Update actions/download-artifact digest to b14cf4c #485
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| workflow_dispatch: | |
| env: | |
| main_image: ghcr.io/${{ github.repository }} | |
| cache_image: ghcr.io/${{ github.repository }}/cache:cache | |
| jobs: | |
| setup: | |
| name: Set variables | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - name: "Set image version" | |
| id: constants | |
| run: | | |
| export version="$(date +%Y%m%d%H%M%S)-$(git describe --always --dirty --exclude '*')" | |
| echo "VERSION=${version}" >> ${GITHUB_OUTPUT} | |
| outputs: | |
| VERSION: "${{ steps.constants.outputs.VERSION }}" | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| needs: setup | |
| permissions: | |
| contents: read | |
| id-token: write | |
| packages: write | |
| checks: write | |
| pull-requests: write | |
| env: | |
| VERSION: "${{ needs.setup.outputs.VERSION }}" | |
| steps: | |
| - name: Set up QEMU | |
| id: qemu | |
| uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3 | |
| with: | |
| image: tonistiigi/binfmt:latest | |
| platforms: all | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - name: Login to GitHub Packages Docker Registry | |
| uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install earthly | |
| uses: earthly/actions-setup@43211c7a0eae5344d6d79fb4aaf209c8f8866203 # v1.0.13 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| use-cache: true | |
| - name: Build and possibly push | |
| env: | |
| EARTHLY_PUSH: "${{ github.ref == 'refs/heads/main' }}" | |
| EARTHLY_USE_INLINE_CACHE: true | |
| EARTHLY_SAVE_INLINE_CACHE: true | |
| EARTHLY_VERBOSE: true | |
| EARTHLY_FULL_TARGET: true | |
| EARTHLY_OUTPUT: true | |
| EARTHLY_ORG: ${{ vars.EARTHLY_ORG }} | |
| EARTHLY_SATELLITE: ${{ vars.EARTHLY_SATELLITE }} | |
| EARTHLY_TOKEN: ${{ secrets.EARTHLY_TOKEN }} | |
| DOCKERHUB_USERNAME: ${{ vars.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| run: | | |
| earthly --version | |
| earthly "--remote-cache=${cache_image}" +deploy "--main_image=${main_image}" "--VERSION=${VERSION}" | |
| - name: Save manifests for later deploy | |
| uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4 | |
| with: | |
| name: manifests | |
| path: deploy.yaml | |
| deploy: | |
| name: Deploy | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - build | |
| steps: | |
| - name: Download manifests from build | |
| uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # v4 | |
| with: | |
| name: manifests | |
| - name: Install and configure kubectl | |
| run: | | |
| mkdir -p /tmp/kubectl | |
| cd /tmp/kubectl | |
| curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" | |
| curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" | |
| echo "$(<kubectl.sha256) kubectl" | sha256sum --check | |
| chmod +x kubectl | |
| echo "${{ secrets.KUBECONFIG }}" > /tmp/kubectl/kubeconfig | |
| echo "KUBECONFIG=/tmp/kubectl/kubeconfig" >> ${GITHUB_ENV} | |
| - id: join-zt | |
| name: Join ZeroTier network | |
| uses: mortenlj/zerotier-actions/join-zt@main | |
| with: | |
| network_id: ${{ secrets.ZEROTIER_NETWORK_ID }} | |
| api_accesstoken: ${{ secrets.ZEROTIER_API_ACCESSTOKEN }} | |
| ping_target: k3s.home.ibidem.no | |
| - name: Run kubectl apply | |
| run: | | |
| export PATH=/tmp/kubectl:${PATH} | |
| kubectl apply --namespace=default --filename=deploy.yaml --selector=app=quotes --prune=true --wait=true --timeout=60s | |
| - name: Leave ZeroTier network | |
| if: always() | |
| uses: mortenlj/zerotier-actions/leave-zt@main | |
| with: | |
| node_id: ${{ steps.join-zt.outputs.node_id }} | |
| network_id: ${{ secrets.ZEROTIER_NETWORK_ID }} | |
| api_accesstoken: ${{ secrets.ZEROTIER_API_ACCESSTOKEN }} | |
| cleanup: | |
| name: Cleanup | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| needs: build | |
| permissions: | |
| packages: write | |
| steps: | |
| - name: Cleanup main images | |
| uses: dataaxiom/ghcr-cleanup-action@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4 # v1.0.16 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| keep-n-tagged: 5 | |
| older-than: 2 weeks | |
| delete-untagged: true | |
| delete-ghost-images: true | |
| delete-orphaned-images: true | |
| delete-partial-images: true | |
| - name: Cleanup old cache images | |
| uses: dataaxiom/ghcr-cleanup-action@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4 # v1.0.16 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| package: quotes/cache | |
| exclude-tags: cache | |
| keep-n-tagged: 1 | |
| delete-untagged: true | |
| delete-ghost-images: true | |
| delete-orphaned-images: true | |
| delete-partial-images: false |