Skip to content

Map to env var before using in script (#102) #21

Map to env var before using in script (#102)

Map to env var before using in script (#102) #21

name: Jupyterhub Docker Build and Deploy
on:
release:
types: [published]
push:
branches:
- "main"
paths:
- 'docker/jupyterhub/**'
- '.github/workflows/jupyterhub-docker-build-and-deploy.yml'
- 'deploy/jupyterhub/azure-pipelines.yml'
pull_request:
paths:
- 'docker/jupyterhub/**'
- '.github/workflows/jupyterhub-docker-build-and-deploy.yml'
- 'deploy/jupyterhub/azure-pipelines.yml'
env:
REGISTRY: europe-north1-docker.pkg.dev/artifact-registry-5n/dapla-stat-docker/jupyter
TAG: ${{ github.ref_name }}-${{ github.sha }}
IMAGE_PREFIX: onprem-
NAME: jupyterhub
jobs:
jupyterhub-docker-build:
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
outputs:
semver_image_tag: v${{ steps.metadata.outputs.version }}
steps:
- name: "Check out repo"
uses: actions/checkout@v3
- name: "Authenticate to Google Cloud"
id: "auth"
uses: "google-github-actions/[email protected]"
with:
workload_identity_provider: "projects/848539402404/locations/global/workloadIdentityPools/gh-actions/providers/gh-actions"
service_account: "gh-actions-dapla-stat@artifact-registry-5n.iam.gserviceaccount.com"
token_format: "access_token"
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Docker meta
id: metadata
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}
# Docker tags based on the following events/attributes
tags: |
type=ref,event=branch
type=ref,event=pr
type=raw,value=latest,enable={{is_default_branch}}
type=semver,pattern=v{{version}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=raw,value=${{ env.TAG }}, enable=true
- name: Build and push image
id: docker_build
uses: docker/build-push-action@v4
with:
context: docker/${{ env.NAME }}
file: docker/${{ env.NAME }}/Dockerfile
push: true
tags: |
${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}:buildcache
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}:buildcache,mode=max
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
deploy-on-prem:
needs: jupyterhub-docker-build
runs-on: ubuntu-latest
if: success() && github.ref == 'refs/heads/main'
env:
DEPLOY_ENVIRONMENT: ${{ github.event_name == 'release' && 'prod' || 'staging' }}
IMAGE_TAG: ${{ github.event_name == 'release' && needs.jupyterhub-docker-build.outputs.semver_image_tag || 'main' }}
steps:
- name: 'Trigger the Azure Pipeline deploy job'
uses: Azure/pipelines@releases/v1
with:
azure-devops-project-url: 'https://dev.azure.com/statisticsnorway/Statistikktjenester'
azure-pipeline-name: 'jupyterhub-onprem-deploy'
azure-devops-token: '${{ secrets.AZURE_DEVOPS_TOKEN }}'
azure-pipeline-variables: '{"imageTag": "${{ env.IMAGE_TAG }}", "environment": "${{ env.DEPLOY_ENVIRONMENT }}"}'