Skip to content

feat: add space education theme DOC-1138 (#22) #46

feat: add space education theme DOC-1138 (#22)

feat: add space education theme DOC-1138 (#22) #46

Workflow file for this run

name: Release to Production
on:
push:
branches: [main]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
docker:
name: "Release Docker image"
runs-on: ubuntu-latest
outputs:
VERSION: ${{ steps.version.outputs.version }}
steps:
- id: checkout
name: Checkout Repository
uses: actions/checkout@v3
- name: Setup Nodejs
uses: actions/setup-node@v3
with:
node-version: "20"
- name: Install dependencies
run: npm ci
- id: version
name: Determine Release Version
run: |
npm install @semantic-release/exec -D
npm install @semantic-release/changelog -D
npm install @semantic-release/git -D
npx semantic-release --dry-run
cat VERSION.env
source VERSION.env
echo "::set-output name=version::$VERSION"
- name: Set up QEMU
if: ${{ steps.version.outputs.VERSION != ''}}
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
if: ${{ steps.version.outputs.VERSION != ''}}
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
if: ${{ steps.version.outputs.VERSION != ''}}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Push Docker Image
if: ${{ steps.version.outputs.VERSION != ''}}
id: build-and-push
uses: docker/build-push-action@v2
with:
context: .
build-args: VERSION=${{steps.version.outputs.VERSION}}
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository }}:${{steps.version.outputs.VERSION}}
- uses: sigstore/[email protected]
- name: Image Signing
run: |
cosign sign --yes \
-a "repo=${{ github.repository }}" \
-a "workflow=${{ github.workflow }}" \
-a "ref=${{ github.sha }}" \
-a "owner=Spectro Cloud" \
--key env://COSIGN_PRIVATE_KEY --recursive "${TAGS}@${DIGEST}"
env:
TAGS: ghcr.io/${{ github.repository }}:${{steps.dependencies.outputs.VERSION}}
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
docker-reverse-proxy:
name: "Docker w/Proxy image"
runs-on: ubuntu-latest
outputs:
VERSION: ${{ steps.version.outputs.version }}
steps:
- id: checkout
name: Checkout Repository
uses: actions/checkout@v3
- name: Setup Nodejs
uses: actions/setup-node@v3
with:
node-version: "20"
- name: Install dependencies
run: npm ci
- id: version
name: Determine Release Version
run: |
npm install @semantic-release/exec -D
npm install @semantic-release/changelog -D
npm install @semantic-release/git -D
npx semantic-release --dry-run
cat VERSION.env
source VERSION.env
echo "::set-output name=version::$VERSION"
- name: Set up QEMU
if: ${{ steps.version.outputs.VERSION != ''}}
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
if: ${{ steps.version.outputs.VERSION != ''}}
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
if: ${{ steps.version.outputs.VERSION != ''}}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Push Docker Image
if: ${{ steps.version.outputs.VERSION != ''}}
id: build-and-push
uses: docker/build-push-action@v2
with:
context: .
file: Dockerfile.Caddy
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository }}:${{steps.version.outputs.VERSION}}-proxy
- uses: sigstore/[email protected]
- name: Image Signing
run: |
cosign sign --yes \
-a "repo=${{ github.repository }}" \
-a "workflow=${{ github.workflow }}" \
-a "ref=${{ github.sha }}" \
-a "owner=Spectro Cloud" \
--key env://COSIGN_PRIVATE_KEY --recursive "${TAGS}@${DIGEST}"
env:
TAGS: ghcr.io/${{ github.repository }}:${{steps.dependencies.outputs.VERSION}}
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
release:
name: "Release"
needs: [docker, docker-reverse-proxy]
runs-on: ubuntu-latest
steps:
- id: checkout
name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Retrieve Credentials
id: import-secrets
uses: hashicorp/[email protected]
with:
url: https://vault.prism.spectrocloud.com
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: /providers/github/organizations/spectrocloud/token?org_name=spectrocloud token | VAULT_GITHUB_TOKEN
- name: Setup Nodejs
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Install dependencies
run: npm ci
- name: "release"
env:
GITHUB_TOKEN: ${{ steps.import-secrets.outputs.VAULT_GITHUB_TOKEN }}
run: npx semantic-release