED_BRANCH}-${{ github.sha }}-${{ github.run_number }}" >> $GITHUB_ENV fi + echo "Generated TAG: $TAG" + - name: Lint Dockerfile id: hadolint @@ -155,12 +231,20 @@ jobs: with: string: ${{ matrix.image }} + - name: Set ENVIRONMENT Variable + run: echo "ENVIRONMENT=${{ matrix.network }}" >> $GITHUB_ENV + + - name: Sanitize Network Name + run: | + CLEAN_NETWORK=$(echo "${{ matrix.network }}" | sed 's/-govtool$//') + echo "CLEAN_NETWORK=$CLEAN_NETWORK" >> $GITHUB_ENV + - name: Build Docker image uses: docker/build-push-action@v5 with: context: ${{ matrix.workdir }} file: ${{ matrix.dockerfile }} - tags: ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }} + tags: ${{ steps.image_lowercase.outputs.lowercase }}-${{ env.CLEAN_NETWORK }}:${{ env.TAG }} load: false cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache @@ -203,11 +287,18 @@ jobs: echo "outcome=success" >> $GITHUB_OUTPUT + - name: Debug TAG Before Docker Push + run: | + echo "Lowercase Image: ${{ steps.image_lowercase.outputs.lowercase }}" + echo "Network: ${{ matrix.network }}" + echo "TAG: ${{ env.TAG }}" + echo "Final Docker Tag: ${{ steps.image_lowercase.outputs.lowercase }}-${{ matrix.network}}:${{ env.TAG }}" + - name: Push Docker image to GHCR run: | docker load -i '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' rm -rf '/tmp/image-${{ matrix.name }}-${{ env.ENVIRONMENT }}.tar' - docker push ${{ steps.image_lowercase.outputs.lowercase }}:${{ env.TAG }} + docker push ${{ steps.image_lowercase.outputs.lowercase }}-${{ env.CLEAN_NETWORK}}:${{ env.TAG }} - name: Add tag as a PR comment uses: ubie-oss/comment-to-merged-pr-action@v0.3.3 From 9c59a4c89ee8b6a07ab250d1a0b0332be34c380c Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Wed, 5 Mar 2025 10:44:20 +0000 Subject: [PATCH 7/9] adds support for triggering manually --- .github/workflows/build-from-main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-from-main.yml b/.github/workflows/build-from-main.yml index 04f86aa70..de0c3ea44 100644 --- a/.github/workflows/build-from-main.yml +++ b/.github/workflows/build-from-main.yml @@ -5,6 +5,7 @@ on: branches: - main - staging + workflow_dispatch: permissions: contents: write From 52804552ee3056e8b8cd4526471865bd10af377d Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Wed, 5 Mar 2025 11:40:00 +0000 Subject: [PATCH 8/9] disables workflow from running --- .github/workflows/merge.yaml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index 065a39624..274c1f09f 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -1,12 +1,13 @@ name: Check,Build,Deploy on: - push: - branches: - - develop - - test - - staging - - main + workflow_dispatch + #push: + #branches: + #- develop + #- test + #- staging + #- main permissions: contents: write From dc55a8208c60ad0bda386081f0be69c49c970677 Mon Sep 17 00:00:00 2001 From: Aaron Boyle Date: Wed, 5 Mar 2025 13:49:57 +0000 Subject: [PATCH 9/9] removes commented out workflow trigger --- .github/workflows/merge.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index 274c1f09f..c9574dcab 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -2,12 +2,6 @@ name: Check,Build,Deploy on: workflow_dispatch - #push: - #branches: - #- develop - #- test - #- staging - #- main permissions: contents: write