Skip to content

GA Hive Integration (#35) #166

GA Hive Integration (#35)

GA Hive Integration (#35) #166

name: Docker
on:
push:
# Publish `master` and `stable` as Docker `latest` image.
branches:
- 'master'
- '[0-9]+.X-stable'
# Publish `v1.2.3` tags as releases.
tags:
- 'v*'
- 'v[0-9]+.[0-9]+.[0-9]-stable'
# Run tests for any PRs.
pull_request:
env:
# TODO: Change variable to your image's name.
IMAGE_NAME: frinx/schellar
# DOCKER_CONTENT_TRUST: 1
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run tests
run: |
./test.sh
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
#### Set tags based on source type ####
- name: Set tag and hive token for latest image
if: github.ref_type == 'branch' && startsWith(github.ref, 'refs/heads/master')
run: |
echo "IMAGE_TAG=$(echo 'latest')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_MASTER_LATEST_TOKEN }}" >> "$GITHUB_ENV"
- name: Set tag and hive token for stable-latest image
if: github.ref_type == 'branch' && endsWith(github.ref, '-stable')
run: |
echo "IMAGE_TAG=$(echo 'stable-latest')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_STABLE_LATEST_TOKEN }}" >> "$GITHUB_ENV"
- name: Set tag and hive token for stable-release image
if: github.ref_type == 'tag' && endsWith(github.ref, '-stable')
run: |
echo "IMAGE_TAG=$(echo $GITHUB_REF | cut -d / -f 3 | sed -e 's/^v-//' | sed -e 's/-stable//')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_STABLE_RELEASE_TOKEN }}" >> "$GITHUB_ENV"
- name: Set tag and hive token for release image
if: ${{ github.ref_type == 'tag' && !endsWith(github.ref, '-stable') }}
run: |
echo "IMAGE_TAG=$(echo $GITHUB_REF | cut -d / -f 3 | sed -e 's/^v-//')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_MASTER_RELEASE_TOKEN }}" >> "$GITHUB_ENV"
- name: Build image
run: docker build . --file Dockerfile --build-arg git_commit=$(git rev-parse HEAD) --tag $IMAGE_NAME:${IMAGE_TAG}
- uses: Azure/container-scan@v0
with:
image-name: ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
# severity-threshold: CRITICAL
- name: Log into docker hub
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
- name: Push image
run: |
docker push $IMAGE_NAME:${IMAGE_TAG}
- name: Hive publish
env:
SCHEMA_PATH: "schellar/graph/schema.graphqls"
run: |
curl -sSL https://graphql-hive.com/install.sh | sh
hive schema:publish ${{ env.SCHEMA_PATH }} \
--registry.accessToken ${HIVE_TOKEN} \
--github