From 1fe415be6bc81c70cac076c2c62ec24276765fde Mon Sep 17 00:00:00 2001 From: Taddes Date: Thu, 29 Jan 2026 17:33:01 -0500 Subject: [PATCH 1/2] add job for timestamp gen and pass as metadata to img --- .github/workflows/mozcloud-publish.yaml | 35 +++++++++++++++++++------ 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/.github/workflows/mozcloud-publish.yaml b/.github/workflows/mozcloud-publish.yaml index 537fa80f17..96760d457b 100644 --- a/.github/workflows/mozcloud-publish.yaml +++ b/.github/workflows/mozcloud-publish.yaml @@ -9,11 +9,21 @@ on: branches: - master tags: - - '**' + - "**" workflow_dispatch: {} jobs: + generate-timestamp: + runs-on: ubuntu-latest + outputs: + timestamp: ${{ steps.timestamp.outputs.timestamp }} + steps: + - name: Generate timestamp + id: timestamp + run: echo "timestamp=$(date -u +%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT + build-and-push-syncstorage-rs: + needs: generate-timestamp if: > github.event_name == 'workflow_dispatch' || ( @@ -29,7 +39,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@1b87069d293273436a84dff04954a8950d3ff9ca # v6.1.0 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 with: image_name: syncstorage-rs gar_name: sync-prod @@ -38,8 +48,10 @@ jobs: SYNCSTORAGE_DATABASE_BACKEND=spanner MYSQLCLIENT_PKG=libmysqlclient-dev should_tag_ghcr: true + image_tag_metadata: ${{ needs.generate-timestamp.outputs.timestamp }} build-and-push-syncstorage-rs-postgres: + needs: generate-timestamp if: > github.event_name == 'workflow_dispatch' || ( @@ -55,7 +67,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@1b87069d293273436a84dff04954a8950d3ff9ca # v6.1.0 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 with: image_name: syncstorage-rs-postgres gar_name: sync-prod @@ -64,13 +76,15 @@ jobs: SYNCSTORAGE_DATABASE_BACKEND=postgres TOKENSERVER_DATABASE_BACKEND=postgres should_tag_ghcr: true + image_tag_metadata: ${{ needs.generate-timestamp.outputs.timestamp }} build-and-push-syncstorage-rs-spanner-python-utils: + needs: generate-timestamp if: > github.event_name == 'workflow_dispatch' || ( github.event_name == 'push' && - startsWith(github.ref, 'refs/tags/') + (github.ref_name == 'master' || startsWith(github.ref, 'refs/tags/')) ) || ( github.event_name == 'pull_request' && @@ -81,7 +95,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@1b87069d293273436a84dff04954a8950d3ff9ca # v6.1.0 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 with: image_name: syncstorage-rs-spanner-python-utils gar_name: sync-prod @@ -89,13 +103,15 @@ jobs: dockerfile_path: tools/spanner/Dockerfile image_build_context: tools/spanner should_tag_ghcr: true + image_tag_metadata: ${{ needs.generate-timestamp.outputs.timestamp }} build-and-push-syncstorage-rs-postgres-python-utils: + needs: generate-timestamp if: > github.event_name == 'workflow_dispatch' || ( github.event_name == 'push' && - startsWith(github.ref, 'refs/tags/') + (github.ref_name == 'master' || startsWith(github.ref, 'refs/tags/')) ) || ( github.event_name == 'pull_request' && @@ -106,7 +122,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@1b87069d293273436a84dff04954a8950d3ff9ca # v6.1.0 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 with: image_name: syncstorage-rs-postgres-python-utils gar_name: sync-prod @@ -114,8 +130,10 @@ jobs: dockerfile_path: tools/postgres/Dockerfile image_build_context: tools/postgres should_tag_ghcr: true + image_tag_metadata: ${{ needs.generate-timestamp.outputs.timestamp }} build-and-push-syncstorage-rs-mysql: + needs: generate-timestamp if: > github.event_name == 'workflow_dispatch' || ( @@ -131,7 +149,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@1b87069d293273436a84dff04954a8950d3ff9ca # v6.1.0 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 with: image_name: syncstorage-rs-mysql gar_name: sync-prod @@ -140,3 +158,4 @@ jobs: SYNCSTORAGE_DATABASE_BACKEND=mysql TOKENSERVER_DATABASE_BACKEND=mysql should_tag_ghcr: true + image_tag_metadata: ${{ needs.generate-timestamp.outputs.timestamp }} From 94e7f83913f29cbb79af05781f82cf13fcd0896e Mon Sep 17 00:00:00 2001 From: Taddes Date: Fri, 30 Jan 2026 15:25:26 -0500 Subject: [PATCH 2/2] review --- .github/workflows/mozcloud-publish.yaml | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/.github/workflows/mozcloud-publish.yaml b/.github/workflows/mozcloud-publish.yaml index 96760d457b..1ec77c55f6 100644 --- a/.github/workflows/mozcloud-publish.yaml +++ b/.github/workflows/mozcloud-publish.yaml @@ -1,3 +1,8 @@ +# Mozilla Deploy Actions url: +# Note: even though Mozilla maintains the above actions, it is still suggested +# when upgrading to use the full commit SHA and comment with version. +# See +# Ex. `mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@4784cb70739a4f32ce010921f60fb1ebbc791a38 # v6.2.2` name: Build, Tag and Push Container Images to GAR Repository on: @@ -9,7 +14,7 @@ on: branches: - master tags: - - "**" + - '**' workflow_dispatch: {} jobs: @@ -39,7 +44,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@4784cb70739a4f32ce010921f60fb1ebbc791a38 # v6.2.2 with: image_name: syncstorage-rs gar_name: sync-prod @@ -67,7 +72,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@4784cb70739a4f32ce010921f60fb1ebbc791a38 # v6.2.2 with: image_name: syncstorage-rs-postgres gar_name: sync-prod @@ -95,7 +100,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@4784cb70739a4f32ce010921f60fb1ebbc791a38 # v6.2.2 with: image_name: syncstorage-rs-spanner-python-utils gar_name: sync-prod @@ -122,7 +127,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@4784cb70739a4f32ce010921f60fb1ebbc791a38 # v6.2.2 with: image_name: syncstorage-rs-postgres-python-utils gar_name: sync-prod @@ -149,7 +154,7 @@ jobs: contents: read id-token: write packages: write - uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@v6.2.2 + uses: mozilla-it/deploy-actions/.github/workflows/build-and-push.yml@4784cb70739a4f32ce010921f60fb1ebbc791a38 # v6.2.2 with: image_name: syncstorage-rs-mysql gar_name: sync-prod