-
Notifications
You must be signed in to change notification settings - Fork 5
142 lines (126 loc) · 5.57 KB
/
publish-marxan-docker-images.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Publish Marxan Docker images
permissions:
id-token: write
contents: read
on:
push:
branches:
- 'main'
- 'staging'
paths:
- '.github/**'
- 'api/**'
- 'app/**'
- 'webshot/**'
workflow_dispatch:
inputs:
enable_maintenance_mode:
type: boolean
description: If maintenance mode should be enabled
default: false
waitForTest:
description: 'Set to "false" to skip waiting for tests to pass.'
required: true
default: 'true'
jobs:
wait_for_tests:
name: Wait for tests to finish running
if: ${{ github.event.inputs.enable_maintenance_mode != 'true' }}
runs-on: ubuntu-22.04
steps:
- name: Wait for API tests to run
if: ${{ github.event.inputs.waitForTest == 'true' }}
uses: fountainhead/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
checkName: API Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
intervalSeconds: 20
- name: Wait for Client tests to run
if: ${{ github.event.inputs.waitForTest == 'true' }}
uses: fountainhead/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
checkName: Client Tests
ref: ${{ github.event.pull_request.head.sha || github.sha }}
intervalSeconds: 20
push_api_to_registry:
name: Push API Docker image to Azure Container Registry
needs: wait_for_tests
runs-on: ubuntu-22.04
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Build and push image
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build ./api -f api/api.Dockerfile \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api:${{ github.sha }} \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }}
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api
push_geoprocessing_to_registry:
name: Push Geoprocessing Docker image to Azure Container Registry
needs: wait_for_tests
runs-on: ubuntu-22.04
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Login via Azure CLI
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Build and push image
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build ./api -f api/geo.Dockerfile \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing:${{ github.sha }} \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }}
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing
push_client_to_registry:
name: Push Client Docker image to Azure Container Registry
if: ${{ github.event.inputs.enable_maintenance_mode == 'true' && always() || success() }}
needs: wait_for_tests
runs-on: ubuntu-22.04
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Login via Azure CLI
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Build and push image
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build ./app \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client:${{ github.sha }} \
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }} \
--build-arg NEXT_PUBLIC_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_URL_STAGING || secrets.NEXT_PUBLIC_URL_PRODUCTION }} \
--build-arg NEXT_PUBLIC_API_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_API_URL_STAGING || secrets.NEXT_PUBLIC_API_URL_PRODUCTION }} \
--build-arg NEXTAUTH_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXTAUTH_URL_STAGING || secrets.NEXTAUTH_URL_PRODUCTION }} \
--build-arg NEXT_PUBLIC_FEATURE_FLAGS=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_FEATURE_FLAGS_STAGING || secrets.NEXT_PUBLIC_FEATURE_FLAGS_PRODUCTION }} \
--build-arg NEXT_PUBLIC_MAPBOX_API_TOKEN=${{ secrets.NEXT_PUBLIC_MAPBOX_API_TOKEN }} \
--build-arg ENABLE_MAINTENANCE_MODE=${{ github.event.inputs.enable_maintenance_mode }} \
--build-arg NEXT_PUBLIC_CONTACT_EMAIL=${{ secrets.NEXT_PUBLIC_CONTACT_EMAIL }}
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client