-
Notifications
You must be signed in to change notification settings - Fork 0
108 lines (107 loc) · 3.87 KB
/
master_push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
name: Tag, Build, and Push Image
on:
push:
branches: [ master ]
paths-ignore: [ '**.md' ]
workflow_dispatch:
inputs:
bump:
description: 'Part of the version to bump: major, minor, patch'
required: false
default: 'patch'
type: choice
options:
- patch
- minor
- major
branch:
description: 'Branch to run the workflow on'
required: false
default: 'master'
env:
SERVICE_NAME: ${{ github.event.repository.name }}
jobs:
tag-build-push:
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.tag.outputs.tag }}
is-bump: ${{ steps.skiptest.outputs.is-bump }}
steps:
- name: Set part of semantic version to bump
id: controls
run: |
SEMVER_PART=""
CHECKOUT_BRANCH="$GITHUB_REF"
if ${{github.event_name == 'push' }}; then
SEMVER_PART="patch"
elif ${{github.event_name == 'workflow_dispatch' }}; then
SEMVER_PART=${{ github.event.inputs.bump }}
CHECKOUT_BRANCH=${{ github.event.inputs.branch }}
fi
echo semver-part=$SEMVER_PART >> $GITHUB_OUTPUT
echo checkout-branch=$CHECKOUT_BRANCH >> $GITHUB_OUTPUT
- name: Checkout current code
uses: actions/checkout@v3
with:
ref: ${{ steps.controls.outputs.checkout-branch }}
token: ${{ secrets.BROADBOT_TOKEN }}
- name: Skip version bump merges
id: skiptest
uses: ./.github/actions/bump-skip
with:
event-name: ${{ github.event_name }}
- name: Bump the tag to a new version
if: steps.skiptest.outputs.is-bump == 'no'
uses: databiosphere/github-actions/actions/[email protected]
id: tag
env:
DEFAULT_BUMP: patch
GITHUB_TOKEN: ${{ secrets.BROADBOT_TOKEN }}
HOTFIX_BRANCHES: hotfix.*
OVERRIDE_BUMP: ${{ steps.controls.outputs.semver-part }}
RELEASE_BRANCHES: master
VERSION_FILE_PATH: settings.gradle
VERSION_LINE_MATCH: "^\\s*gradle.ext.janitorVersion\\s*=\\s*'.*'"
VERSION_SUFFIX: SNAPSHOT
- name: Auth to GCR
if: steps.skiptest.outputs.is-bump == 'no'
uses: google-github-actions/auth@v1
with:
version: '411.0.0'
credentials_json: ${{ secrets.GCR_PUBLISH_KEY_B64 }}
- name: Setup gcloud
if: steps.skiptest.outputs.is-bump == 'no'
uses: google-github-actions/setup-gcloud@v1
- name: Explicitly auth Docker for GCR
if: steps.skiptest.outputs.is-bump == 'no'
run: gcloud auth configure-docker --quiet
- name: Set up JDK 17
if: steps.skiptest.outputs.is-bump == 'no'
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17
- name: Grant execute permission for gradlew
if: steps.skiptest.outputs.is-bump == 'no'
run: chmod +x gradlew
- name: "Publish client to Artifactory"
if: steps.skiptest.outputs.is-bump == 'no'
run: ./gradlew artifactoryPublish
env:
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
ARTIFACTORY_REPO_KEY: "libs-snapshot-local"
- name: Build and push GCR image using Jib
if: steps.skiptest.outputs.is-bump == 'no'
run: "./gradlew jib --image=gcr.io/broad-dsp-gcr-public/${SERVICE_NAME}:${{ steps.tag.outputs.tag }}"
report-to-sherlock:
# Report new version to Broad DevOps
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main
needs: tag-build-push
if: ${{ needs.tag-build-push.outputs.is-bump == 'no' }}
with:
new-version: ${{ needs.tag-build-push.outputs.tag }}
chart-name: 'crljanitor'
permissions:
contents: 'read'
id-token: 'write'