Skip to content
Merge release

v1.1.1 #1

Sign in to view logs

v1.1.1

v1.1.1 #1

Workflow file for this run

.github/workflows/merge-release.yml at 1714958
name: Merge release
on:
release:
types: [released]
workflow_dispatch:
inputs:
branch:
description: 'Branch to merge into'
required: false
type: string
default: main
tag:
description: 'Tag to merge'
required: true
type: string
jobs:
merge-release:
timeout-minutes: 5
runs-on: ubuntu-latest
permissions:
contents: write
strategy:
fail-fast: true
name: Merge tag
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.GHA_APP_ID }}
private-key: ${{ secrets.GHA_PRIVATE_KEY }}
- name: Determine branch
run: |
echo 'BRANCH='${{ inputs.branch || 'main' }} >> $GITHUB_ENV
- name: Checkout "${{ env.BRANCH }}" branch locally
uses: actions/checkout@v4
with:
ref: ${{ env.BRANCH }}
fetch-tags: true
fetch-depth: 0
token: ${{ steps.app-token.outputs.token }}
- name: Get GitHub App User ID
if: ${{ github.event_name == 'release' }}
id: get-user-id
run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
- name: Update values for git user config (release)
if: ${{ github.event_name == 'release' }}
run: |
echo "GIT_USER_NAME=${{ steps.app-token.outputs.app-slug }}[bot]" >> $GITHUB_ENV
echo "GIT_USER_EMAIL=${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>" >> $GITHUB_ENV
- name: Update values for git user config (workflow_dispatch)
if: ${{ github.event_name == 'workflow_dispatch' }}
run: |
# fetch user info
user=$(gh api \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/user/$ACCOUNT_ID )
# get user's name and email
# email will be set to null if it is private
name=$(echo $user | jq '.name')
email=$(echo $user | jq '.email')
# store in environment variables to use for setting up git user
echo "GIT_USER_NAME=$name" >> $GITHUB_ENV
echo "GIT_USER_EMAIL=$email" >> $GITHUB_ENV
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACCOUNT_ID: ${{ github.actor_id }}
- name: Merge tag to "${{ env.BRANCH }}" branch
run: |
git config --local user.email "$GIT_USER_EMAIL"
git config --local user.name "$GIT_USER_NAME"
git merge ${{ inputs.tag || github.event.release.tag_name }}
git push
validate-code-and-image:
if: ${{ github.event_name == 'release' || inputs.branch == 'main' }}
needs:
- merge-release
uses: ./.github/workflows/validate-code-and-image.yml
secrets: inherit
docker-build-and-publish:
name: Publish docker image
if: ${{ github.event_name == 'release' || inputs.branch == 'main' }}
timeout-minutes: 5
runs-on: ubuntu-latest
needs:
- validate-code-and-image
permissions:
id-token: write
contents: read
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.IAM_ROLE_FOR_ECS }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Build and push Docker image to Amazon ECR
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: |
${{ steps.login-ecr.outputs.registry }}/auth-incd-ca:${{ github.sha }}
${{ steps.login-ecr.outputs.registry }}/auth-incd-ca:latest
cache-from: type=gha
cache-to: type=gha,mode=max