New Deploy workflows-service image #31

Workflow file for this run

.github/workflows/deploy-wf-service.yml at 35e675e

	name: New Deploy workflows-service image

	on:
	workflow_dispatch:
	inputs:
	environment:
	type: choice
	description: 'Choose Environment'
	required: true
	default: 'dev'
	options:
	- 'sb'
	- 'prod'


	workflow_call:
	inputs:
	environment:
	type: string
	description: 'Environment'
	required: true
	default: 'dev'
	sha:
	type: string
	description: 'SHA ID'
	required: true


	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository_owner }}/workflows-service
	SHORT_HASH: ${{ (inputs.environment == 'dev' && inputs.sha) \|\| (inputs.environment == 'prod' && vars.SB_WF_SHORT_SHA) \|\| (vars.DEV_WF_SHORT_SHA) }}

	jobs:
	set_short_hash:
	runs-on: ubuntu-latest
	steps:
	- name: Verify SHORT_HASH
	run: \|
	echo "SHORT_HASH is ${{ env.SHORT_HASH }}"
	echo "SHORT_HASH is ${{ env.SHORT_HASH }}"
	echo "SHORT_HASH is $SHORT_HASH"

	tag-and-push-image:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Get version
	id: version
	run: \|
	echo "sha_short=${{ env.SHORT_HASH }}" >> $GITHUB_OUTPUT
	if [ "${{ inputs.environment }}" == "prod" ]; then
	echo "PROD_WF_SHORT_SHA=${{ env.SHORT_HASH }}" >> $GITHUB_ENV
	else
	echo "SB_WF_SHORT_SHA=${{ env.SHORT_HASH }}" >> $GITHUB_ENV
	fi

	- name: Update Service version in Environment
	if: ${{ inputs.environment != 'dev' }}
	run: \|
	if [ "${{ inputs.environment }}" == "prod" ]; then
	ENV="PROD"
	elif [ "${{ inputs.environment }}" == "sb" ]; then
	ENV="SB"
	else
	ENV="DEV"
	fi
	echo "$ENV"
	curl -X PATCH \
	-H "Accept: application/vnd.github+json" \
	-H "Authorization: Bearer ${{ secrets.GH_CI_ENV_TOKEN }}" \
	-H "X-GitHub-Api-Version: 2022-11-28" \
	"https://api.github.com/repos/ballerine-io/ballerine/actions/variables/${ENV^^}_WF_SHORT_SHA" \
	-d "{\"name\":\"${ENV}_WF_SHORT_SHA\",\"value\":\"${{ env.SHORT_HASH }}\"}"

	- name: Cache Docker layers
	id: cache
	uses: actions/cache@v2
	with:
	path: /tmp/.buildx-cache
	key: ${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
	restore-keys: \|
	${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
	${{ runner.os }}-docker-

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	with:
	platforms: 'arm64,arm'

	- name: Log in to the container registry
	uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Pull and Tag Existing Image
	if: ${{ inputs.environment != 'dev' }}
	run: \|
	if [ "${{ inputs.environment }}" == "prod" ]; then
	docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-sb
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-sb ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-${{ inputs.environment }}
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-sb ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ inputs.environment }}
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-sb ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:latest
	else
	docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-dev
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-dev ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-${{ inputs.environment }}
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-dev ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ inputs.environment }}
	fi
	docker images
	docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ env.SHORT_HASH }}-${{ inputs.environment }}
	docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}:${{ inputs.environment }}

	build-and-push-ee-image:
	runs-on: ubuntu-latest
	needs: [tag-and-push-image]
	outputs:
	SUBMODULE_SHORT_HASH: ${{ steps.lastcommit.outputs.shorthash }}
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Checkout wf-data-migration
	uses: actions/checkout@v4
	with:
	repository: ballerine-io/wf-data-migration
	token: ${{ secrets.SUBMODULES_TOKEN }}
	ref: ${{ inputs.environment }}
	fetch-depth: 1
	path: services/workflows-service/prisma/data-migrations

	- name: Get Latest Commit ID
	id: lastcommit
	uses: nmbgeek/github-action-get-latest-commit@main
	with:
	owner: ${{ github.repository_owner }}
	token: ${{ secrets.SUBMODULES_TOKEN }}
	repo: wf-data-migration
	branch: ${{ inputs.environment }}

