68 lines
2.1 KiB
YAML
68 lines
2.1 KiB
YAML
name: Publish
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
build-and-push:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Import Secrets
|
|
id: import-secrets
|
|
uses: hashicorp/vault-action@v2
|
|
with:
|
|
url: http://vault.avril
|
|
method: kubernetes
|
|
# TODO - when https://github.com/go-gitea/gitea/pull/33945 is merged, instead use per-workflow OIDC-based auth
|
|
role: act-runner-helm-charts
|
|
secrets: |
|
|
shared-secrets/data/gitea/pat_to_push_images token | GITEA_TOKEN
|
|
|
|
- name: Login to Gitea
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: scubbo
|
|
password: ${{ env.GITEA_TOKEN }}
|
|
registry: gitea.scubbo.org
|
|
|
|
- name: Setup QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Setup Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Build and push image
|
|
uses: docker/build-push-action@v3
|
|
with:
|
|
context: .
|
|
file: Dockerfile
|
|
target: prod
|
|
push: true
|
|
platforms: linux/amd64,linux/arm64
|
|
tags: |
|
|
gitea.scubbo.org/scubbo/edh-elo:${{ gitea.sha }}
|
|
gitea.scubbo.org/scubbo/edh-elo:latest
|
|
|
|
- name: Output
|
|
run: |
|
|
echo "Image pushed: gitea.scubbo.org/scubbo/edh-elo:${{ gitea.sha }}"
|
|
|
|
- name: Update Helm Chart
|
|
env:
|
|
GITEA_PASSWORD: ${{ env.GITEA_TOKEN }}
|
|
run: |
|
|
git config --global --unset credential.helper
|
|
git clone -vvv https://gitea.scubbo.org/scubbo/helm-charts.git
|
|
cd helm-charts
|
|
yq -i '.image.tag = "${{ gitea.sha }}"' charts/edh-elo/values.yaml
|
|
git add -A
|
|
git -c user.name="Imagebot" -c user.email="fake@scubbo.org" commit -m 'Update EDH ELO commit to "${{ gitea.sha }}"'
|
|
git remote add origin-with-credentials https://scubbo:${GITEA_PASSWORD}@gitea.scubbo.org/scubbo/helm-charts.git
|
|
git push origin-with-credentials main:main
|
|
cd ..
|
|
rm -rf helm-charts
|