TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 07:17:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

login pipeline

Browse Source
This commit is contained in:
Elio Bischof
2025-06-23 21:10:18 +02:00
parent 805b34db08
commit 6dc35140a5
4 changed files with 139 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.github/workflows/build.yml vendored
View File

@@ -76,6 +76,11 @@ jobs:
core_cache_key: ${{ needs.core.outputs.cache_key }} core_cache_key: ${{ needs.core.outputs.cache_key }}
core_cache_path: ${{ needs.core.outputs.cache_path }} core_cache_path: ${{ needs.core.outputs.cache_path }}
login-quality:
uses: ./.github/workflows/login-quality.yml
with:
force: ${{ github.event_name == 'workflow_dispatch' }}
container: container:
needs: [compile] needs: [compile]
uses: ./.github/workflows/container.yml uses: ./.github/workflows/container.yml
@@ -86,6 +91,10 @@ jobs:
with: with:
build_image_name: "ghcr.io/zitadel/zitadel-build" build_image_name: "ghcr.io/zitadel/zitadel-build"
login-container:
uses: ./.github/workflows/login-container.yml
if: ${{ github.event_name == 'workflow_dispatch' }}
e2e: e2e:
uses: ./.github/workflows/e2e.yml uses: ./.github/workflows/e2e.yml
needs: [compile] needs: [compile]
@@ -98,7 +107,7 @@ jobs:
issues: write issues: write
pull-requests: write pull-requests: write
needs: needs:
[version, core-unit-test, core-integration-test, lint, container, e2e] [version, core-unit-test, core-integration-test, lint, container, e2e, login-container]
if: ${{ github.event_name == 'workflow_dispatch' }} if: ${{ github.event_name == 'workflow_dispatch' }}
secrets: secrets:
GCR_JSON_KEY_BASE64: ${{ secrets.GCR_JSON_KEY_BASE64 }} GCR_JSON_KEY_BASE64: ${{ secrets.GCR_JSON_KEY_BASE64 }}
@@ -109,3 +118,6 @@ jobs:
semantic_version: "23.0.7" semantic_version: "23.0.7"
image_name: "ghcr.io/zitadel/zitadel" image_name: "ghcr.io/zitadel/zitadel"
google_image_name: "europe-docker.pkg.dev/zitadel-common/zitadel-repo/zitadel" google_image_name: "europe-docker.pkg.dev/zitadel-common/zitadel-repo/zitadel"
build_image_name_login: ${{ needs.login-container.outputs.login_build_image }}
image_name_login: "ghcr.io/zitadel/login"
google_image_name_login: europe-docker.pkg.dev/zitadel-common/zitadel-repo/login

46
.github/workflows/login-container.yml vendored Normal file
View File

@@ -0,0 +1,46 @@
name: Login Container
on:
workflow_call:
outputs:
login_build_image:
description: 'The image name of the built production standalone login image'
value: ${{ jobs.login-container.outputs.login_build_image }}
jobs:
login-container:
name: Build Login Container
runs-on: depot-ubuntu-22.04-8
permissions:
contents: read
id-token: write
outputs:
login_build_image: ${{ steps.get-login-tag.outputs.LOGIN_TAG }}
steps:
- uses: actions/checkout@v4
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/zitadel/login
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- uses: depot/setup-action@v1
with:
oidc: true
- name: Build Login Container
run: make login-standalone-build
env:
# latest if branch is main, otherwise image version which is the pull request number
BAKE_CLI: depot bake
DEPOT_PROJECT_ID: w47wkxzdtw
FORCE: ${{ github.event.inputs.force }}
- name: Get Login image tag
id: get-login-tag
run: echo "LOGIN_TAG=$(make login-standalone-build-tag)" >> "$GITHUB_OUTPUT"

65
.github/workflows/login-quality.yml vendored Normal file
View File

@@ -0,0 +1,65 @@
name: Login Quality
on:
workflow_call:
inputs:
force:
description: 'Ignore run caches'
type: boolean
required: true
outputs:
login_build_image:
description: 'The image name of the built production standalone login image'
value: 'ghcr.io/zitadel/login:${{ github.sha }}'
jobs:
quality:
name: Ensure Quality
runs-on: depot-ubuntu-22.04-8
timeout-minutes: 30
permissions:
contents: read
id-token: write
actions: write
env:
CACHE_DIR: /tmp/login-run-caches
steps:
- uses: actions/checkout@v4
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/zitadel/login
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- uses: depot/setup-action@v1
with:
oidc: true
- name: Restore Run Caches
uses: actions/cache/restore@v4
id: run-caches-restore
with:
path: ${{ env.CACHE_DIR }}
key: ${{ runner.os }}-login-run-caches-${{github.ref_name}}-${{ github.sha }}-${{github.run_attempt}}
restore-keys: |
${{ runner.os }}-login-run-caches-${{github.ref_name}}-${{ github.sha }}-
${{ runner.os }}-login-run-caches-${{github.ref_name}}-
${{ runner.os }}-login-run-caches-
- run: make login-quality
env:
# latest if branch is main, otherwise image version which is the pull request number
BAKE_CLI: depot bake
DEPOT_PROJECT_ID: w47wkxzdtw
FORCE: ${{ github.event.inputs.force }}
- name: Save Run Caches
uses: actions/cache/save@v4
with:
path: ${{ env.CACHE_DIR }}
key: ${{ steps.run-caches-restore.outputs.cache-primary-key }}
if: always()

15
.github/workflows/release.yml vendored
View File

@@ -15,6 +15,15 @@ on:
google_image_name: google_image_name:
required: true required: true
type: string type: string
build_image_name_login:
required: true
type: string
image_name_login:
required: true
type: string
google_image_name_login:
required: true
type: string
secrets: secrets:
GCR_JSON_KEY_BASE64: GCR_JSON_KEY_BASE64:
description: 'base64 endcrypted key to connect to Google' description: 'base64 endcrypted key to connect to Google'
@@ -96,6 +105,9 @@ jobs:
docker buildx imagetools create \ docker buildx imagetools create \
--tag ${{ inputs.google_image_name }}:${{ needs.version.outputs.version }} \ --tag ${{ inputs.google_image_name }}:${{ needs.version.outputs.version }} \
${{ inputs.build_image_name }} ${{ inputs.build_image_name }}
docker buildx imagetools create \
--tag ${{ inputs.google_image_name_login }}:${{ needs.version.outputs.version }} \
${{ inputs.build_image_name_login }}
- -
name: Publish latest name: Publish latest
if: ${{ github.ref_name == 'next' }} if: ${{ github.ref_name == 'next' }}
@@ -106,6 +118,9 @@ jobs:
docker buildx imagetools create \ docker buildx imagetools create \
--tag ${{ inputs.image_name }}:latest-debug \ --tag ${{ inputs.image_name }}:latest-debug \
${{ inputs.build_image_name }}-debug ${{ inputs.build_image_name }}-debug
docker buildx imagetools create \
--tag ${{ inputs.image_name_login }}:latest \
${{ inputs.build_image_name_login }}
homebrew-tap: homebrew-tap:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04