Tidy cyber-dojo-get-familiar section in readme #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: alpha on main | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| DOCKER_USERNAME: ${{ github.actor }} | |
| DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| DOCKER_REGISTRY: ghcr.io # if you change this, change it in the .env file as well | |
| REPO_NAME: ${{ github.event.repository.name }} | |
| KOSLI_CLI_VERSION: 2.10.10 | |
| KOSLI_HOST: https://app.kosli.com | |
| KOSLI_ORG: ${{ github.actor }} | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }} | |
| jobs: | |
| setup: | |
| name: Setup job variables | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image_tag: ${{ steps.variables.outputs.image_tag }} | |
| image_name: ${{ steps.variables.outputs.image_name }} | |
| tagged_image_previous: ${{ steps.variables.outputs.tagged_image_previous }} | |
| image_tar_filename: ${{ steps.variables.outputs.image_tar_filename }} | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Set outputs | |
| id: variables | |
| run: | | |
| export $(cat .env | grep -o '^[^#]*') # to get DOCKER_ORG_NAME | |
| image_tag="${GITHUB_SHA:0:7}" | |
| image_uri="${{ env.DOCKER_REGISTRY }}/${DOCKER_ORG_NAME}/${{ env.REPO_NAME }}-alpha" | |
| image_name="${image_uri}:${image_tag}" | |
| tagged_image_previous="${image_uri}:previous" | |
| image_tar_filename="/tmp/${{ env.REPO_NAME }}-alpha:previous.tar" | |
| echo "image_tag=${image_tag}" >> ${GITHUB_OUTPUT} | |
| echo "image_name=${image_name}" >> ${GITHUB_OUTPUT} | |
| echo "tagged_image_previous=${tagged_image_previous}" >> ${GITHUB_OUTPUT} | |
| echo "image_tar_filename=${image_tar_filename}" >> ${GITHUB_OUTPUT} | |
| build-image: | |
| name: Build docker image, push it to registry, attest to Kosli | |
| runs-on: ubuntu-latest | |
| needs: [setup] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| # outputs: | |
| # artifact_digest: ${{ steps.variables.outputs.artifact_digest }} | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.DOCKER_REGISTRY }} | |
| username: ${{ env.DOCKER_USERNAME }} | |
| password: ${{ env.DOCKER_PASSWORD }} | |
| - name: Build and push Docker image to the GHCR | |
| id: docker_build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ needs.setup.outputs.image_name }},${{ needs.setup.outputs.tagged_image_previous }} | |
| cache-from: type=registry,ref=${{ needs.setup.outputs.tagged_image_previous }} | |
| cache-to: type=inline,mode=max | |
| - name: Tar Docker image | |
| run: | | |
| docker pull ${{ needs.setup.outputs.image_name }} | |
| docker image save ${{ needs.setup.outputs.image_name }} --output ${{ needs.setup.outputs.image_tar_filename }} | |
| - name: Cache Docker image | |
| uses: actions/[email protected] | |
| with: | |
| path: ${{ needs.setup.outputs.image_tar_filename }} | |
| key: ${{ needs.setup.outputs.image_name }} | |
| # - name: Make the image digest available to following jobs | |
| # id: variables | |
| # run: | | |
| # DIGEST=$(echo ${{ steps.docker_build.outputs.digest }} | sed 's/.*://') | |
| # echo "artifact_digest=${DIGEST}" >> ${GITHUB_OUTPUT} | |
| lint: | |
| name: Run rubocop linter and attest to Kosli | |
| needs: [build-image] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Run Rubocop linter on source | |
| run: | |
| make lint | |
| unit-test: | |
| name: Run unit-tests and attest to Kosli | |
| needs: [build-image] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Run unit-tests | |
| run: | |
| make test | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [setup, build-image, lint] | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.DOCKER_REGISTRY }} | |
| username: ${{ env.DOCKER_USERNAME }} | |
| password: ${{ env.DOCKER_PASSWORD }} | |
| - name: Fake a deployment | |
| env: | |
| IMAGE_NAME: ${{ needs.setup.outputs.image_name }} | |
| run: | | |
| docker pull "${IMAGE_NAME}" | |
| export COMMIT_SHORT_SHA=$(git rev-parse --short=7 HEAD) | |
| docker compose up --wait | |
| - name: Setup Kosli cli | |
| uses: kosli-dev/setup-cli-action@v2 | |
| with: | |
| version: | |
| ${{ env.KOSLI_CLI_VERSION }} | |
| - name: Create a Snapshot | |
| env: | |
| KOSLI_ENVIRONMENT_NAME: playground-prod | |
| run: | |
| kosli snapshot docker "${KOSLI_ENVIRONMENT_NAME}" |