diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml deleted file mode 100644 index 4e397f4..0000000 --- a/.github/workflows/chart-release.yaml +++ /dev/null @@ -1,86 +0,0 @@ -############################################################### -# Copyright (c) 2024 BMW Group AG -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -name: Release Chart - -on: - workflow_dispatch: - push: - paths: - - 'charts/**' - branches: - - main - -jobs: - release: - # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions - # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token - permissions: - contents: write - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - fetch-depth: 0 - - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - - name: Install Helm - uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Update helm dependencies for dim - run: | - cd charts/dim - helm repo add bitnami https://charts.bitnami.com/bitnami - helm dependency update - - - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.1 - env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - CR_SKIP_EXISTING: "true" - - - name: Get current helm chart version - id: chart-version - run: | - current=$(cat ./charts/dim/Chart.yaml | grep "version:" | head -1 | cut -d ":" -d " " -f2) - echo "current=$current" >> $GITHUB_OUTPUT - echo "Exported $current helm chart version" - - - name: Check for previous version - id: version-check - run: | - exists=$(git tag -l "v${{ steps.chart-version.outputs.current }}") - if [[ -n "$exists" ]]; then - echo "exists=true" >> $GITHUB_OUTPUT - else - echo "exists=false" >> $GITHUB_OUTPUT - fi - - - name: Create and push git tag for release workflow to be triggered - run: | - git tag v${{ steps.chart-version.outputs.current }} - git push origin v${{ steps.chart-version.outputs.current }} - if: steps.version-check.outputs.exists == 'false' \ No newline at end of file diff --git a/.github/workflows/migrations-docker.yml b/.github/workflows/migrations-docker.yml index 5fd83c7..cd592a6 100644 --- a/.github/workflows/migrations-docker.yml +++ b/.github/workflows/migrations-docker.yml @@ -69,7 +69,7 @@ jobs: with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image diff --git a/.github/workflows/processes-worker-docker.yml b/.github/workflows/processes-worker-docker.yml index b5a9816..3a5eb6a 100644 --- a/.github/workflows/processes-worker-docker.yml +++ b/.github/workflows/processes-worker-docker.yml @@ -68,7 +68,7 @@ jobs: with: images: ${{ env.REGISTRY}}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6411efa..936cf36 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -74,23 +74,25 @@ jobs: dockerfile: docker/Dockerfile-dim-migrations - image: ghcr.io/${{ github.repository }}_dim-processes-worker dockerfile: docker/Dockerfile-dim-processes-worker + outputs: + app-version: ${{ steps.app-version.outputs.current }} steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - - name: Get current helm chart version - id: chart-version + - name: Get current appVersion + id: app-version run: | - current=$(cat ./charts/dim/Chart.yaml | grep "version:" | head -1 | cut -d ":" -d " " -f2) + current=$(cat ./charts/dim/Chart.yaml | grep "appVersion:" | head -1 | cut -d ":" -d " " -f2) echo "current=$current" >> $GITHUB_OUTPUT - echo "Exported $current helm chart version" + echo "Exported $current appVersion" - name: Check for previous version id: version-check run: | - exists=$(git tag -l "v${{ steps.chart-version.outputs.current }}") + exists=$(git tag -l "v${{ steps.app-version.outputs.current }}") if [[ -n "$exists" ]]; then echo "exists=true" >> $GITHUB_OUTPUT else @@ -125,9 +127,9 @@ jobs: type=ref,event=branch type=ref,event=pr type=raw,value=latest - type=semver,pattern={{version}},value=${{ steps.chart-version.outputs.current }} - type=semver,pattern={{major}},value=${{ steps.chart-version.outputs.current }} - type=semver,pattern={{major}}.{{minor}},value=${{ steps.chart-version.outputs.current }} + type=semver,pattern={{version}},value=${{ steps.app-version.outputs.current }} + type=semver,pattern={{major}},value=${{ steps.app-version.outputs.current }} + type=semver,pattern={{major}}.{{minor}},value=${{ steps.app-version.outputs.current }} if: steps.version-check.outputs.exists == 'false' - name: Build and push Docker images @@ -142,8 +144,13 @@ jobs: labels: ${{ steps.meta.outputs.labels }} if: steps.version-check.outputs.exists == 'false' + create-tag: + needs: release-images + permissions: + contents: write + runs-on: ubuntu-latest + steps: - name: Create and push git tag run: | - git tag v${{ steps.chart-version.outputs.current }} - git push origin v${{ steps.chart-version.outputs.current }} - if: steps.version-check.outputs.exists == 'false' + git tag v${{ needs.release-images.outputs.app-version }} + git push origin v${{ needs.release-images.outputs.app-version }} diff --git a/.github/workflows/service-docker.yml b/.github/workflows/service-docker.yml index 261e9f0..5bf5c8d 100644 --- a/.github/workflows/service-docker.yml +++ b/.github/workflows/service-docker.yml @@ -68,7 +68,7 @@ jobs: with: images: ${{ env.REGISTRY}}/${{ env.IMAGE_NAME }} tags: | - type=raw,value=dev + type=raw,value=main type=raw,value=${{ github.sha }} - name: Build and push Docker image diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index d59e056..35d3384 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -93,7 +93,7 @@ jobs: uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d # v0.18.0 with: # Path to Docker image - image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_SERVICE}}:dev" + image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_SERVICE}}:main" format: "sarif" output: "trivy-results2.sarif" vuln-type: "os,library" @@ -125,7 +125,7 @@ jobs: uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d # v0.18.0 with: # Path to Docker image - image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_MIGRATIONS}}:dev" + image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_MIGRATIONS}}:main" format: "sarif" output: "trivy-results3.sarif" vuln-type: "os,library" @@ -157,7 +157,7 @@ jobs: uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d # v0.18.0 with: # Path to Docker image - image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_WORKER}}:dev" + image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_WORKER}}:main" format: "sarif" output: "trivy-results4.sarif" vuln-type: "os,library"