Skip to content

Bump the dotnet-docker group across 1 directory with 2 updates #1331

Bump the dotnet-docker group across 1 directory with 2 updates

Bump the dotnet-docker group across 1 directory with 2 updates #1331

Workflow file for this run

name: Server
on:
workflow_dispatch:
push:
branches:
- main
tags:
- '*'
# No path filters ensures we always have a docker image matching the latest commit on main
pull_request:
branches:
# Only trigger for PRs against `main` branch.
- main
paths:
- 'server/**'
- '.github/workflows/server.yml'
- '!docs/**'
env:
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
jobs:
Build:
runs-on: ubuntu-latest
env:
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
IMAGE_NAME: 'dependabot-server'
DOCKER_BUILDKIT: 1 # Enable Docker BuildKit
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for GitVersion
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v3.0.1
with:
versionSpec: '6.x'
- name: Determine Version
uses: gittools/actions/gitversion/execute@v3.0.1
id: gitversion
with:
useConfigFile: true
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.x'
- name: Test
run: dotnet test -c Release --collect "Code coverage"
- name: Publish
run: |
dotnet publish \
${{ github.workspace }}/server/Tingle.Dependabot/Tingle.Dependabot.csproj \
-c Release \
-o ${{ github.workspace }}/drop/Tingle.Dependabot
- name: Replace tokens
uses: cschleiden/replace-tokens@v1
with:
files: '["${{ github.workspace }}/server/main.bicep"]'
env:
IMAGE_TAG: ${{ steps.gitversion.outputs.fullSemVer }}
- name: Build bicep file
uses: azure/cli@v2
with:
inlineScript: |
tdnf install -y icu
tdnf install -y jq
cp ${{ github.workspace }}/server/main.bicep ${{ github.workspace }}/drop/main.bicep && \
az bicep build --file server/main.bicep --outfile ${{ github.workspace }}/drop/main.json
- name: Upload Artifact (drop)
uses: actions/upload-artifact@v4
with:
path: ${{ github.workspace }}/drop/*
name: drop
- name: Create deploy folder
run: |
mkdir -p deploy
cp ${{ github.workspace }}/server/main.bicep ${{ github.workspace }}/deploy/main.bicep
cp ${{ github.workspace }}/server/main.parameters.json ${{ github.workspace }}/deploy/main.parameters.json
- name: Replace tokens in deploy folder
uses: cschleiden/replace-tokens@v1
with:
files: '["${{ github.workspace }}/deploy/main.parameters.json"]'
env:
DOCKER_IMAGE_TAG: ${{ steps.gitversion.outputs.shortSha }}
DEPENDABOT_PROJECT_TOKEN: ${{ secrets.DEPENDABOT_PROJECT_TOKEN }}
DEPENDABOT_GITHUB_TOKEN: ${{ secrets.DEPENDABOT_GITHUB_TOKEN }}
- name: Upload Artifact (deploy)
uses: actions/upload-artifact@v4
with:
path: deploy
name: deploy
retention-days: 1
- name: Pull Docker base image & warm Docker cache
run: docker pull "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest"
- name: Build image
run: |
docker build \
-f server/Tingle.Dependabot/Dockerfile.CI \
--label com.github.image.run.id=${{ github.run_id }} \
--label com.github.image.run.number=${{ github.run_number }} \
--label com.github.image.job.id=${{ github.job }} \
--label com.github.image.source.sha=${{ github.sha }} \
--label com.github.image.source.branch=${{ github.ref }} \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.shortSha }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.fullSemVer }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major}}.${{ steps.gitversion.outputs.minor }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}" \
--cache-from ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest \
--build-arg BUILDKIT_INLINE_CACHE=1 \
${{ github.workspace }}/drop/Tingle.Dependabot
- name: Log into registry
if: ${{ (github.ref == 'refs/heads/main') || (!startsWith(github.ref, 'refs/pull')) || startsWith(github.ref, 'refs/tags') }}
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin
- name: Push image (latest, ShortSha)
if: ${{ (github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags') }}
run: |
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest"
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.shortSha }}"
- name: Push image (NuGetVersionV2)
if: ${{ !startsWith(github.ref, 'refs/pull') }}
run: docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.fullSemVer }}"
- name: Push image (major, minor)
if: startsWith(github.ref, 'refs/tags')
run: |
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}.${{ steps.gitversion.outputs.minor }}"
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}"
- name: Upload Release
if: startsWith(github.ref, 'refs/tags/')
uses: ncipollo/release-action@v1
with:
artifacts: >
${{ github.workspace }}/drop/main.bicep,
${{ github.workspace }}/drop/main.json
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
allowUpdates: true
# Deploy:
# runs-on: ubuntu-latest
# needs: Build
# if: ${{ github.actor != 'dependabot[bot]' && ((github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags')) }}
# concurrency:
# group: ${{ github.workflow }}-${{ github.ref }}
# cancel-in-progress: false # wait for previous runs to complete
# steps:
# - name: Download Artifact
# uses: actions/download-artifact@v4
# with:
# name: deploy
# path: ${{ github.workspace }}/deploy
# - name: Azure Login
# uses: azure/login@v2
# with:
# creds: ${{ secrets.AZURE_CREDENTIALS }}
# - name: Deploy
# uses: azure/arm-deploy@v2
# with:
# subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
# resourceGroupName: ${{ env.AZURE_RESOURCE_GROUP }}
# template: '${{ github.workspace }}/deploy/main.bicep'
# parameters: '${{ github.workspace }}/deploy/main.parameters.json'
# scope: 'resourcegroup'