Update access token help text #179
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Adapted from https://github.com/stackhpc/azimuth/blob/master/.github/workflows/build-push-artifacts.yaml | |
name: Publish artifacts | |
# Run the tasks on every push | |
# TODO: Add path filtering to only run on relevant changes | |
on: push | |
jobs: | |
# Job to run change detection | |
changes: | |
name: Check for relevant changes | |
runs-on: ubuntu-latest | |
# Required permissions | |
permissions: | |
pull-requests: read | |
# Set job outputs to values from filter step | |
outputs: | |
images: ${{ steps.filter.outputs.images }} | |
chart: ${{ steps.filter.outputs.chart }} | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
base: ${{ github.ref_name }} | |
filters: | | |
images: | |
- 'images/**' | |
chart: | |
- 'chart/**' | |
# Job to build container images | |
build_push_images: | |
name: Build and push images | |
runs-on: ubuntu-latest | |
needs: changes | |
if: ${{ needs.changes.outputs.images == 'true' || github.ref_type == 'tag' }} | |
strategy: | |
matrix: | |
include: | |
# - component: api | |
- component: ui | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@v4 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Calculate metadata for image | |
id: image-meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ghcr.io/stackhpc/azimuth-llm-${{ matrix.component }}-base | |
# Produce the branch name or tag and the SHA as tags | |
tags: | | |
type=ref,event=branch | |
type=ref,event=tag | |
type=sha,prefix= | |
- name: Build and push image | |
uses: stackhpc/github-actions/docker-multiarch-build-push@allow-continue-after-scan | |
with: | |
cache-key: ${{ matrix.component }}-base | |
context: ./images/${{ matrix.component }}-base | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
tags: ${{ steps.image-meta.outputs.tags }} | |
labels: ${{ steps.image-meta.outputs.labels }} | |
fail_on_high_severity_cve: false | |
# Job to build and publish Helm chart | |
build_push_chart: | |
name: Build and push Helm chart | |
runs-on: ubuntu-latest | |
# Only build and push the chart if chart files have changed | |
needs: [changes] | |
if: ${{ needs.changes.outputs.chart == 'true' || github.ref_type == 'tag' }} | |
steps: | |
- name: Check out the repository | |
uses: actions/checkout@v4 | |
with: | |
# This is important for the semver action to work correctly | |
# when determining the number of commits since the last tag | |
fetch-depth: 0 | |
- name: Get SemVer version for current commit | |
id: semver | |
uses: stackhpc/github-actions/semver@master | |
- name: Publish Helm charts | |
uses: stackhpc/github-actions/helm-publish@master | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: ${{ steps.semver.outputs.version }} | |
app-version: ${{ steps.semver.outputs.short-sha }} |