Skip to content

temurin指定

temurin指定 #29

Workflow file for this run

name: Node CI
on:
push:
branches: ['develop', 'feature/*', 'hotfix/*']
workflow_dispatch:
permissions:
id-token: write
contents: read
jobs:
build:
runs-on: ubuntu-latest
environment: develop # for azure oidc
env:
IMAGE_TAG: ${{ github.sha }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Checkout manifest repo
uses: actions/checkout@v4
with:
repository: nautible/nautible-app-examples-manifest
path: nautible-app-examples-manifest
token: ${{ secrets.PAT }}
# AWS
- name: Configure AWS credentials
id: login-aws
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/nautible-dev-githubactions-ecr-access-role
aws-region: ap-northeast-1
continue-on-error: true
- name: login-aws when command failure
run: echo "result - aws login failure"
if: steps.login-aws.outcome == 'failure'
- name: Login to Amazon public ECR
id: login-ecr
run: |
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/nautible
if: steps.login-aws.outcome == 'success'
- name: examples node Build, tag, and push image to Amazon ECR
id: build-image-service-ecr
env:
DOCKER_BUILDKIT: 1
ECR_REGISTRY: public.ecr.aws/nautible
ECR_REPOSITORY: nautible-app-examples-node
run: |
cd $GITHUB_WORKSPACE/nautible-app-examples-node
docker build --cache-from=$ECR_REGISTRY/$ECR_REPOSITORY:latest --build-arg BUILDKIT_INLINE_CACHE=1 -t $ECR_REGISTRY/$ECR_REPOSITORY:latest -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f ./docker/Dockerfile .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
if: steps.login-aws.outcome == 'success'
# Azure
- name: Login via Azure CLI
id: login-azure
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
continue-on-error: true
- name: login-azure when command failure
run: echo "result - azure login failure"
if: steps.login-azure.outcome == 'failure'
- name: Login Azure Acr
id: login-azure-acr
run: |
az acr login -n nautibledevacr
if: steps.login-azure.outcome == 'success'
- name: examples node Build, tag, and push image to Azure ACR
id: build-image-service-acr
env:
DOCKER_BUILDKIT: 1
ACR_REGISTRY: nautibledevacr.azurecr.io
ACR_REPOSITORY: nautible-app-examples-node
run: |
cd $GITHUB_WORKSPACE/nautible-app-examples-node
docker build --cache-from=$ACR_REGISTRY/$ACR_REPOSITORY:latest --build-arg BUILDKIT_INLINE_CACHE=1 -t $ACR_REGISTRY/$ACR_REPOSITORY:latest -t $ACR_REGISTRY/$ACR_REPOSITORY:$IMAGE_TAG -f ./docker/Dockerfile .
docker push $ACR_REGISTRY/$ACR_REPOSITORY:latest
docker push $ACR_REGISTRY/$ACR_REPOSITORY:$IMAGE_TAG
if: steps.login-azure.outcome == 'success'
- name: update feature branch image tag
id: update-feature-branch-image-tag
if: startsWith(github.ref_name, 'feature/')
env:
TOKEN: ${{ secrets.PAT }}
BRANCH: ${{ github.ref_name }}
APP_NAME: examples
ACR_REGISTRY: nautibledevacr.azurecr.io
run: |
cd $GITHUB_WORKSPACE/nautible-app-$APP_NAME-manifest
HTTP_STATUS=$(curl -H "Accept: application/vnd.github+json" -H "Authorization: token $TOKEN" https://api.github.com/repos/nautible/nautible-app-$APP_NAME-manifest/branches/$BRANCH -o /dev/null -w '%{http_code}\n' -s)
if [ "$HTTP_STATUS" != '200' ]; then
echo 'couldnt find remote branch. skip update manifest.'
exit 0
fi
git fetch origin $BRANCH && git checkout $BRANCH
sed -i 's/image: public.ecr.aws\/nautible\/nautible-app-'$APP_NAME'-node:\(.*\)/image: public.ecr.aws\/nautible\/nautible-app-'$APP_NAME'-node:'$IMAGE_TAG'/' ./nautible-app-$APP_NAME-manifest-node/overlays/aws/dev/$APP_NAME-deployment.yaml
sed -i 's/image: '$ACR_REGISTRY'\/nautible-app-'$APP_NAME'-node:\(.*\)/image: '$ACR_REGISTRY'\/nautible-app-'$APP_NAME'-node:'$IMAGE_TAG'/' ./nautible-app-$APP_NAME-manifest-node/overlays/azure/dev/$APP_NAME-deployment.yaml
git config user.name github-actions
git config user.email github-actions@github.com
git add .
git commit -m "update manifest"
git push
# - name: pull request
# id: pull-request
# if: github.ref_name == 'develop' || startsWith(github.ref_name, 'hotfix/')
# env:
# TOKEN: ${{ secrets.PAT }}
# BRANCH: ${{ github.ref_name }}
# TAG: update-image-feature-${{ github.sha }}
# APP_NAME: examples
# ACR_REGISTRY: nautibledevacr.azurecr.io
# run: |
# cd $GITHUB_WORKSPACE/nautible-app-$APP_NAME-manifest
# git fetch origin $BRANCH && git checkout $BRANCH
# git checkout -b $TAG $BRANCH
# sed -i 's/image: public.ecr.aws\/nautible\/nautible-app-'$APP_NAME'-node:\(.*\)/image: public.ecr.aws\/nautible\/nautible-app-'$APP_NAME'-node:'$IMAGE_TAG'/' ./nautible-app-$APP_NAME-manifest-node/overlays/aws/dev/$APP_NAME-deployment.yaml
# sed -i 's/image: '$ACR_REGISTRY'\/nautible-app-'$APP_NAME'-node:\(.*\)/image: '$ACR_REGISTRY'\/nautible-app-'$APP_NAME'-node:'$IMAGE_TAG'/' ./nautible-app-$APP_NAME-manifest-node/overlays/azure/dev/$APP_NAME-deployment.yaml
# git config user.name github-actions
# git config user.email github-actions@github.com
# git add .
# git commit -m "update manifest"
# git push --set-upstream origin $TAG
# curl -X POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $TOKEN" "https://api.github.com/repos/nautible/nautible-app-$APP_NAME-manifest/pulls" -d '{"title": "new image deploy request", "head": "nautible:'$TAG'", "base": "'$BRANCH'"}' -o /dev/null -w 'httpstatus:%{http_code}\n' -s