-
Notifications
You must be signed in to change notification settings - Fork 1
56 lines (56 loc) · 2.56 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
name: Tag and pre-deploy consignment export
on:
workflow_dispatch:
pull_request:
types:
- closed
permissions:
id-token: write
contents: write
env:
BRANCH_NAME: version-bump-${{ github.run_id }}${{ github.run_attempt }}
jobs:
pre-deploy:
runs-on: ubuntu-latest
if: ${{ github.base_ref == 'master' && github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'Version bump') }}
steps:
- uses: actions/checkout@v3
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v4
with:
git_user_signingkey: true
git_commit_gpgsign: true
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- id: build
run: |
git config --global user.email [email protected]
git config --global user.name tna-da-bot
git checkout -b $BRANCH_NAME
git push -u origin $BRANCH_NAME
sbt 'release with-defaults'
env:
GITHUB_TOKEN: ${{ secrets.WORKFLOW_PAT }}
- name: Configure AWS credentials from management account
uses: aws-actions/configure-aws-credentials@v1-node16
with:
role-to-assume: arn:aws:iam::${{ secrets.MANAGEMENT_ACCOUNT }}:role/TDRGithubActionsRoleMgmt
aws-region: eu-west-2
role-session-name: ExportPushImages
- name: Login to ECR
uses: docker/login-action@v1
with:
registry: ${{ secrets.MANAGEMENT_ACCOUNT }}.dkr.ecr.eu-west-2.amazonaws.com
- run: |
gh release create --generate-notes ${{ steps.build.outputs.latest-tag}} bagit-export/target/universal/tdr-consignment-export.tgz export/target/universal/tdr-export.tgz
gh pr create --fill --label 'Version bump'
docker build --pull --no-cache -t ${{ secrets.MANAGEMENT_ACCOUNT }}.dkr.ecr.eu-west-2.amazonaws.com/consignment-export:${{ steps.build.outputs.latest-tag}} .
docker push ${{ secrets.MANAGEMENT_ACCOUNT }}.dkr.ecr.eu-west-2.amazonaws.com/consignment-export:${{ steps.build.outputs.latest-tag}}
gh workflow run deploy.yml -f environment=intg -f to-deploy=${{ steps.build.outputs.latest-tag}}
env:
GITHUB_TOKEN: ${{ secrets.WORKFLOW_PAT }}
- name: Send success message
uses: nationalarchives/tdr-github-actions/.github/actions/slack-send@main
with:
message: "*Consignment Export* :whale: Pushed version ${{ steps.build.outputs.latest-tag}} to AWS ECR"
slack-url: ${{ secrets.SLACK_WEBHOOK }}