Merge branch 'master' into jcortejoso/container-ci-cd-refactor #19
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Sign Blockchain Release Images | ||
on: | ||
push: | ||
branches: | ||
# Matches i.e: release/1.9.x | ||
- 'release/[0-9]+.[0-9]+.x' | ||
tags: | ||
- 'v[0-9]+.[0-9]+.[0-9]+(?:-\S+(?:\.\d+)*)*' | ||
workflow_dispatch: | ||
jobs: | ||
# Extracts the branch name when branch=release/* and exports as an output | ||
replace-branch-name: | ||
runs-on: ubuntu-latest | ||
# Map a step output to a job output | ||
outputs: | ||
replaced-branch: ${{ steps.replace.outputs.value }} | ||
if: startsWith(github.ref, 'refs/heads/release') | ||
steps: | ||
- id: replace | ||
run: | | ||
# Transform from `refs/heads/release/1.9.x` to `release-1.9` | ||
branch_name=$(echo ${{ github.ref_name }} | sed 's!refs/heads/!!' | sed 's!/!-!' | sed 's!\.x!!') | ||
echo "replace-branch-name output: value=${branch_name}" | ||
echo "value=${branch_name}" >> $GITHUB_OUTPUT | ||
# Extracts the tag if tag=v* and exports as an output | ||
replace-tag-v: | ||
runs-on: ubuntu-latest | ||
# Map a step output to a job output | ||
outputs: | ||
replaced-tag: ${{ steps.replace.outputs.value }} | ||
major: ${{ steps.major-minor.outputs.MAJOR }} | ||
major-minor: ${{ steps.major-minor.outputs.MAJOR_MINOR }} | ||
if: startsWith(github.ref, 'refs/tags/v') | ||
steps: | ||
- id: replace | ||
run: | | ||
# Transform from `refs/tags/v1.9.0` to `1.9.0` | ||
version=$(echo ${{ github.ref_name }} | sed 's!v!!') | ||
echo "value=${version}" | ||
echo "value=${version}" >> $GITHUB_OUTPUT | ||
- id: major-minor | ||
run: | | ||
# Extracts the major and major-minor versions | ||
# I.e: 1.9.0 -> MAJOR=1, MAJOR_MINOR=1.9 | ||
version=${{ steps.replace.outputs.value }} | ||
semver=( ${version//./ } ) | ||
echo "replace-tag-v output: MAJOR=${semver[0]}" | ||
echo "replace-tag-v output: MAJOR_MINOR=${semver[0]}.${semver[1]}" | ||
echo "MAJOR=${semver[0]}" >> $GITHUB_OUTPUT | ||
echo "MAJOR_MINOR=${semver[0]}.${semver[1]}" >> $GITHUB_OUTPUT | ||
build-container-geth-dev: | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0.1 | ||
if: startsWith(github.ref, 'refs/heads/release') | ||
needs: | ||
- replace-branch-name | ||
with: | ||
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-blockchain-dev/providers/github-by-repos' | ||
service-account: 'celo-blockchain-dev@devopsre.iam.gserviceaccount.com' | ||
artifact-registry: us-west1-docker.pkg.dev/devopsre/dev-images/geth | ||
tags: ${{ needs.replace-branch-name.outputs.replaced-branch }} | ||
platforms: linux/amd64,linux/arm64 | ||
context: . | ||
file: Dockerfile | ||
trivy: true | ||
build-container-geth-all-dev: | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0 | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0.1 | ||
if: startsWith(github.ref, 'refs/heads/release') | ||
needs: | ||
- replace-branch-name | ||
with: | ||
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-blockchain-dev/providers/github-by-repos' | ||
service-account: 'celo-blockchain-dev@devopsre.iam.gserviceaccount.com' | ||
artifact-registry: us-west1-docker.pkg.dev/devopsre/dev-images/geth-all | ||
tags: ${{ needs.replace-branch-name.outputs.replaced-branch }} | ||
platforms: linux/amd64,linux/arm64 | ||
context: . | ||
file: Dockerfile.alltools | ||
trivy: true | ||
build-container-geth-devopsre: | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0.1 | ||
if: startsWith(github.ref, 'refs/tags/v') && false | ||
needs: | ||
- replace-tag-v | ||
with: | ||
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-blockchain/providers/github-by-repos' | ||
service-account: 'celo-blockchain@devopsre.iam.gserviceaccount.com' | ||
artifact-registry: us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/geth | ||
