name: ZITADEL CI/CD on: push: tags-ignore: - "*" branches: - "main" pull_request: workflow_dispatch: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true permissions: contents: write packages: write issues: write pull-requests: write actions: write jobs: core: uses: ./.github/workflows/core.yml with: node_version: "20" buf_version: "latest" console: uses: ./.github/workflows/console.yml with: node_version: "20" docs: uses: ./.github/workflows/docs.yml with: node_version: "20" buf_version: "latest" version: uses: ./.github/workflows/version.yml with: semantic_version: "23.0.7" dry_run: true compile: needs: [core, console, version] uses: ./.github/workflows/compile.yml with: core_cache_key: ${{ needs.core.outputs.cache_key }} console_cache_key: ${{ needs.console.outputs.cache_key }} core_cache_path: ${{ needs.core.outputs.cache_path }} console_cache_path: ${{ needs.console.outputs.cache_path }} version: ${{ needs.version.outputs.version }} node_version: "20" core-unit-test: needs: core uses: ./.github/workflows/core-unit-test.yml with: core_cache_key: ${{ needs.core.outputs.cache_key }} core_cache_path: ${{ needs.core.outputs.cache_path }} secrets: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} core-integration-test: needs: core uses: ./.github/workflows/core-integration-test.yml with: core_cache_key: ${{ needs.core.outputs.cache_key }} core_cache_path: ${{ needs.core.outputs.cache_path }} secrets: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} lint: needs: [core, console] uses: ./.github/workflows/lint.yml with: node_version: "18" buf_version: "latest" go_lint_version: "latest" core_cache_key: ${{ needs.core.outputs.cache_key }} core_cache_path: ${{ needs.core.outputs.cache_path }} container: needs: [compile] uses: ./.github/workflows/container.yml secrets: inherit permissions: packages: write if: ${{ github.event_name == 'workflow_dispatch' }} with: build_image_name: "ghcr.io/zitadel/zitadel-build" login-container: uses: ./.github/workflows/login-container.yml permissions: packages: write id-token: write with: login_build_image_name: "ghcr.io/zitadel/zitadel-login-build" node_version: "20" login-integration-test: uses: ./.github/workflows/login-integration-test.yml needs: [login-container] with: login_build_image: ${{ needs.login-container.outputs.login_build_image }} e2e: uses: ./.github/workflows/e2e.yml needs: [compile] release: uses: ./.github/workflows/release.yml permissions: packages: write contents: write issues: write pull-requests: write needs: [ version, core-unit-test, core-integration-test, lint, container, login-container, login-integration-test, e2e, ] if: ${{ github.event_name == 'workflow_dispatch' }} secrets: GCR_JSON_KEY_BASE64: ${{ secrets.GCR_JSON_KEY_BASE64 }} APP_ID: ${{ secrets.APP_ID }} APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} with: build_image_name: ${{ needs.container.outputs.build_image }} semantic_version: "23.0.7" image_name: "ghcr.io/zitadel/zitadel" google_image_name: "europe-docker.pkg.dev/zitadel-common/zitadel-repo/zitadel" build_image_name_login: ${{ needs.login-container.outputs.login_build_image }} image_name_login: "ghcr.io/zitadel/zitadel-login" google_image_name_login: "europe-docker.pkg.dev/zitadel-common/zitadel-repo/zitadel-login"