Skip to content
CD

Bump github/codeql-action from 3.24.3 to 3.24.9 #61

Sign in to view logs

Bump github/codeql-action from 3.24.3 to 3.24.9

Bump github/codeql-action from 3.24.3 to 3.24.9 #61

Workflow file for this run

.github/workflows/cd.yaml at f002d25
---
name: CD
on:
workflow_dispatch:
pull_request:
types:
- closed
branches:
- main
permissions:
id-token: write
contents: write
packages: write
jobs:
check:
name: check pr status
runs-on: ubuntu-22.04
steps:
- name: check if PR is merged
uses: zmynx/github-actions/.github/actions/git/check-merge@feature/gha
ci:
needs: [check]
name: continuous integration
uses: zmynx/github-actions/.github/workflows/ci-pytest.yaml@feature/gha
secrets: inherit
cd:
name: continuous-deployment
needs: [check, ci]
runs-on: ubuntu-22.04
outputs:
new_tag: ${{ steps.semver.outputs.new_tag }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
## Require permission to write to id-token
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_PROD }}
role-session-name: GitHub-Actions-OIDC
role-duration-seconds: 1200
aws-region: ${{ vars.AWS_REGION }}
- name: Connect to ECR
id: ecr-login
uses: zmynx/github-actions/.github/actions/aws/ecr-login@feature/gha
with:
aws_region: ${{ vars.AWS_REGION }}
- name: Semantic Versioning
id: semver
uses: zmynx/github-actions/.github/actions/git/semver-v2@feature/gha
with:
fallback_version: "${{ format('{0}-{1}', github.base_ref, '1.0.0') }}"
prefix: "${{ format('{0}-', github.base_ref) }}"
## Require permission to write to id-token
- name: Publish
id: publish-to-ecr
uses: zmynx/github-actions/.github/actions/aws/publish-to-ecr@feature/gha
with:
ecr_repo_name: prod.${{ github.event.repository.name }}
ecr_registry: ${{ steps.ecr-login.outputs.registry }}
image_tag: ${{ steps.semver.outputs.new_tag }}
- name: Git Config
uses: zmynx/github-actions/.github/actions/git/git-config@feature/gha
- name: Git Tag
uses: zmynx/github-actions/.github/actions/git/git-tag@feature/gha
with:
tag: "${{ format('{0}-{1}', github.base_ref, steps.semver.outputs.new_tag) }}"
cd-helm:
name: continuous-delivery
needs: [check, ci, cd]
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
repository: smipin/gitops
ref: main
token: ${{ secrets.CD_API_KEY }}
fetch-depth: 0
- name: Update application version
run: yq e '.appVersion = "${{ needs.cd.outputs.new_tag }}"' -i charts/${{ github.event.repository.name }}/Chart.yaml
- name: Update chart version
run: yq e '.version = "${{ needs.cd.outputs.new_tag }}"' -i charts/${{ github.event.repository.name }}/Chart.yaml
- name: Git Config
uses: zmynx/github-actions/.github/actions/git/git-config@feature/gha
- name: commit
id: commit
run: |
git add .
git commit -m "Update chart version to ${{ needs.cd.outputs.new_tag }}"
git push origin main
slack:
needs: [ci, cd, cd-helm]
runs-on: ubuntu-22.04
if: always()
steps:
- name: Send slack message
uses: zmynx/github-actions/.github/actions/shared/send-slack-message@feature/gha
with:
result: ${{ needs.cd-helm.result }}
title: "CD result:"
channel: spikerz-pipline
slack_webhook: ${{ secrets.SLACK_WEBHOOK_PROD }}
extra_message: |
${{ needs.cd-helm.result == 'success' && format('✅ *{0}* has been deployed to *prod* environment successfully.', github.event.repository.name) || format('❌ *{0}* has falied to deploy to *prod* environment.', github.event.repository.name) }}
*Version:* ${{ format('{0}-{1}', github.base_ref, needs.cd.outputs.new_tag ) }}
*Commit:* ${{ github.sha }}
*Commit message:* ${{ github.event.pull_request.title }}
*PR merged by:* ${{ github.event.pull_request.merged_by.login }}