Release #217
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| concurrency: Release | |
| jobs: | |
| set-release-version: | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| name: Decide next version | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.set-version.outputs.version }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| - name: Node version | |
| shell: bash | |
| run: node --version | |
| - name: Install NPM dependencies | |
| shell: bash | |
| run: npm ci | |
| - name: Run Semantic Release Dry-Run | |
| shell: bash | |
| run: npx semantic-release --dry-run | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.VBR_GIT_RELEASE_TOKEN }} | |
| GIT_COMMIT: ${{ github.sha }} | |
| GIT_USERNAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_AUTHOR_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_COMMITTER_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_AUTHOR_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_COMMITTER_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| - name: Set Release Version | |
| id: set-version | |
| run: | | |
| [ ! -f semver ] && echo none > semver | |
| echo $(cat semver) | |
| echo version=$(cat semver) >> $GITHUB_OUTPUT | |
| shell: bash | |
| build-public-api: | |
| name: Build Public Api | |
| uses: Informatievlaanderen/build-pipeline/.github/workflows/build-image.yml@main | |
| needs: [ set-release-version ] | |
| if: ${{ (github.repository_owner == 'Informatievlaanderen') && (needs.set-release-version.outputs.version != 'none') }} | |
| with: | |
| registry: ${{ vars.VBR_DEVOPS_DOCKER_REGISTRY }}/public-api | |
| image-file: api-legacy-image.tar | |
| image-name: api-legacy | |
| build-project: Public.Api | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| dotnet-version: ${{ vars.VBR_DOTNET_VERSION_8 }} | |
| secrets: inherit | |
| release: | |
| if: ${{ (github.repository_owner == 'Informatievlaanderen') && (needs.set-release-version.outputs.version != 'none') }} | |
| name: Semantic Release | |
| runs-on: ubuntu-latest | |
| needs: [ set-release-version, build-public-api ] | |
| outputs: | |
| version: ${{ steps.set-version.outputs.version }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Cache NPM | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-npm | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - name: Node version | |
| shell: bash | |
| run: node --version | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Python version | |
| shell: bash | |
| run: python --version | |
| - name: Install NPM dependencies | |
| shell: bash | |
| run: npm ci | |
| - name: Install Python dependencies | |
| shell: bash | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install requests markdown argparse | |
| - name: Run Semantic Release | |
| shell: bash | |
| run: npx semantic-release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.VBR_GIT_RELEASE_TOKEN }} | |
| GIT_COMMIT: ${{ github.sha }} | |
| GIT_USERNAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_AUTHOR_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_COMMITTER_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_AUTHOR_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_COMMITTER_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| - name: Set Release Version | |
| id: set-version | |
| run: | | |
| [ ! -f semver ] && echo none > semver | |
| echo $(cat semver) | |
| echo ::set-output name=version::$(cat semver) | |
| echo RELEASE_VERSION=$(cat semver) >> $GITHUB_ENV | |
| shell: bash | |
| publish_to_atlassian: | |
| needs: [ release ] | |
| if: ${{ (github.repository_owner == 'Informatievlaanderen') && (needs.release.outputs.version != 'none') }} | |
| name: Publish to Atlassian | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Cache Paket | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-paket | |
| with: | |
| path: packages | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('paket.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| - name: Cache Python | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-pip | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-build-${{ env.cache-name }} | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - name: Install Python dependencies | |
| shell: bash | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install requests markdown argparse | |
| - name: Publish to Confluence | |
| shell: bash | |
| run: ./packages/Be.Vlaanderen.Basisregisters.Build.Pipeline/Content/ci-confluence.sh | |
| env: | |
| CONFLUENCE_TITLE: ${{ env.REPOSITORY_NAME }} | |
| CONFLUENCE_USERNAME: ${{ secrets.VBR_CONFLUENCE_USER }} | |
| CONFLUENCE_PASSWORD: ${{ secrets.VBR_CONFLUENCE_PASSWORD }} | |
| push_images: | |
| if: needs.release.outputs.version != 'none' | |
| needs: [ release ] | |
| name: Push images | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| continue-on-error: false | |
| with: | |
| name: api-legacy-${{ needs.release.outputs.version }} | |
| path: ~/ | |
| - name: Load artifact | |
| shell: bash | |
| run: | | |
| echo $IMAGE-image.tar | |
| docker image load -i ~/$IMAGE-image.tar | |
| env: | |
| IMAGE: api-legacy | |
| - name: Configure AWS credentials | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_DEVOPS }} | |
| aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_DEVOPS }} | |
| aws-region: ${{ secrets.VBR_AWS_REGION_PRD }} | |
| - name: Login to Amazon ECR | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Push to ECR | |
| if: needs.release.outputs.version != 'none' | |
| shell: bash | |
| run: | | |
| docker push $BUILD_DOCKER_REGISTRY/public-api/api-legacy:$SEMVER | |
| env: | |
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_DEVOPS_DOCKER_REGISTRY }} | |
| SEMVER: ${{ needs.release.outputs.version }} | |
| WORKSPACE: ${{ github.workspace }} | |
| - name: Configure AWS credentials (Staging) | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.VBR_AWS_REGION }} | |
| - name: Login to Amazon ECR (Staging) | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Push to Staging | |
| if: needs.release.outputs.version != 'none' | |
| shell: bash | |
| run: | | |
| docker tag $BUILD_DOCKER_REGISTRY_TST/public-api/api-legacy:$SEMVER $BUILD_DOCKER_REGISTRY/public-api/api-legacy:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY/public-api/api-legacy:$SEMVER | |
| env: | |
| BUILD_DOCKER_REGISTRY_TST: ${{ secrets.VBR_DEVOPS_DOCKER_REGISTRY }} | |
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY }} | |
| SEMVER: ${{ needs.release.outputs.version }} | |
| WORKSPACE: ${{ github.workspace }} | |
| - name: Configure AWS credentials (Production) | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_NEWPRD }} | |
| aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_NEWPRD }} | |
| aws-region: ${{ secrets.VBR_AWS_REGION_PRD }} | |
| - name: Login to Amazon ECR (Production) | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Push to Production | |
| if: needs.release.outputs.version != 'none' | |
| shell: bash | |
| run: | | |
| docker tag $BUILD_DOCKER_REGISTRY_TST/public-api/api-legacy:$SEMVER $BUILD_DOCKER_REGISTRY_NEWPRD/public-api/api-legacy:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_NEWPRD/public-api/api-legacy:$SEMVER | |
| env: | |
| BUILD_DOCKER_REGISTRY_TST: ${{ secrets.VBR_DEVOPS_DOCKER_REGISTRY }} | |
| BUILD_DOCKER_REGISTRY_NEWPRD: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY_NEWPRD }} | |
| SEMVER: ${{ needs.release.outputs.version }} | |
| WORKSPACE: ${{ github.workspace }} |