Skip to content

CD

CD #752

Workflow file for this run

name: CD
on:
workflow_dispatch:
inputs:
tag:
description: 'Tag to build & push'
required: true
type: string
skip_private_build:
description: 'Skip private build (true/false) can only be used when the image already exists'
required: false
type: boolean
default: false
env:
GO_VERSION: "1.22"
PRIVATE_REGISTRY_HOST: us-central1-docker.pkg.dev
jobs:
# Build and Push to Private Registry
private-build:
if: inputs.skip_private_build != 'true'
name: Build & Push to Private Container Registry
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
role: [access, collection, consensus, execution, observer, verification]
environment: Private Docker Registry
steps:
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
- name: Checkout repo
uses: actions/checkout@v3
- id: auth
uses: google-github-actions/auth@v1
with:
credentials_json: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
- name: Authenticate Docker with gcloud
run: gcloud auth configure-docker ${{ env.PRIVATE_REGISTRY_HOST }}
- name: Build & Push ${{ matrix.role }}
env:
CONTAINER_REGISTRY: ${{ vars.PRIVATE_REGISTRY }}
run: |
make docker-build-${{ matrix.role }}-with-adx docker-push-${{ matrix.role }}-with-adx CONTAINER_REGISTRY=${CONTAINER_REGISTRY}
make docker-build-${{ matrix.role }}-without-adx docker-push-${{ matrix.role }}-without-adx CONTAINER_REGISTRY=${CONTAINER_REGISTRY}
make docker-build-${{ matrix.role }}-without-netgo-without-adx docker-push-${{ matrix.role }}-without-netgo-without-adx CONTAINER_REGISTRY=${CONTAINER_REGISTRY}
make docker-cross-build-${{ matrix.role }}-arm docker-push-${{ matrix.role }}-arm CONTAINER_REGISTRY=${CONTAINER_REGISTRY}
# Individual Promotion Jobs using the Base Tag for Full Tags
promote-access:
name: Promote Access Role to Public Registry
runs-on: ubuntu-latest
needs: private-build
environment: Promote Access
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Promote Access
uses: ./actions/promote-images
with:
gcp_credentials: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
private_registry: ${{ vars.PRIVATE_REGISTRY }}
public_registry: ${{ vars.PUBLIC_REGISTRY }}
registry_host: ${{ env.PRIVATE_REGISTRY_HOST }}
role: access
tags: "${{ inputs.tag }},${{ inputs.tag }}-without-adx,${{ inputs.tag }}-without-netgo-without-adx,${{ inputs.tag }}-arm"
promote-collection:
name: Promote Collection Role to Public Registry
runs-on: ubuntu-latest
needs: private-build
environment: Promote Collection
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Promote Collection
uses: ./actions/promote-images
with:
gcp_credentials: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
private_registry: ${{ vars.PRIVATE_REGISTRY }}
public_registry: ${{ vars.PUBLIC_REGISTRY }}
registry_host: ${{ env.PRIVATE_REGISTRY_HOST }}
role: collection
tags: "${{ inputs.tag }},${{ inputs.tag }}-without-adx,${{ inputs.tag }}-without-netgo-without-adx,${{ inputs.tag }}-arm"
# promote-consensus:
# name: Promote Consensus Role to Public Registry
# runs-on: ubuntu-latest
# needs: private-build
# environment: Promote Consensus
# steps:
# - name: Checkout repo
# uses: actions/checkout@v3
#
# - name: Promote Consensus
# uses: ./.github/actions/promote
# with:
# gcp_credentials: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
# role: consensus
# tags: "${{ inputs.tag }},${{ inputs.tag }}-without-adx,${{ inputs.tag }}-without-netgo-without-adx,${{ inputs.tag }}-arm"
# private_registry: ${{ vars.PRIVATE_REGISTRY }}
# public_registry: ${{ vars.PUBLIC_REGISTRY }}
# registry_host: ${{ env.PRIVATE_REGISTRY_HOST }}
#
# promote-execution:
# name: Promote Execution Role to Public Registry
# runs-on: ubuntu-latest
# needs: private-build
# environment: Promote Execution
# steps:
# - name: Checkout repo
# uses: actions/checkout@v3
#
# - name: Promote Execution
# uses: ./.github/actions/promote
# with:
# gcp_credentials: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
# role: execution
# tags: "${{ inputs.tag }},${{ inputs.tag }}-without-adx,${{ inputs.tag }}-without-netgo-without-adx,${{ inputs.tag }}-arm"
# private_registry: ${{ vars.PRIVATE_REGISTRY }}
# public_registry: ${{ vars.PUBLIC_REGISTRY }}
# registry_host: ${{ env.PRIVATE_REGISTRY_HOST }}
#
# promote-observer:
# name: Promote Observer Role to Public Registry
# runs-on: ubuntu-latest
# needs: private-build
# environment: Promote Observer
# steps:
# - name: Checkout repo
# uses: actions/checkout@v3
#
# - name: Promote Observer
# uses: ./.github/actions/promote
# with:
# gcp_credentials: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
# role: observer
# tags: "${{ inputs.tag }},${{ inputs.tag }}-without-adx,${{ inputs.tag }}-without-netgo-without-adx,${{ inputs.tag }}-arm"
# private_registry: ${{ vars.PRIVATE_REGISTRY }}
# public_registry: ${{ vars.PUBLIC_REGISTRY }}
# registry_host: ${{ env.PRIVATE_REGISTRY_HOST }}
#
# promote-verification:
# name: Promote Verification Role to Public Registry
# runs-on: ubuntu-latest
# needs: private-build
# environment: Promote Verification
# steps:
# - name: Checkout repo
# uses: actions/checkout@v3
#
# - name: Promote Verification
# uses: ./.github/actions/promote
# with:
# gcp_credentials: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
# role: verification
# tags: "${{ inputs.tag }},${{ inputs.tag }}-without-adx,${{ inputs.tag }}-without-netgo-without-adx,${{ inputs.tag }}-arm"
# private_registry: ${{ vars.PRIVATE_REGISTRY }}
# public_registry: ${{ vars.PUBLIC_REGISTRY }}
# registry_host: ${{ env.PRIVATE_REGISTRY_HOST }}
#