	- name: Set Commit Id as Env
	run: echo "SUBMODULE_SHORT_HASH=${{ steps.lastcommit.outputs.shorthash }}" >> $GITHUB_ENV

	- name: Cache Docker layers
	id: cache
	uses: actions/cache@v2
	with:
	path: /tmp/.buildx-cache
	key: ${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
	restore-keys: \|
	${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
	${{ runner.os }}-docker-

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	with:
	platforms: 'arm64,arm'

	- name: Log in to the container registry
	uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata for ee Docker images
	id: eemeta
	uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}-ee
	tags: \|
	type=raw,value=${{ inputs.environment }}
	type=raw,value=${{ env.SHORT_HASH }}-${{ steps.lastcommit.outputs.shorthash }}-${{ inputs.environment }}
	type=raw,value=latest,enable=${{ inputs.environment == 'prod' }}
	type=sha,format=short

	- name: Build and push ee Docker image
	uses: docker/build-push-action@v5
	with:
	context: services/workflows-service
	file: services/workflows-service/Dockerfile.ee
	platforms: linux/amd64
	push: true
	cache-from: type=local,src=/tmp/.buildx-cache
	tags: ${{ steps.eemeta.outputs.tags }}
	build-args: \|
	"BASE_IMAGE=ghcr.io/${{ github.repository_owner }}/workflows-service:${{ env.SHORT_HASH }}-${{ inputs.environment }}"

	update-helm-chart:
	runs-on: ubuntu-latest
	needs: build-and-push-ee-image
	permissions:
	contents: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	fetch-depth: 1

	- name: Checkout cloud-infra-config repository
	uses: actions/checkout@v4
	with:
	repository: ballerine-io/cloud-infra-config
	token: ${{ secrets.GIT_TOKEN }}
	ref: main
	fetch-depth: 1
	sparse-checkout: \|
	kubernetes/helm/wf-service
	sparse-checkout-cone-mode: true
	- name: Check if values yaml file exists
	id: update_helm_check
	shell: bash
	run: \|
	if [ -f "kubernetes/helm/wf-service/${{ inputs.environment }}-custom-values.yaml" ]; then
	echo "file_name=${{ inputs.environment }}-custom-values.yaml" >> "$GITHUB_OUTPUT"
	echo ${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}
	else
	echo "file_name=dev-custom-values.yaml" >> "$GITHUB_OUTPUT"
	echo ${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}
	fi

	- name: Update workflow-service image version in the HelmChart
	uses: fjogeleit/yaml-update-action@main
	with:
	repository: ballerine-io/cloud-infra-config
	branch: main
	commitChange: true
	message: "Update ${{ inputs.environment }} wf-service image Version to ${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}-${{ inputs.environment }} - (Commit hash: ${{ github.sha }}, commit message: ${{ github.event.head_commit.message }})"
	token: ${{ secrets.GIT_TOKEN }}
	changes: \|
	{
	"kubernetes/helm/wf-service/${{steps.update_helm_check.outputs.file_name}}": {
	"image.tag": "${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}-${{ inputs.environment }}",
	"prismaMigrate.image.tag": "${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}-${{ inputs.environment }}",
	"dbMigrate.image.tag": "${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}-${{ inputs.environment }}",
	"dataSync.image.tag": "${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}-${{ inputs.environment }}"
	}
	}
	send-to-slack:
	runs-on: ubuntu-latest
	needs: [update-helm-chart,build-and-push-ee-image]
	if: ${{ needs.update-helm-chart.result == 'success' }}
	environment: ${{ inputs.environment }}
	permissions:
	contents: read
	packages: write

	steps:
	- name: Send alert to Slack channel
	id: slack
	uses: slackapi/[email protected]
	with:
	channel-id: '${{ secrets.ARGO_SLACK_CHANNEL_ID }}'
	slack-message: "Test Wf-service Deployment in ${{ inputs.environment }} with tag ${{ env.SHORT_HASH }}-${{ needs.build-and-push-ee-image.outputs.SUBMODULE_SHORT_HASH }}-${{ inputs.environment }} build result: ${{ job.status }}. successfully updated the wf-service helm values for ${{ inputs.environment }}."
	env:
	SLACK_BOT_TOKEN: ${{ secrets.ARGO_SLACK_BOT_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

New Deploy workflows-service image #31

Workflow file

New Deploy workflows-service image #31

Jobs

Run details

Workflow file for this run