AUT-105: Add GitHub deployment workflow #330
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
oskirby
force-pushed
the
aut-105-github-deployment-workflow
branch
from
79e7809
to
aab5392
Compare
jmhodges
reviewed
Sep 10, 2024
hneiva
reviewed
Sep 10, 2024
| @@ -46,9 +52,9 @@ FROM base | |||
| EXPOSE 8080 | |||
|
|
|||
| # Copy compiled appliation from the builder. | |||
| ADD . /app/src/autograph | |||
| RUN mkdir /app | |||
There was a problem hiding this comment.
I don't think you need to mkdir before running the ADD on the next line
oskirby
force-pushed
the
aut-105-github-deployment-workflow
branch
from
5c55fdb
to
9218548
Compare
oskirby
force-pushed
the
aut-105-github-deployment-workflow
branch
from
c248c54
to
b9d7aeb
Compare
jmhodges
previously approved these changes
Sep 11, 2024
|
I see this hasn't merged in. Is there a reason why? |
|
(FYI, to shortcut what could be the next question: all of the env vars and secrets are set correctly and had been set before this PR was posted) |
This means that forks can still deploy to either GAR or Dockerhub depending on which credentials that have been configured with, and skips any that are missing.
jmhodges
approved these changes
Sep 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR attempts to add a workflow which can push container images to both Dockerhub and the Google Artifact Registry. This is a pretty straightforeward copy of the same workflow from the autograph repository, and uses the
docker/build-push-actionto do all of the heavy lifting for us.In order to generate a
version.jsonfile, we add a script to generate it from the CI environment, and then add the necessaryMakefileorgo generatescaffolding to run it as appropriate. I also felt it was a good idea to remove the checked-inversion.jsonfrom the repository to prevent it from being able to spread incorrect version information around.To upload container images to Dockerhub, the following secrets and variables need to be provided:
vars.DOCKERHUB_REPO: The repository on Dockerhub to which the image should be pushed (eg: mozilla/autographedge).vars.DOCKERHUB_USERNAME: The username of the account that will login to Dockerhub.secrets.DOCKERHUB_PASSWORD: The password (or personal access token) used to authenticate with Dockerhub.To upload container images to the Google Artifact regsitry, the following variables need to be provided:
vars.GAR_LOCATION: The Google Artifact Registry location. (eg:us)vars.GCP_PROJECT_ID: The GCP Project identifier.vars.GAR_REPOSITORY: The Google Artifact Registry repository to which the image should be pushed.vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER: The identity provider to use in thegoogle-github-actions/authaction.I have not been able to test the Google Artifact Registry code in a fork, but the results of the Dockerhub push can be found at nkirby/autograph-edge