Skip to content

Scheduled publish

Scheduled publish #65

name: Scheduled publish
on:
schedule:
- cron: '20 8 * * 1'
workflow_dispatch:
jobs:
deployment:
name: Rebuild and publish the latest tagged image
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
packages: write
steps:
- name: Get latest tag
uses: oprypin/find-latest-tag@v1
id: latest-tag
with:
repository: ${{ github.repository }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout repository code
uses: actions/checkout@main
with:
ref: ${{ steps.latest-tag.outputs.tag }}
fetch-depth: 0
- name: Set current date as env variable
run: echo "TODAY=$(date +'%Y%m%d')" >> $GITHUB_ENV
- name: Set nicely formatted current date as env variable
run: echo "TODAY_FORMATTED=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
- name: Create weekly tag
id: tag
env:
TAG: ${{ steps.latest-tag.outputs.tag }}_${{ env.TODAY }}
run: |
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git config --global user.name "github-actions[bot]"
git tag -a $TAG -m "Weekly rebuild of ${{ steps.latest-tag.outputs.tag }}"
git push origin $TAG
echo "TAG=$TAG" >> $GITHUB_OUTPUT
- name: Build and push weekly image (w/ aws cli)
uses: ./.github/workflows/publish
with:
bake_target: aws
aws_role_to_assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
github_token: ${{ secrets.GITHUB_TOKEN }}
git_tag: ${{ steps.tag.outputs.TAG }}
publish_release: true
release_title: ${{ steps.latest-tag.outputs.tag }} - weekly release (${{ env.TODAY_FORMATTED }})
release_body: |
## Weekly rebuild
This is a weekly rebuild of the latest image (`${{ steps.latest-tag.outputs.tag }}`).
The image is rebuilt to ensure that it is up to date with the latest security patches.
## Updated images
### Image with aws cli
- `${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:latest`
- `${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:${{ steps.tag.outputs.TAG }}`
- `ghcr.io/spacelift-io/runner-terraform:latest`
- `ghcr.io/spacelift-io/runner-terraform:${{ steps.tag.outputs.TAG }}`
### Image with gcloud cli
- `${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:gcp-latest`
- `${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:gcp-${{ steps.tag.outputs.TAG }}`
- `ghcr.io/spacelift-io/runner-terraform:gcp-latest`
- `ghcr.io/spacelift-io/runner-terraform:gcp-${{ steps.tag.outputs.TAG }}`
### Image with az cli
- `${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:azure-latest`
- `${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:azure-${{ steps.tag.outputs.TAG }}`
- `ghcr.io/spacelift-io/runner-terraform:azure-latest`
- `ghcr.io/spacelift-io/runner-terraform:azure-${{ steps.tag.outputs.TAG }}`
bake_set: |
aws.tags=${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:latest
aws.tags=${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:${{ steps.tag.outputs.TAG }}
aws.tags=ghcr.io/spacelift-io/runner-terraform:latest
aws.tags=ghcr.io/spacelift-io/runner-terraform:${{ steps.tag.outputs.TAG }}
- name: Build and push weekly image (w/ gcloud cli)
uses: ./.github/workflows/publish
with:
bake_target: gcp
aws_role_to_assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
github_token: ${{ secrets.GITHUB_TOKEN }}
git_tag: ${{ steps.latest-tag.outputs.tag }}
publish_release: false
bake_set: |
gcp.tags=${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:gcp-latest
gcp.tags=${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:gcp-${{ steps.tag.outputs.TAG }}
gcp.tags=ghcr.io/spacelift-io/runner-terraform:gcp-latest
gcp.tags=ghcr.io/spacelift-io/runner-terraform:gcp-${{ steps.tag.outputs.TAG }}
- name: Build and push weekly image (w/ az cli)
uses: ./.github/workflows/publish
with:
bake_target: azure
aws_role_to_assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
github_token: ${{ secrets.GITHUB_TOKEN }}
git_tag: ${{ steps.latest-tag.outputs.tag }}
publish_release: false
bake_set: |
azure.tags=${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:azure-latest
azure.tags=${{ secrets.PUBLIC_RUNNER_TERRAFORM_ECR_REPOSITORY_URL }}:azure-${{ steps.tag.outputs.TAG }}
azure.tags=ghcr.io/spacelift-io/runner-terraform:azure-latest
azure.tags=ghcr.io/spacelift-io/runner-terraform:azure-${{ steps.tag.outputs.TAG }}