diff --git a/.github/workflows/publish/action.yaml b/.github/workflows/publish/action.yaml new file mode 100644 index 0000000..d3ef540 --- /dev/null +++ b/.github/workflows/publish/action.yaml @@ -0,0 +1,48 @@ +name: Build or publish container +description: Reusable action for creating a container + +inputs: + container: + description: "The name of the container" + required: true + registry-token: + description: "The Github token needed to operate on the container registry" + required: true + publish: + description: "Whether to publish and roll out the container or not" + required: false + push-token: + description: "The Github token needed to create PRs for rolling out the container" + required: false + files-to-update: + description: "The files to update in the rollout PR" + required: false + +runs: + using: composite + steps: + - uses: docker/metadata-action@v5 + id: metadata + with: + images: ghcr.io/${{ github.repository }}/${{ inputs.publish && inputs.container || 'cache' }} + tags: | + type=sha,format=long + - uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ inputs.registry-token }} + - uses: int128/kaniko-action@v1 + with: + push: true + tags: ${{ steps.metadata.outputs.tags }} + labels: ${{ steps.metadata.outputs.labels }} + cache: true + cache-repository: ghcr.io/${{ github.repository }}/cache + context: ${{ inputs.container }} + - uses: ./.github/workflows/update-k8s-deployments + if: ${{ inputs.publish }} + with: + files-to-update: ${{ inputs.files-to-update }} + component: ${{ inputs.container }} + push-token: ${{ inputs.push-token }} diff --git a/.github/workflows/rollout-dashboard.yaml b/.github/workflows/rollout-dashboard.yaml index f501212..eab3756 100644 --- a/.github/workflows/rollout-dashboard.yaml +++ b/.github/workflows/rollout-dashboard.yaml @@ -87,60 +87,23 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: docker/metadata-action@v5 - id: metadata - with: - images: ghcr.io/${{ github.repository }}/cache - tags: | - type=sha,format=long - - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - uses: int128/kaniko-action@v1 + - uses: ./.github/workflows/publish name: Create rollout-dashboard container with: - push: true - tags: ${{ steps.metadata.outputs.tags }} - labels: ${{ steps.metadata.outputs.labels }} - cache: true - cache-repository: ghcr.io/${{ github.repository }}/cache - context: rollout-dashboard + container: rollout-dashboard + registry-token: ${{ secrets.GITHUB_TOKEN }} publish-rollout-dashboard-container: name: Publish rollout dashboard container # if: github.event_name == 'push' && github.ref == 'refs/heads/main' - if: github.event_name == 'pull_request' + if: github.event_name == 'pull_request' # FIXME delete me and uncomment line above. runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: docker/metadata-action@v5 - id: metadata - with: - images: ghcr.io/${{ github.repository }}/rollout-dashboard - tags: | - type=schedule - type=ref,event=branch - type=ref,event=tag - type=ref,event=pr - type=sha,format=long - - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - uses: int128/kaniko-action@v1 + - uses: ./.github/workflows/publish name: Create and publish rollout-dashboard container with: - push: true - tags: ${{ steps.metadata.outputs.tags }} - labels: ${{ steps.metadata.outputs.labels }} - cache: true - cache-repository: ghcr.io/${{ github.repository }}/cache - context: rollout-dashboard - - uses: ./.github/workflows/update-k8s-deployments - name: Roll out new rollout-dashboard container - with: - files-to-update: bases/apps/rollout-dashboard/core/deployment.yaml - component: rollout-dashboard + container: rollout-dashboard + registry-token: ${{ secrets.GITHUB_TOKEN }} + publish: true push-token: ${{ secrets.K8S_API_TOKEN }} + files-to-update: bases/apps/rollout-dashboard/core/deployment.yaml