diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 00000000..5ec708b7 --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,115 @@ +# When a PR is merged, or when run manually, this workflow will create a +# release and publish the container image to the GitHub Container Registry. Both +# will be labeled with the version specified in the manifest file. +name: Continuous Delivery + +on: + pull_request: + types: + - closed + branches: + - main + workflow_dispatch: + +env: + CONTAINER_REGISTRY: ghcr.io + CONTAINER_REGISTRY_USERNAME: ${{ github.actor }} + CONTAINER_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} + MANIFEST_PATH: action.yml + +permissions: + contents: write + packages: write + +jobs: + publish: + name: Publish Container Image + runs-on: ubuntu-latest + + # Ignore Dependabot pull requests. + if: | + github.event_name == 'workflow_dispatch' || + (github.event.pull_request.merged == true && + startsWith(github.head_ref, 'dependabot/') == false) + + steps: + - name: Checkout + id: checkout + uses: actions/checkout@v4 + with: + fetch-tags: true + ref: main + + - name: Check Version + id: version + uses: issue-ops/semver@v2 + with: + check-only: true + manifest-path: ${{ env.MANIFEST_PATH }} + ref: main + workspace: ${{ github.workspace }} + + # Create the list of image tags that will be published. If a prerelease is + # being published (e.g. `1.2.3-alpha.4`), only the prerelease tag will be + # published (`v1.2.3-alpha.4`). Otherwise, the following tags will be + # published: + # - `latest` + # - `v1.2.3` + # - `v1.2` + # - `v1` + - name: Set Image Tags + id: tags + uses: actions/github-script@v7 + with: + script: | + const version = '${{ steps.version.outputs.version }}' + + // Check if prerelease (e.g. 1.2.3-alpha.4) + if (version.includes('-')) { + // Only output the prerelease tag + core.setOutput('tags', `type=raw,value=v${version}`) + } else { + // Output all the tags + let tags = [ + 'type=raw,value=latest', + `type=raw,value=v${version}`, + `type=raw,value=v${version.split('.').slice(0, 2).join('.')}`, + `type=raw,value=v${version.split('.')[0]}` + ] + core.setOutput('tags', tags.join('\n')) + } + + # Get metadata to apply to image + - name: Extract Metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.CONTAINER_REGISTRY }}/${{ github.repository }} + tags: ${{ steps.tags.outputs.tags }} + + # Authenticate to the container registry + - name: Authenticate to Container Registry + id: login + uses: docker/login-action@v3 + with: + registry: ${{ env.CONTAINER_REGISTRY }} + username: ${{ env.CONTAINER_REGISTRY_USERNAME }} + password: ${{ env.CONTAINER_REGISTRY_PASSWORD }} + + # Publish the container image + - name: Publish Container Image + id: publish + uses: docker/build-push-action@v6 + env: + LABELS: ${{ steps.meta.outputs.labels }} + TAGS: ${{ steps.meta.outputs.tags }} + with: + labels: ${{ env.LABELS }} + push: true + tags: ${{ env.TAGS }} + + - name: Create Release + id: release + uses: issue-ops/releaser@v2 + with: + tag: v${{ steps.version.outputs.version }} \ No newline at end of file diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml new file mode 100644 index 00000000..a696bc34 --- /dev/null +++ b/.github/workflows/version-check.yml @@ -0,0 +1,39 @@ +# This workflow checks the version of the container image that is being built +# in the current pull request. If the version has already been published, the +# workflow fails to prevent PRs from being merged until the version has been +# incremented in the manifest file. +name: Version Check + +on: + pull_request: + branches: + - main + +env: + MANIFEST_PATH: action.yml + +permissions: + checks: write + contents: read + pull-requests: write + +jobs: + check-version: + name: Version Check + runs-on: ubuntu-latest + + if: ${{ github.actor != 'dependabot[bot]' }} + + steps: + - name: Checkout + id: checkout + uses: actions/checkout@v4 + with: + fetch-tags: true + + - name: Check Version + id: check-version + uses: issue-ops/semver@v2 + with: + check-only: true + manifest-path: ${{ env.MANIFEST_PATH }} \ No newline at end of file diff --git a/action.yml b/action.yml index 15dca12c..5e25fd25 100644 --- a/action.yml +++ b/action.yml @@ -3,7 +3,7 @@ name: 'LaunchDarkly Code References in Pull Request' description: 'Find references to feature flags in your pull request' runs: using: 'docker' - image: 'Dockerfile' + image: 'docker://ghcr.io/LN-Zap/find-code-references-in-pull-request:latest' env: LD_PROJ_KEY: ${{ inputs.project-key }} LD_ACCESS_TOKEN: ${{ inputs.access-token }}