From 3bd3af4aef62f8782255cedf0cbdc2ef236c3860 Mon Sep 17 00:00:00 2001 From: Leon Welchert Date: Sun, 29 Dec 2024 16:11:23 +0100 Subject: [PATCH] debug CI --- .github/workflows/main.yaml | 83 ++++++++++++++++++++++++------------- 1 file changed, 55 insertions(+), 28 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index d0b5312..8a6c4ac 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -3,12 +3,19 @@ on: branches: - '*' jobs: - build: + build_website: + permissions: + # these permissions are needed to authenticate with gcloud + contents: 'read' + id-token: 'write' + env: + IMAGE_NAME: lichturm-website + IMAGE_TAG: prod runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@master + uses: actions/checkout@v4 - name: Build Website # TODO: pick a version? @@ -23,40 +30,60 @@ jobs: name: website path: './public' + #https://github.com/google-github-actions/auth - name: Google Auth id: auth uses: 'google-github-actions/auth@v2' with: token_format: 'access_token' - project_id: ${{ env.PROJECT_ID }} - service_account: ${{ env.SERVICE_ACCOUNT }} - workload_identity_provider: ${{ env.WORKLOAD_IDENTITY_PROVIDER }} + project_id: ${{ secrets.PROJECT_ID }} + service_account: ${{ secrets.SERVICE_ACCOUNT }} + workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }} + #project_id: bob + #service_account: 123 + #workload_identity_provider: xyz + # https://github.com/docker/login-action - name: Docker Auth id: docker-auth - uses: 'docker/login-action@v1' + uses: 'docker/login-action@v3.3.0' with: username: 'oauth2accesstoken' password: '${{ steps.auth.outputs.access_token }}' - registry: '${{ env.CONTAINER_REGISTRY_URL }}-docker.pkg.dev' - - - name: Build and Push Container - run: |- - docker build -t "${{ env.AR_URL }}/${{ env.IMAGE_NAME }}:${{ github.sha }}" ./ - docker push "${{ env.AR_URL }}/${{ env.IMAGE_NAME }}:${{ github.sha }}" - - # upload to s3 - - name: Install s3cmd - run: | - pip install s3cmd - - name: Configure s3cmd - run: | - echo "[default]" > ~/.s3cfg - echo "access_key = ${{ secrets.S3_KEY_ID }}" >> ~/.s3cfg - echo "secret_key = ${{ secrets.S3_SECRET_KEY }}" >> ~/.s3cfg - echo "host_base = fsn1.your-objectstorage.com" >> ~/.s3cfg - echo "host_bucket = %(bucket)s.fsn1.your-objectstorage.com" >> ~/.s3cfg - - name: Upload files to Hetzner S3 - # with this configuration, the bucket should be specified as e.g. "s3://bucket1" - run: | - s3cmd sync ./public ${{ secrets.S3_BUCKET }} --delete-removed + registry: '${{ secrets.CONTAINER_REGISTRY_URL }}-docker.pkg.dev' + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + # https://github.com/docker/build-push-action + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: "${{ secrets.CONTAINER_REGISTRY_URL }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}" + +# - name: Build and Push Container +# run: | +# docker buildx build -t "bobobobo/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}" +# docker push "${{ secrets.CONTAINER_REGISTRY_URL }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}" +# +# - name: Install s3cmd +# run: | +# pip install s3cmd +# +# - name: Configure s3cmd +# run: | +# echo "[default]" > ~/.s3cfg +# echo "access_key = ${{ secrets.S3_KEY_ID }}" >> ~/.s3cfg +# echo "secret_key = ${{ secrets.S3_SECRET_KEY }}" >> ~/.s3cfg +# echo "host_base = fsn1.your-objectstorage.com" >> ~/.s3cfg +# echo "host_bucket = %(bucket)s.fsn1.your-objectstorage.com" >> ~/.s3cfg +# +# - name: Upload files to Hetzner S3 +# # with this configuration, the bucket should be specified as e.g. "s3://bucket1" +# run: | +# s3cmd sync ./public ${{ secrets.S3_BUCKET }} --delete-removed