diff --git a/.github/workflows/build-dev.yml b/.github/workflows/build-dev.yml new file mode 100644 index 0000000..60468da --- /dev/null +++ b/.github/workflows/build-dev.yml @@ -0,0 +1,31 @@ +name: Docker Build + +on: + push: + branches-ignore: + - main + - 'hotfix-*' + +permissions: + contents: read + +jobs: + build: + name: Build Docker Image + runs-on: Linux + + steps: + - name: Checkout code + uses: actions/checkout@v5 + with: + submodules: recursive + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build Docker image + uses: docker/build-push-action@v6 + with: + context: . + push: false + load: false diff --git a/.github/workflows/build-prod.yml b/.github/workflows/build-prod.yml new file mode 100644 index 0000000..fc57408 --- /dev/null +++ b/.github/workflows/build-prod.yml @@ -0,0 +1,41 @@ +name: Docker Build production image + +on: + push: + branches: + - main + - 'hotfix-*' + +permissions: + contents: read + +jobs: + build: + name: Build Docker Image + runs-on: Linux + + steps: + - name: Checkout code + uses: actions/checkout@v5 + with: + submodules: recursive + + - name: Login to Docker registry + uses: docker/login-action@v3 + with: + registry: ${{ secrets.DOCKER_REGISTRY }} + username: ${{ secrets.DOCKER_REGISTRY_USERNAME }} + password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build & Push Docker image + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: | + ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.IMAGE_NAME }}:${{ github.sha }} + ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.IMAGE_NAME }}:dev + cache-to: type=inline diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml new file mode 100644 index 0000000..bf7e72c --- /dev/null +++ b/.github/workflows/deploy-dev.yml @@ -0,0 +1,37 @@ +name: Deploy to dev + +on: + workflow_run: + workflows: ["Docker Build production image", "Tag Docker Image"] + types: + - completed + +permissions: + contents: read + +jobs: + deploy_to_dev: + name: Deploy to dev environment + runs-on: Linux + + steps: + - name: Determine image version + id: version + run: | + if [ "${GITHUB_REF_TYPE}" = "tag" ]; then + IMAGE_VERSION="${GITHUB_REF_NAME}" + else + IMAGE_VERSION="${GITHUB_SHA}" + fi + echo "IMAGE_VERSION=$IMAGE_VERSION" >> $GITHUB_ENV + echo "Image version: $IMAGE_VERSION" + + - name: Deploy via cURL + env: + DEV_TOKEN: ${{ secrets.DEV_TOKEN }} + DEPLOY_SERVER: ${{ secrets.DEPLOY_SERVER }} + run: | + echo "Triggering deployment for version: $IMAGE_VERSION" + curl --fail-with-body \ + -H "X-Token: $DEV_TOKEN" \ + "https://$DEPLOY_SERVER/api/deploy?image_version=$IMAGE_VERSION" \ No newline at end of file diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 0000000..2f23fc5 --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,40 @@ +name: Tag Docker Image + +on: + push: + tags: + - '*' + +permissions: + contents: read + +jobs: + tag_docker_image: + name: Tag Docker Image + runs-on: Linux + + steps: + - name: Checkout repository + uses: actions/checkout@v5 + with: + submodules: recursive + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Docker registry + uses: docker/login-action@v3 + with: + registry: ${{ secrets.DOCKER_REGISTRY }} + username: ${{ secrets.DOCKER_REGISTRY_USERNAME }} + password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }} + + - name: Retag image via build cache + uses: docker/build-push-action@v6 + with: + context: . + push: true + cache-from: type=registry,ref=${{ secrets.DOCKER_REGISTRY }}/${{ secrets.IMAGE_NAME }}:${{ github.sha }} + tags: | + ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.IMAGE_NAME }}:${{ github.ref_name }} + provenance: false