Merge pull request #640 from Terralego/dependabot/github_actions/dock… #335
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release docker image | |
on: | |
release: | |
types: [created] | |
push: | |
branches: | |
- master | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write # required to publish docker image | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
CI: false | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Get admin and front git cache key | |
run: | | |
echo "ADMIN_CACHE_KEY=$(git submodule status ./admin)" >> $GITHUB_ENV | |
echo "FRONT_CACHE_KEY=$(git submodule status ./front)" >> $GITHUB_ENV | |
- name: Reconfigure git to use HTTP authentication | |
run: > | |
git config --global url."https://github.com/".insteadOf | |
ssh://git@github.com/ | |
- name: Cache admin | |
id: cache-admin | |
uses: actions/cache@v4 | |
with: | |
path: ./admin/build | |
key: admin-${{ env.ADMIN_CACHE_KEY }} | |
- name: Setup node for admin | |
if: steps.cache-admin.outputs.cache-hit != 'true' | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: './admin/.nvmrc' | |
cache: 'npm' | |
cache-dependency-path: './admin/package-lock.json' | |
- name: Install admin dependencies | |
if: steps.cache-admin.outputs.cache-hit != 'true' | |
working-directory: ./admin | |
run: | | |
npm ci --legacy-peer-deps --no-audit | |
- name: Build admin | |
if: steps.cache-admin.outputs.cache-hit != 'true' | |
working-directory: ./admin | |
run: | | |
cp ../conf/admin.env .env | |
npx react-scripts --openssl-legacy-provider build | |
- name: Cache front | |
id: cache-front | |
uses: actions/cache@v4 | |
with: | |
path: ./front/build | |
key: front-${{ env.FRONT_CACHE_KEY }} | |
- name: Setup node for front | |
if: steps.cache-front.outputs.cache-hit != 'true' | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: './front/.nvmrc' | |
cache: 'npm' | |
cache-dependency-path: './front/package-lock.json' | |
- name: Install front dependencies | |
if: steps.cache-front.outputs.cache-hit != 'true' | |
working-directory: ./front | |
run: | | |
npm ci --no-audit --only production | |
- name: Build front | |
if: steps.cache-front.outputs.cache-hit != 'true' | |
working-directory: ./front | |
run: | | |
npm run build | |
- uses: docker/setup-buildx-action@v3 | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker dev | |
id: meta-dev | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-dev | |
- name: Build and push Docker image dev | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: .docker/backend/Dockerfile | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
push: true | |
tags: ${{ steps.meta-dev.outputs.tags }} | |
labels: ${{ steps.meta-dev.outputs.labels }} | |
target: dev | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: .docker/backend/Dockerfile | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
target: prod | |
attach_install_release: | |
runs-on: ubuntu-latest | |
needs: [ release ] | |
permissions: | |
contents: write # required to attach zip to release | |
if: ${{ (github.event_name == 'release' && github.event.action == 'created') }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Prepare install.zip | |
run: | | |
cd install | |
mkdir -p terra_visu/var terra_visu/public | |
cp * ./terra_visu 2>/dev/null || : | |
cp -r ./conf ./terra_visu | |
zip -r ../install.zip terra_visu/ | |
- name: Attach zip archive as release binary | |
uses: skx/github-action-publish-binaries@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
args: 'install.zip' |