ohcnetwork · gigincg · Mar 13, 2024 · Mar 13, 2024 · Mar 13, 2024 · Mar 13, 2024
@@ -5,6 +5,8 @@ on:
     branches:
       - develop
       - master
+    tags:
+      - v*
   pull_request:
     branches:
       - develop
@@ -29,25 +31,26 @@ jobs:
     runs-on: ubuntu-latest
     name: Test
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
 
       - name: Cache Docker layers
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: /tmp/.buildx-cache
-          key: ${{ runner.os }}-buildx-${{ hashFiles('package-lock.json', 'Dockerfile') }}
+          key: ${{ runner.os }}-buildx-test-${{ hashFiles('package-lock.json', 'Dockerfile') }}
           restore-keys: |
-            ${{ runner.os }}-buildx-
+            ${{ runner.os }}-buildx-test-
 
       - name: Test build
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: Dockerfile
           push: false
+          provenance: false
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
 
@@ -60,132 +63,89 @@ jobs:
           rm -rf /tmp/.buildx-cache
           mv /tmp/.buildx-cache-new /tmp/.buildx-cache
 
-  build-staging:
+  build:
     needs: test
-    name: Build & Push Staging to container registries
-    if: github.ref == 'refs/heads/develop'
+    if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/staging' || github.ref == 'refs/tags/v*'
+    name: Build & Push to container registries
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
-      - name: Docker meta
+      - name: Generate docker tags
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: |
-            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
-            ${{ secrets.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}
+            ghcr.io/${{ github.repository }}
+            ${{ secrets.DOCKER_HUB_USERNAME }}/${{ github.event.repository.name }}
           tags: |
+            type=raw,value=production-latest,enable=${{ github.ref == 'refs/heads/v*' }}
+            type=raw,value=production-latest-${{ github.run_number }}-{{date 'YYYYMMDD'}}-{{sha}},enable=${{ github.ref == 'refs/heads/v*' }}
+            type=raw,value=staging-latest,enable=${{ github.ref == 'refs/heads/staging' }}
+            type=raw,value=staging-latest-${{ github.run_number }}-{{date 'YYYYMMDD'}}-{{sha}},enable=${{ github.ref == 'refs/heads/staging' }}
             type=raw,value=latest,enable=${{ github.ref == 'refs/heads/develop' }}
-            type=raw,value=latest-${{ github.run_number }}-{{date 'YYYYMMDD'}}-{{sha}}
+            type=raw,value=latest-${{ github.run_number }},enable=${{ github.ref == 'refs/heads/develop' }}
             type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
           flavor: |
-            latest=true
+            latest=false
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v3
 
-      - name: Cache Docker layers
-        uses: actions/cache@v3
-        with:
-          path: /tmp/.buildx-cache
-          key: ${{ runner.os }}-buildx-${{ hashFiles('package-lock.json', 'Dockerfile') }}
-          restore-keys: |
-            ${{ runner.os }}-buildx-
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to DockerHub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_HUB_USERNAME }}
           password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build image
-        uses: docker/build-push-action@v3
-        with:
-          context: .
-          file: Dockerfile
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          cache-from: type=local,src=/tmp/.buildx-cache
-          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
-
-      - name: Move cache
-        run: |
-          rm -rf /tmp/.buildx-cache
-          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
-
-  build-production:
-    needs: test
-    name: Build & Push Production to container registries
-    if: github.ref == 'refs/heads/master'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
-            ${{ secrets.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=raw,value=production-latest,enable=${{ github.ref == 'refs/heads/master' }}
-            type=raw,value=production-latest-${{ github.run_number }}-{{date 'YYYYMMDD'}}-{{sha}}
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-          flavor: |
-            latest=false
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
       - name: Cache Docker layers
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: /tmp/.buildx-cache
-          key: ${{ runner.os }}-buildx-${{ hashFiles('package-lock.json', 'Dockerfile') }}
+          key: ${{ runner.os }}-buildx-build-${{ hashFiles('package-lock.json', 'Dockerfile') }}
           restore-keys: |
-            ${{ runner.os }}-buildx-
+            ${{ runner.os }}-buildx-build-
 
-      - name: Login to DockerHub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build image
-        uses: docker/build-push-action@v3
+      - name: Build and push image
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: Dockerfile
           push: true
+          provenance: false
+          platforms: linux/amd64,linux/arm64
           tags: ${{ steps.meta.outputs.tags }}
           cache-from: type=local,src=/tmp/.buildx-cache
-          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
       - name: Move cache
         run: |
           rm -rf /tmp/.buildx-cache
           mv /tmp/.buildx-cache-new /tmp/.buildx-cache
 
+  notify-release:
+    needs: build
+    if: github.ref == 'refs/tags/v*'
+    name: Notify release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify release
+        run: |
+          echo "Release ${{ github.sha }} is ready to be deployed to production"
+
   deploy-staging-gcp:
-    needs: build-staging
+    needs: build
+    if: github.ref == 'refs/heads/staging'
     name: Deploy to staging GCP cluster
     runs-on: ubuntu-latest
     environment:
@@ -231,7 +191,7 @@ jobs:
           kubectl apply -f care-fe.yaml
 
   deploy-production-manipur:
-    needs: build-production
+    needs: notify-release
     name: Deploy to GKE Manipur
     runs-on: ubuntu-latest
     environment:
@@ -277,7 +237,7 @@ jobs:
           kubectl apply -f care-fe.yaml
 
   deploy-production-karnataka:
-    needs: build-production
+    needs: notify-release
     name: Deploy to GKE Karnataka
     runs-on: ubuntu-latest
     environment:
@@ -323,7 +283,7 @@ jobs:
           kubectl apply -f care-fe.yaml
 
   deploy-production-sikkim:
-    needs: build-production
+    needs: notify-release
     name: Deploy to GKE Sikkim
     runs-on: ubuntu-latest
     environment:
@@ -369,7 +329,7 @@ jobs:
           kubectl apply -f care-fe.yaml
 
   deploy-production-assam:
-    needs: build-production
+    needs: notify-release
     name: Deploy to GKE Assam
     runs-on: ubuntu-latest
     environment:
@@ -415,7 +375,7 @@ jobs:
           kubectl apply -f care-fe.yaml
 
   deploy-production-nagaland:
-    needs: build-production
+    needs: notify-release
     name: Deploy to GKE Nagaland
     runs-on: ubuntu-latest
     environment:
@@ -461,7 +421,7 @@ jobs:
           kubectl apply -f care-fe.yaml
 
   deploy-production-meghalaya:
-    needs: build-production
+    needs: notify-release
     name: Deploy to GKE Meghalaya
     runs-on: ubuntu-latest
     environment: