Skip to content

Commit

Permalink
Update hive ci/cd
Browse files Browse the repository at this point in the history
- move hive-cd to docker-publish
- remove workflow_dispatch

Signed-off-by: jmasar <[email protected]>
  • Loading branch information
jmasar committed Feb 19, 2024
1 parent 46c94f1 commit 27e9ba4
Show file tree
Hide file tree
Showing 4 changed files with 55 additions and 55 deletions.
48 changes: 31 additions & 17 deletions .github/workflows/docker-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: Docker

on:
push:
# Publish `master` as Docker `latest` image.
# Publish `master` and `stable` as Docker `latest` image.
branches:
- 'master'
- '[0-9]+.X-stable'
Expand All @@ -14,7 +14,6 @@ on:

# Run tests for any PRs.
pull_request:
workflow_dispatch:

env:
# TODO: Change variable to your image's name.
Expand Down Expand Up @@ -48,37 +47,52 @@ jobs:
with:
fetch-depth: 0

- name: Build image
run: docker build . --file Dockerfile --build-arg git_commit=$(git rev-parse HEAD) --tag $IMAGE_NAME

- uses: Azure/container-scan@v0
with:
image-name: ${{ env.IMAGE_NAME }}:latest
# severity-threshold: CRITICAL

#### Set tags based on source type ####

- name: Set tag for latest image
- name: Set tag and hive token for latest image
if: github.ref_type == 'branch' && startsWith(github.ref, 'refs/heads/master')
run: |
echo "IMAGE_TAG=$(echo 'latest')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_MASTER_LATEST_TOKEN }}" >> "$GITHUB_ENV"
- name: Set tag for stable-latest image
- name: Set tag and hive token for stable-latest image
if: github.ref_type == 'branch' && endsWith(github.ref, '-stable')
run: |
echo "IMAGE_TAG=$(echo 'stable-latest')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_STABLE_LATEST_TOKEN }}" >> "$GITHUB_ENV"
- name: Set tag for stable-release image
- name: Set tag and hive token for stable-release image
if: github.ref_type == 'tag' && endsWith(github.ref, '-stable')
run: |
echo "IMAGE_TAG=$(echo $GITHUB_REF | cut -d / -f 3 | sed -e 's/^v-//' | sed -e 's/-stable//')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_STABLE_RELEASE_TOKEN }}" >> "$GITHUB_ENV"
- name: Set tag for release image
- name: Set tag and hive token for release image
if: ${{ github.ref_type == 'tag' && !endsWith(github.ref, '-stable') }}
run: |
echo "IMAGE_TAG=$(echo $GITHUB_REF | cut -d / -f 3 | sed -e 's/^v-//')" >> "$GITHUB_ENV"
echo "HIVE_TOKEN=${{ secrets.HIVE_MASTER_RELEASE_TOKEN }}" >> "$GITHUB_ENV"
- name: Build image
run: docker build . --file Dockerfile --build-arg git_commit=$(git rev-parse HEAD) --tag $IMAGE_NAME:${IMAGE_TAG}

- uses: Azure/container-scan@v0
with:
image-name: ${{ env.IMAGE_NAME }}:${{ IMAGE_TAG }}
# severity-threshold: CRITICAL

- name: Log into docker hub
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin

- name: Push image
run: |
docker push $IMAGE_NAME:${IMAGE_TAG}
- name: Push stable-release image
- name: Hive publish
env:
SCHEMA_PATH: "schellar/graph/schema.graphqls"
run: |
docker tag $IMAGE_NAME:latest $IMAGE_NAME:${IMAGE_TAG}
# docker push $IMAGE_NAME:${IMAGE_TAG}
curl -sSL https://graphql-hive.com/install.sh | sh
hive schema:publish ${{ env.SCHEMA_PATH }} \
--registry.accessToken ${HIVE_TOKEN} \
--github
30 changes: 0 additions & 30 deletions .github/workflows/hive-cd.yml

This file was deleted.

28 changes: 23 additions & 5 deletions .github/workflows/hive-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,21 +10,39 @@ on:
- 'v*'
- 'v[0-9]+.[0-9]+.[0-9]-stable'

workflow_dispatch:

jobs:
hive-check:
runs-on: ubuntu-latest
if: ${{ github.actor != 'dependabot[bot]' }}
steps:
- name: checkout
uses: actions/checkout@v3
- name: schema check

- name: Stable token
if: github.ref_type == 'branch' && endsWith(github.ref, '-stable')
run: |
echo "HIVE_TOKEN=${{ secrets.HIVE_STABLE_LATEST_TOKEN }}" >> "$GITHUB_ENV"
- name: Master token
if: github.ref_type == 'branch' && startsWith(github.ref, 'refs/heads/master')
run: |
echo "HIVE_TOKEN=${{ secrets.HIVE_MASTER_LATEST_TOKEN }}" >> "$GITHUB_ENV"
- name: Stable release token
if: github.ref_type == 'tag' && endsWith(github.ref, '-stable')
run: |
echo "HIVE_TOKEN=${{ secrets.HIVE_STABLE_RELEASE_TOKEN }}" >> "$GITHUB_ENV"
- name: Master release token
if: ${{ github.ref_type == 'tag' && !endsWith(github.ref, '-stable') }}
run: |
echo "HIVE_TOKEN=${ secrets.HIVE_MASTER_RELEASE_TOKEN }" >> "$GITHUB_ENV"
- name: Schema check
env:
HIVE_TOKEN: ${{ secrets.HIVE_TOKEN }}
SCHEMA_PATH: "schellar/graph/schema.graphqls"
run: |
curl -sSL https://graphql-hive.com/install.sh | sh
hive schema:check ${{ env.SCHEMA_PATH }} \
--registry.accessToken ${{ env.HIVE_TOKEN }} \
--registry.accessToken ${HIVE_TOKEN} \
--github
4 changes: 1 addition & 3 deletions .github/workflows/security-test.yml
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
name: PR check

on:
pull_request:
workflow_dispatch:
on: pull_request

env:
IMAGE_NAME: frinx/uniflow-schellar
Expand Down

0 comments on commit 27e9ba4

Please sign in to comment.