tags: ${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
platforms: linux/amd64,linux/arm64 | ||
context: . | ||
file: Dockerfile | ||
trivy: true | ||
build-container-geth-all-devopsre: | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0.1 | ||
if: startsWith(github.ref, 'refs/tags/v') && false | ||
needs: | ||
- replace-tag-v | ||
with: | ||
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-blockchain/providers/github-by-repos' | ||
service-account: 'celo-blockchain@devopsre.iam.gserviceaccount.com' | ||
artifact-registry: us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/geth-all | ||
tags: ${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
platforms: linux/amd64,linux/arm64 | ||
context: . | ||
file: Dockerfile.alltools | ||
trivy: true | ||
build-container-geth-celo-org: | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0.1 | ||
if: startsWith(github.ref, 'refs/tags/v') | ||
needs: | ||
- replace-tag-v | ||
with: | ||
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-blockchain/providers/github-by-repos' | ||
service-account: 'celo-blockchain@devopsre.iam.gserviceaccount.com' | ||
artifact-registry: us.gcr.io/celo-org/geth | ||
tags: ${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
platforms: linux/amd64,linux/arm64 | ||
context: . | ||
file: Dockerfile | ||
trivy: true | ||
build-container-geth-all-celo-org: | ||
uses: celo-org/reusable-workflows/.github/workflows/container-cicd.yaml@v2.0.1 | ||
if: startsWith(github.ref, 'refs/tags/v') | ||
needs: | ||
- replace-tag-v | ||
with: | ||
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-celo-blockchain/providers/github-by-repos' | ||
service-account: 'celo-blockchain@devopsre.iam.gserviceaccount.com' | ||
artifact-registry: us.gcr.io/celo-org/geth-all | ||
tags: ${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
platforms: linux/amd64,linux/arm64 | ||
context: . | ||
file: Dockerfile.alltools | ||
trivy: true | ||
# TODO(): The next worfklows assume that the latest pushed is effectively the latest tag | ||
# This can be problematic for cases when have multiple active release branches (i.e: 1.9.x and 1.10.x) and | ||
# we tag a new release on 1.9.x, the latest pushed for bakalva and 1 tags will be 1.9.x and not 1.10.x | ||
add-baklava-geth-tag: | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth:baklava | ||
add-baklava-geth-all-tag: | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth-all:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth-all:baklava | ||
add-mainnet-geth-tag: | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth:mainnet | ||
add-mainnet-geth-all-tag: | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth-all:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth-all:mainnet | ||
add-major-geth-tag: | ||
if: github.ref == 'refs/heads/master' | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth:${{ needs.replace-tag-v.outputs.major }} | ||
add-major-geth-all-tag: | ||
if: github.ref == 'refs/heads/master' | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth-all:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth-all:${{ needs.replace-tag-v.outputs.major }} | ||
add-minor-geth-tag: | ||
if: github.ref == 'refs/heads/master' | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth:${{ needs.replace-tag-v.outputs.major-minor }} | ||
add-minor-geth-all-tag: | ||
if: github.ref == 'refs/heads/master' | ||
uses: ./.github/workflows/add-docker-tag.yaml | ||
needs: | ||
- replace-tag-v | ||
- build-container-geth-celo-org | ||
with: | ||
source-image: us.gcr.io/celo-org/geth-all:${{ needs.replace-tag-v.outputs.replaced-tag }} | ||
destination-image: us.gcr.io/celo-org/geth-all:${{ needs.replace-tag-v.outputs.major-minor }} |