zitadel/.github/workflows/release.yml
Christian Jakob 654bf09ed1
Autodeploydev (#200)
* fix: autodeploy

* added version condition
2020-06-10 12:38:13 +02:00

227 lines
7.2 KiB
YAML

name: Release
on: push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REGISTRY: docker.pkg.github.com
IMAGE: zitadel
NODE_VERSION: '12'
GO_VERSION: '^1.14.1'
jobs:
angular-test: # will be added later on
runs-on: ubuntu-18.04
defaults:
run:
working-directory: ./console
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: ${{ env.NODE_VERSION }}
- run: npm ci
#- run: npm test
- run: echo "replace me with real test"
angular-lint: # will be added later on
runs-on: ubuntu-18.04
defaults:
run:
working-directory: ./console
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: ${{ env.NODE_VERSION }}
- run: npm ci
- run: npm run lint
angular-build:
runs-on: ubuntu-18.04
defaults:
run:
working-directory: ./console
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: ${{ env.NODE_VERSION }}
- run: npm ci
- run: npm run prodbuild
- uses: actions/upload-artifact@v1
with:
name: angular
path: console/dist/console
go-test:
runs-on: ubuntu-18.04
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2-beta
with:
go-version: ${{ env.GO_VERSION }}
- run: go test -race -v -coverprofile=profile.cov ./...
- uses: actions/upload-artifact@v1
with:
name: go-coverage
path: profile.cov
- uses: codecov/codecov-action@v1
with:
file: ./profile.cov
name: codecov-go
go-lint:
runs-on: ubuntu-18.04
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2-beta
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v2
- run: echo "replace me with real lint"
go-build:
runs-on: ubuntu-18.04
needs: [angular-build, angular-test, angular-lint, go-test] ### We need the artifact from the angular build and that's why we wait here
name: Build ${{ matrix.goos }}-${{ matrix.goarch }}
strategy:
matrix:
goos: [ 'linux', 'darwin', 'windows' ]
goarch: ['amd64']
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2-beta
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/download-artifact@v2
with:
name: angular
path: console/dist/app
- run: go get github.com/rakyll/statik
- run: ./build/console/generate-static.sh
- run: cat pkg/console/statik/statik.go
- run: ./build/login/generate-static.sh
- run: cat internal/login/statik/statik.go
- run: ./build/notification/generate-static.sh
- run: cat internal/notification/statik/statik.go
- run: CGO_ENABLED=0 GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} go build -a -installsuffix cgo -ldflags '-extldflags "-static"' -o zitadel-${{ matrix.goos }}-${{ matrix.goarch }} cmd/zitadel/main.go
- uses: actions/upload-artifact@v1
with:
name: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
path: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}
container-prod:
runs-on: ubuntu-18.04
needs: go-build
steps:
- name: Source checkout
uses: actions/checkout@v2
- uses: actions/download-artifact@v2
with:
name: zitadel-linux-amd64
path: .artifacts
- uses: docker/build-push-action@v1
with:
dockerfile: build/docker/prod
username: ${{ github.actor }}
password: ${{ github.token }}
registry: ${{ env.REGISTRY }}
repository: ${{ github.repository }}/${{ env.IMAGE }}
tag_with_ref: true
tag_with_sha: true
container-vulnerability-scan:
runs-on: ubuntu-18.04
needs: container-prod
steps:
- name: Source checkout
uses: actions/checkout@v2
- name: Generate Short SHA Container Tag
id: vars
run: echo "::set-output name=sha_short::SHA-$(git rev-parse --short HEAD)"
- name: Check outputs
run: echo ${{ steps.vars.outputs.sha_short }}
- name: Docker Login
run: docker login $REGISTRY -u $GITHUB_ACTOR -p $GITHUB_TOKEN
- uses: anchore/scan-action@master
with:
image-reference: "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE }}:${{ steps.vars.outputs.sha_short }}"
dockerfile-path: "./build/docker/prod"
fail-build: false
- name: anchore inline scan JSON results
run: for j in `ls ./anchore-reports/*.json`; do echo "---- ${j} ----"; cat ${j}; echo; done
- uses: actions/upload-artifact@v1
with:
name: anchore-reports
path: ./anchore-reports/
container-test:
runs-on: ubuntu-18.04
needs: container-prod
steps:
- name: Source checkout
uses: actions/checkout@v2
- name: Generate Short SHA Container Tag
id: vars
run: echo "::set-output name=sha_short::SHA-$(git rev-parse --short HEAD)"
- name: Check outputs
run: echo ${{ steps.vars.outputs.sha_short }}
- name: Docker Login
run: docker login $REGISTRY -u $GITHUB_ACTOR -p $GITHUB_TOKEN
- name: Docker Run Test
run: echo "replace me with real test"
release:
runs-on: ubuntu-18.04
needs: [container-prod, container-test]
env:
DOCKER_USERNAME: ${{ github.actor }}
DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Source checkout
uses: actions/checkout@v2
- name: Generate Short SHA Container Tag
id: vars
run: echo "::set-output name=sha_short::SHA-$(git rev-parse --short HEAD)"
- uses: actions/download-artifact@v2
with:
path: .artifacts
- name: Display structure of downloaded files
run: ls -R
working-directory: .artifacts
- name: Docker Login
run: docker login $REGISTRY -u $GITHUB_ACTOR -p $GITHUB_TOKEN
- name: Docker Pull short-sha
run: docker pull $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:${{ steps.vars.outputs.sha_short }}
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v2
with:
dry_run: false
semantic_version: 17.0.4
extra_plugins: |
@semantic-release/exec@5.0.0
- name: Docker Tag Version
run: docker tag $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:${{ steps.vars.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:$CAOS_NEXT_VERSION
if: env.CAOS_NEXT_VERSION != ''
- name: Docker Tag Latest
run: docker tag $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:${{ steps.vars.outputs.sha_short }} $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:latest
if: env.CAOS_NEXT_VERSION != ''
- name: Docker Push Version
run: docker push $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:$CAOS_NEXT_VERSION
if: env.CAOS_NEXT_VERSION != ''
- name: Docker Push Latest
run: docker push $REGISTRY/$GITHUB_REPOSITORY/$IMAGE:latest
if: env.CAOS_NEXT_VERSION != ''
- name: Deploy DEV environment
env:
TARGET_ENVIRONMENT: "dev"
GIT_OPSREPO_DEPLOYTOKEN: ${{secrets.GIT_OPSREPO_DEPLOYTOKEN}}
run: |
source ./.github/scripts/githelper.sh
setup_git
checkout_project
change_image_version
upload_files
if: env.CAOS_NEXT_VERSION != ''