Skip to content
Build tag and publish

[AN-119] remove server version from banner #37

Sign in to view logs

[AN-119] remove server version from banner

[AN-119] remove server version from banner #37

Workflow file for this run

.github/workflows/build_tag_publish.yml at 167059d
name: 'Build tag and publish'
on:
workflow_dispatch:
merge_group:
pull_request:
paths-ignore: [ '**.md' ]
push:
branches: [ develop ]
paths-ignore: [ '**.md' ]
jobs:
build-and-push-job:
runs-on: ubuntu-latest
permissions:
contents: 'write'
id-token: 'write'
outputs:
tag: ${{ steps.tag.outputs.tag }}
steps:
- name: Checkout current code
uses: actions/checkout@v4
- name: Set up Git
shell: bash
run: |
git config --global user.name 'broadbot'
git config --global user.email '[email protected]'
- name: Git secrets setup
run: |
git clone https://github.com/awslabs/git-secrets.git ~/git-secrets
cd ~/git-secrets
git checkout ad82d68ee924906a0401dfd48de5057731a9bc84
sudo make install
shell: bash
- name: Secrets check
run: |
sudo ln -s "$(which echo)" /usr/local/bin/say
./minnie-kenny.sh --force
git secrets --scan-history
shell: bash
- name: Bump the tag to a new version
uses: databiosphere/github-actions/actions/[email protected]
id: tag
env:
DEFAULT_BUMP: patch
GITHUB_TOKEN: ${{ secrets.BROADBOT_TOKEN }}
RELEASE_BRANCHES: develop
WITH_V: true
- name: Construct Dockerhub and GCR image names
id: image-name
run: |
echo "DOCKERHUB_NAME=broadinstitute/agora:${{ steps.tag.outputs.tag }}" >> $GITHUB_OUTPUT
echo "GCR_NAME=gcr.io/broad-dsp-gcr-public/agora:${{ steps.tag.outputs.tag }}" >> $GITHUB_OUTPUT
- name: Setup JDK
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 11
- name: Build image
run: |
docker build -t ${{ steps.image-name.outputs.DOCKERHUB_NAME }} .
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: dsdejenkins
password: ${{ secrets.DSDEJENKINS_DOCKERHUB_PASSWORD }}
- name: Push dockerhub image
run: docker push ${{ steps.image-name.outputs.DOCKERHUB_NAME }}
- name: Re-tag image for GCR
run: docker tag ${{ steps.image-name.outputs.DOCKERHUB_NAME }} ${{ steps.image-name.outputs.GCR_NAME }}
- name: Authenticate to Google Cloud
id: 'auth'
uses: google-github-actions/auth@v2
with:
# Centralized in dsp-tools-k8s; ask in #dsp-devops-champions for help troubleshooting
workload_identity_provider: 'projects/1038484894585/locations/global/workloadIdentityPools/github-wi-pool/providers/github-wi-provider'
service_account: '[email protected]'
# Install gcloud, `setup-gcloud` automatically picks up authentication from `auth`
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Explicitly auth Docker for GCR
run: gcloud auth configure-docker --quiet
- name: Push GCR image
run: docker push ${{ steps.image-name.outputs.GCR_NAME }}
report-to-sherlock:
# Report new Agora version to Sherlock and hence Beehive
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main
needs: [ build-and-push-job ]
with:
new-version: ${{ needs.build-and-push-job.outputs.tag }}
chart-name: 'agora'
permissions:
contents: 'read'
id-token: 'write'
set-version-in-dev:
# Put new Agora version in dev environment
uses: broadinstitute/sherlock/.github/workflows/client-set-environment-app-version.yaml@main
needs: [ build-and-push-job, report-to-sherlock ]
if: ${{ github.ref_name == 'develop' }}
with:
new-version: ${{ needs.build-and-push-job.outputs.tag }}
chart-name: 'agora'
environment-name: 'dev'
secrets:
sync-git-token: ${{ secrets.BROADBOT_TOKEN }}
permissions:
id-token: 'write'