Skip to content

Full CI Build (and Release) #2383

Full CI Build (and Release)

Full CI Build (and Release) #2383

name: Full CI Build (and Release)
on:
push:
branches:
- '**'
# The workflow is tagging commits on master so we don't want the tag to
# spawn a new build
tags-ignore:
- 'stroom-docs-v*'
pull_request:
schedule:
# Nightly release run using last commit on default branch, i.e. 'master'
- cron: '32 23 * * *'
jobs:
build-project:
runs-on: ubuntu-20.04
env:
# Static env vars
# Fixed ssh-agent socket so multiple steps can use the same agent
# if needs be. Used by update_gh_pages.sh
SSH_AUTH_SOCK: "/tmp/ssh-agent-stroom.sock"
steps:
- name: Checkout code
id: checkout_code
uses: actions/checkout@v2
with:
submodules: recursive
#with:
## Set this so it gets the annotated commit, not the commit being tagged.
## Which means we can get the release msg
## See /~https://github.com/actions/runner/issues/712
#ref: ${{ github.ref }}
- name: Set Environment Variables
id: set_env_var
env:
# Needed for authenticated api calls to avoid rate limit
# Github provides this temporary token automatically
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
${GITHUB_WORKSPACE}/.github/workflows/scripts/setup_env_vars.sh
# Separate step to show what is visible across steps
- name: Build Environment Info
id: build_info
run: |
${ACTIONS_SCRIPTS_DIR}/dump_env_vars.sh
# Gen a hash of the bits of the builder image that may require it to be rebuilt
# We can then use this as the gh actions cache key to retrieve the docker buildx cache
- name: Generate buildx cache key
id: generate_buildx_cache_key
run: |
echo "cache_key=$(./container_build/generate_buildx_cache_key.sh)" >> $GITHUB_OUTPUT
shell: bash
- name: Cache Hugo Docker layers
uses: actions/cache@v3
with:
path: /tmp/stroom_hugo_buildx_caches
key: ${{ runner.os }}-hugo-buildx-${{ steps.generate_buildx_cache_key.outputs.cache_key }}
- name: Cache Puppeteer Docker layers
uses: actions/cache@v3
with:
path: /tmp/stroom_puppeteer_buildx_caches
key: ${{ runner.os }}-puppeteer-buildx-${{ steps.generate_buildx_cache_key.outputs.cache_key }}
- name: Cache PUML Docker layers
uses: actions/cache@v3
with:
path: /tmp/stroom_puml_buildx_caches
key: ${{ runner.os }}-puml-buildx-${{ steps.generate_buildx_cache_key.outputs.cache_key }}
- name: Run full build
id: run_build
env:
# Docker creds for dockerhub authenticated push/pull
# Manually added secrets in github
# /~https://github.com/gchq/stroom/settings/secrets/actions
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
# ssh private key (corresponding to the public key in github deploy keys
# for the stroom repo), manually added to secrets
# /~https://github.com/gchq/stroom/settings/secrets/actions
# /~https://github.com/gchq/stroom/settings/keys
SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }}
# Needed for authenticated api calls to avoid rate limit
# Github provides this temporary token automatically
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
pushd "${BUILD_DIR}" > /dev/null
echo -e "${GREEN}Running ${BLUE}ci_build.sh${NC}"
./ci_build.sh
echo -e "${GREEN}Finished running build script${NC}"
- name: Release to GitHub
id: create_release
# CREATE_RELEASE is set in ci_build.sh
if: ${{ env.BUILD_IS_RELEASE == 'true' && env.CONTENT_HAS_CHANGED == 'true' }}
env:
# Github provided secret
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: "${ACTIONS_SCRIPTS_DIR}/create_github_release.sh"
- name: Update gh-pages
id: update_gh-pages
# CREATE_RELEASE is set in ci_build.sh
if: ${{ env.BUILD_IS_RELEASE == 'true' && env.CONTENT_HAS_CHANGED == 'true' }}
env:
# ssh private key (corresponding to the public key in github deploy keys
# for the stroom repo), manually added to secrets
# /~https://github.com/gchq/stroom/settings/secrets/actions
# /~https://github.com/gchq/stroom/settings/keys
SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }}
run: "${ACTIONS_SCRIPTS_DIR}/update_gh_pages.sh"