-
Notifications
You must be signed in to change notification settings - Fork 0
136 lines (131 loc) · 5.36 KB
/
build-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: Build and release
on:
push:
tags:
- 'v*'
pull_request:
branches:
- main
workflow_dispatch:
concurrency:
group: ci-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
BROKER_URL: https://broker.io.nrs.gov.bc.ca
BROKER_JWT: ${{ secrets.broker_jwt_BFB8F8BC_D617_484A_9A4E_E9B98AB4E5BC }}
SERVICE_PROJECT: nodejs-sample
SERVICE_NAME: nodejs-sample
jobs:
check_token_expiration:
uses: ./.github/workflows/check-token.yaml
secrets:
token: ${{ secrets.broker_jwt_BFB8F8BC_D617_484A_9A4E_E9B98AB4E5BC }}
build-release:
name: Build and release
runs-on: ubuntu-latest
needs: check_token_expiration
permissions:
contents: read
packages: write
outputs:
project_version: ${{ steps.set-version.outputs.project_version }}
intention_id: ${{ steps.set-intention-id.outputs.intention_id }}
branch: $${{ steps.set-version.outputs.branch }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{ github.ref }}
- name: Setup ORAS
uses: oras-project/setup-oras@v1
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: 22
cache: 'npm'
- name: Set version
id: set-version
run: |
REF_NAME="${{ github.ref_name }}"
SAFE_REF_NAME=$(echo "$REF_NAME" | tr '/' '-')
if [[ ${{ startsWith(github.ref, 'refs/heads/') }} = true ]]; then
version=$(cat package.json | jq -r '.version')
echo "project_version=$version-${SAFE_REF_NAME}" >> "$GITHUB_OUTPUT"
echo "tag=${SAFE_REF_NAME}" >> "$GITHUB_OUTPUT"
fi
if [[ ${{ startsWith(github.ref, 'refs/pull/') }} = true ]]; then
version=$(cat package.json | jq -r '.version')
echo "project_version=$version-${SAFE_REF_NAME}" >> "$GITHUB_OUTPUT"
echo "tag=${SAFE_REF_NAME}" >> "$GITHUB_OUTPUT"
fi
if [[ ${{ startsWith(github.ref, 'refs/tags/v') }} = true ]]; then
echo "tag=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
TAG=${{ github.ref_name }}
version="${TAG#v}"
echo "project_version=$version" >> $GITHUB_OUTPUT
fi
- name: Set build output parameters
id: set-build-output-parameters
run: |
echo "git_commit=$(git rev-parse --verify HEAD)" >> $GITHUB_OUTPUT
echo "build_guid=uuid::$(uuidgen)" >> $GITHUB_OUTPUT
- name: Build intention
run: sh ./.github/workflows/build-intention.sh
env:
EVENT_REASON: Build ${{ github.ref_name }}
GITHUB_REPOSITORY: ${{ github.repository}}
GITHUB_RUN_ID: ${{ github.run_id}}
PACKAGE_BUILD_GUID: ${{ steps.set-build-output-parameters.outputs.build_guid }}
PACKAGE_BUILD_NUMBER: ${{ github.run_number }}
PACKAGE_BUILD_VERSION: ${{ steps.set-build-output-parameters.outputs.git_commit }}
PACKAGE_VERSION: ${{ steps.set-version.outputs.project_version }}
- name: Open intention
uses: bcgov-nr/action-broker-intention-open@v2
with:
broker_jwt: ${{ secrets.broker_jwt_BFB8F8BC_D617_484A_9A4E_E9B98AB4E5BC }}
intention_path: intention.json
quickstart: true
- name: Echo intention ID for deploy job
id: set-intention-id
run: |
echo "intention_id=${INTENTION_ID}" >> $GITHUB_OUTPUT
env:
INTENTION_ID: ${{ env.INTENTION_ID }}
- name: npm ci
run: npm ci
- name: Build artifact
run: npm run build --if-present
- name: Push build
id: publish-artifact
run: |
oras login ghcr.io -u ${{ github.actor }} --password-stdin <<< ${{ secrets.GITHUB_TOKEN }}
oras push --export-manifest manifest.json ghcr.io/${{ github.repository }}/package:${PROJECT_TAG} dist node_modules package.json package-lock.json
MANIFEST=$(cat ./manifest.json)
echo $MANIFEST
echo "artifact_sha256=$(echo $MANIFEST | jq -r '.layers[] | select(.annotations["org.opencontainers.image.title"] == "dist") | .digest')" >> $GITHUB_OUTPUT
echo "artifact_size=$(echo $MANIFEST | jq -r '.layers | map(.size) | add')" >> $GITHUB_OUTPUT
env:
PROJECT_TAG: ${{ steps.set-version.outputs.tag }}
- name: Send build info
run: |
curl -s POST ${{ env.BROKER_URL }}/v1/intention/action/patch \
-H 'Content-Type: application/json' \
-H 'X-Broker-Token: '"${BUILD_TOKEN}"'' \
-d '{"package":{"checksum": "'${ARTIFACT_SHA256}'", "size": '${ARTIFACT_SIZE}'}}'
env:
ARTIFACT_SHA256: ${{ steps.publish-artifact.outputs.artifact_sha256 }}
ARTIFACT_SIZE: ${{ steps.publish-artifact.outputs.artifact_size }}
BUILD_TOKEN: ${{ env.ACTION_TOKEN_BUILD }}
- name: Close intention
if: ${{ success() && env.INTENTION_TOKEN != '' }}
uses: bcgov-nr/action-broker-intention-close@v3
with:
intention_token: ${{ env.INTENTION_TOKEN }}
- name: Close intention (Failure)
if: ${{ failure() && env.INTENTION_TOKEN != '' }}
uses: bcgov-nr/action-broker-intention-close@v3
with:
intention_token: ${{ env.INTENTION_TOKEN }}
outcome: failure