diff --git a/.github/workflows/docker_cleanup.yml b/.github/workflows/docker_cleanup.yml new file mode 100644 index 0000000..adade49 --- /dev/null +++ b/.github/workflows/docker_cleanup.yml @@ -0,0 +1,23 @@ +name: Cleanup Untagged Images + +on: + # every sunday at 00:00 + schedule: + - cron: "0 0 * * SUN" + # or manually + workflow_dispatch: + +jobs: + delete-untagged-images: + name: Delete Untagged Images + runs-on: ubuntu-latest + steps: + - uses: bots-house/ghcr-delete-image-action@v1.1.0 # nosemgrep: yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha.third-party-action-not-pinned-to-commit-sha + with: + # NOTE: at now only orgs is supported + owner: airtai + name: test-chat-app + + token: ${{ secrets.GITHUB_TOKEN }} + # Keep latest N untagged images + untagged-keep-latest: 1 diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml new file mode 100644 index 0000000..5815466 --- /dev/null +++ b/.github/workflows/pipeline.yml @@ -0,0 +1,42 @@ +name: Pipeline +on: [push, workflow_dispatch] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + PORT: ${{ vars.PORT }} + WASP_WEB_CLIENT_URL: ${{ vars.WASP_WEB_CLIENT_URL }} + DATABASE_URL: ${{ secrets.DATABASE_URL }} + JWT_SECRET: ${{ secrets.JWT_SECRET }} + +jobs: + docker_build_push: + runs-on: ubuntu-22.04 + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - uses: actions/setup-node@v3 + with: + node-version: 18 + + - name: Install wasp + run: curl -sSL https://get.wasp-lang.dev/installer.sh | sh + + - name: Log in to the Container registry + uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - run: docker pull ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME || docker pull ghcr.io/$GITHUB_REPOSITORY || true + - run: docker build --build-arg PORT=$PORT -t ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME ./.wasp/build/ + - name: Add tag latest if branch is main + if: github.ref_name == 'main' + run: docker tag ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME ghcr.io/$GITHUB_REPOSITORY:latest + - name: Push only if branch name is main + if: github.ref_name == 'main' + run: docker push ghcr.io/$GITHUB_REPOSITORY --all-tags