Full CI Build (and Release) #2387
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Full CI Build (and Release) | |
on: | |
push: | |
branches: | |
- '**' | |
# The workflow is tagging commits on master so we don't want the tag to | |
# spawn a new build | |
tags-ignore: | |
- 'stroom-docs-v*' | |
pull_request: | |
schedule: | |
# Nightly release run using last commit on default branch, i.e. 'master' | |
- cron: '32 23 * * *' | |
jobs: | |
build-project: | |
runs-on: ubuntu-20.04 | |
env: | |
# Static env vars | |
# Fixed ssh-agent socket so multiple steps can use the same agent | |
# if needs be. Used by update_gh_pages.sh | |
SSH_AUTH_SOCK: "/tmp/ssh-agent-stroom.sock" | |
steps: | |
- name: Checkout code | |
id: checkout_code | |
uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
#with: | |
## Set this so it gets the annotated commit, not the commit being tagged. | |
## Which means we can get the release msg | |
## See /~https://github.com/actions/runner/issues/712 | |
#ref: ${{ github.ref }} | |
- name: Set Environment Variables | |
id: set_env_var | |
env: | |
# Needed for authenticated api calls to avoid rate limit | |
# Github provides this temporary token automatically | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
${GITHUB_WORKSPACE}/.github/workflows/scripts/setup_env_vars.sh | |
# Separate step to show what is visible across steps | |
- name: Build Environment Info | |
id: build_info | |
run: | | |
${ACTIONS_SCRIPTS_DIR}/dump_env_vars.sh | |
# Gen a hash of the bits of the builder image that may require it to be rebuilt | |
# We can then use this as the gh actions cache key to retrieve the docker buildx cache | |
- name: Generate buildx cache key | |
id: generate_buildx_cache_key | |
run: | | |
echo "cache_key=$(./container_build/generate_buildx_cache_key.sh)" >> $GITHUB_OUTPUT | |
shell: bash | |
- name: Cache Hugo Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/stroom_hugo_buildx_caches | |
key: ${{ runner.os }}-hugo-buildx-${{ steps.generate_buildx_cache_key.outputs.cache_key }} | |
- name: Cache Puppeteer Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/stroom_puppeteer_buildx_caches | |
key: ${{ runner.os }}-puppeteer-buildx-${{ steps.generate_buildx_cache_key.outputs.cache_key }} | |
- name: Cache PUML Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/stroom_puml_buildx_caches | |
key: ${{ runner.os }}-puml-buildx-${{ steps.generate_buildx_cache_key.outputs.cache_key }} | |
- name: Run full build | |
id: run_build | |
env: | |
# Docker creds for dockerhub authenticated push/pull | |
# Manually added secrets in github | |
# /~https://github.com/gchq/stroom/settings/secrets/actions | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
# ssh private key (corresponding to the public key in github deploy keys | |
# for the stroom repo), manually added to secrets | |
# /~https://github.com/gchq/stroom/settings/secrets/actions | |
# /~https://github.com/gchq/stroom/settings/keys | |
SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }} | |
# Needed for authenticated api calls to avoid rate limit | |
# Github provides this temporary token automatically | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
pushd "${BUILD_DIR}" > /dev/null | |
echo -e "${GREEN}Running ${BLUE}ci_build.sh${NC}" | |
./ci_build.sh | |
echo -e "${GREEN}Finished running build script${NC}" | |
- name: Release to GitHub | |
id: create_release | |
# CREATE_RELEASE is set in ci_build.sh | |
if: ${{ env.BUILD_IS_RELEASE == 'true' && env.CONTENT_HAS_CHANGED == 'true' }} | |
env: | |
# Github provided secret | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: "${ACTIONS_SCRIPTS_DIR}/create_github_release.sh" | |
- name: Update gh-pages | |
id: update_gh-pages | |
# CREATE_RELEASE is set in ci_build.sh | |
if: ${{ env.BUILD_IS_RELEASE == 'true' && env.CONTENT_HAS_CHANGED == 'true' }} | |
env: | |
# ssh private key (corresponding to the public key in github deploy keys | |
# for the stroom repo), manually added to secrets | |
# /~https://github.com/gchq/stroom/settings/secrets/actions | |
# /~https://github.com/gchq/stroom/settings/keys | |
SSH_DEPLOY_KEY: ${{ secrets.SSH_DEPLOY_KEY }} | |
run: "${ACTIONS_SCRIPTS_DIR}/update_gh_pages.sh" | |