-
Notifications
You must be signed in to change notification settings - Fork 5
136 lines (120 loc) · 5.32 KB
/
publish-marxan-docker-images.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: Publish Marxan Docker images
permissions:
id-token: write
contents: read
on:
push:
branches:
- 'main'
- 'staging'
paths:
- '.github/**'
- 'api/**'
- 'app/**'
- 'webshot/**'
workflow_dispatch:
inputs:
enable_maintenance_mode:
type: boolean
description: If maintenance mode should be enabled
default: false
jobs:
wait_for_tests:
name: Wait for tests to finish running
if: ${{ github.event.inputs.enable_maintenance_mode != 'true' }}
runs-on: ubuntu-22.04
steps:
- name: Wait for API tests to run
uses: fountainhead/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
checkName: API Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
intervalSeconds: 20
- name: Wait for Client tests to run
uses: fountainhead/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
checkName: Client Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
intervalSeconds: 20
push_api_to_registry:
name: Push API Docker image to Azure Container Registry
needs: wait_for_tests
runs-on: ubuntu-22.04
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Build and push image
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build ./api -f api/api.Dockerfile \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api:${{ github.sha }} \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }}
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api
push_geoprocessing_to_registry:
name: Push Geoprocessing Docker image to Azure Container Registry
needs: wait_for_tests
runs-on: ubuntu-22.04
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Login via Azure CLI
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Build and push image
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build ./api -f api/geo.Dockerfile \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing:${{ github.sha }} \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }}
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing
push_client_to_registry:
name: Push Client Docker image to Azure Container Registry
if: ${{ github.event.inputs.enable_maintenance_mode == 'true' && always() || success() }}
needs: wait_for_tests
runs-on: ubuntu-22.04
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Login via Azure CLI
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Build and push image
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build ./app \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client:${{ github.sha }} \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }} \
--build-arg NEXT_PUBLIC_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_URL_STAGING || secrets.NEXT_PUBLIC_URL_PRODUCTION }} \
--build-arg NEXT_PUBLIC_API_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_API_URL_STAGING || secrets.NEXT_PUBLIC_API_URL_PRODUCTION }} \
--build-arg NEXTAUTH_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXTAUTH_URL_STAGING || secrets.NEXTAUTH_URL_PRODUCTION }} \
--build-arg NEXT_PUBLIC_FEATURE_FLAGS=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_FEATURE_FLAGS_STAGING || secrets.NEXT_PUBLIC_FEATURE_FLAGS_PRODUCTION }} \
--build-arg NEXT_PUBLIC_MAPBOX_API_TOKEN=${{ secrets.NEXT_PUBLIC_MAPBOX_API_TOKEN }} \
--build-arg ENABLE_MAINTENANCE_MODE=${{ github.event.inputs.enable_maintenance_mode }} \
--build-arg NEXT_PUBLIC_CONTACT_EMAIL=${{ secrets.NEXT_PUBLIC_CONTACT_EMAIL }}
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client