chore(deps): update actions/checkout digest to 692973e #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: App | |
on: | |
workflow_dispatch: | |
inputs: | |
deploy: | |
description: "Deploy image to cloud run" | |
required: true | |
type: boolean | |
default: false | |
push: | |
branches: | |
- main | |
paths: | |
- "containers/Dockerfile.app" | |
- ".github/workflows/app.yaml" | |
- "app/**" | |
env: | |
REGISTRY: ghcr.io | |
GAR_REGISTRY: us-central1-docker.pkg.dev | |
GAR_REPOSITORY: pyrovelocity | |
IMAGE_NAME: pyrovelocityapp | |
jobs: | |
set-deploy-flag: | |
runs-on: ubuntu-latest | |
outputs: | |
deploy_flag: ${{ steps.set-deploy-flag.outputs.deploy_flag }} | |
steps: | |
- name: "Print github context" | |
run: | | |
echo " EVENT_NAME:" "$GITHUB_EVENT_NAME" | |
echo " REF:" "$GITHUB_REF" | |
echo " full_name: ${{ github.event.repository.full_name }}" | |
echo " repository: ${{ github.repository }}" | |
echo "repository_owner: ${{ github.repository_owner }}" | |
echo " default_branch: ${{ github.event.repository.default_branch }}" | |
echo "REPOSITORY_OWNER:" "$GITHUB_REPOSITORY_OWNER" | |
echo " REF_NAME:" "$GITHUB_REF_NAME" | |
echo " HEAD_REF:" "$GITHUB_HEAD_REF" | |
echo " BASE_REF:" "$GITHUB_BASE_REF" | |
echo " SHA:" "$GITHUB_SHA" | |
- name: Set deploy flag | |
id: set-deploy-flag | |
run: | | |
DEPLOY_FLAG=false | |
if [[ "${{ inputs.deploy }}" == "true" ]] || \ | |
[[ "${{ github.event_name }}" == "push" && \ | |
"${{ github.ref }}" == "refs/heads/${{ github.event.repository.default_branch }}" && \ | |
"${{ github.repository_owner }}" == "pinellolab" ]]; then | |
DEPLOY_FLAG=true | |
fi | |
echo "deploy_flag will be set to: $DEPLOY_FLAG" | |
echo "deploy_flag=$DEPLOY_FLAG" >> "$GITHUB_OUTPUT" | |
build-and-push-image: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # ratchet:docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # ratchet:docker/setup-buildx-action@v2 | |
- name: Log in to GitHub container registry | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # ratchet:docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Log in to Google Artifact Registry | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # ratchet:docker/login-action@v3 | |
with: | |
registry: ${{ env.GAR_REGISTRY }} | |
username: _json_key | |
password: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_DATA }} | |
- name: Extract github metadata for docker labels | |
id: meta | |
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # ratchet:docker/metadata-action@v5 | |
with: | |
images: | | |
${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }} | |
${{ env.GAR_REGISTRY }}/${{ secrets.GCP_PROJECT_ID }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=raw,value=latest,enable={{is_default_branch}} | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=sha,prefix=,format=long | |
- name: Build and push | |
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # ratchet:docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./containers/Dockerfile.app | |
platforms: linux/amd64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
deploy-cloud-run: | |
needs: [build-and-push-image, set-deploy-flag] | |
runs-on: ubuntu-latest | |
if: ${{ needs.set-deploy-flag.outputs.deploy_flag }} | |
permissions: | |
contents: read | |
packages: read | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
- name: "Authenticate to Google Cloud" | |
uses: "google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c" # ratchet:google-github-actions/auth@v2 | |
with: | |
credentials_json: "${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_DATA }}" | |
- name: Deploy to Cloud Run | |
id: "deploy" | |
uses: google-github-actions/deploy-cloudrun@e62f655d5754bec48078a72edc015367b01ee97b # ratchet:google-github-actions/deploy-cloudrun@v1 | |
with: | |
service: pyrovelocityapp | |
image: ${{ env.GAR_REGISTRY }}/${{ secrets.GCP_PROJECT_ID }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ github.sha }} | |
- name: Post url | |
run: 'echo "${{ steps.deploy.outputs.url }}"' |