Use unified workflow to build faucet (#183)

* Use GCR instead of Dockerhub * bump * Use unified workflow to build faucet
Zilliqa · Sep 5, 2023 · 78b317b · 78b317b
1 parent 91b3792
commit 78b317b
Show file tree

Hide file tree

Showing 3 changed files with 90 additions and 71 deletions.
diff --git a/.github/workflows/cicd-prd.yml b/.github/workflows/cicd-prd.yml
@@ -0,0 +1,77 @@
+name: "CICD"
+
+on:
+  # Test run before merging
+  pull_request:
+    branches:
+      - main
+  # On merged
+  push:
+    branches:
+      - main
+  # On released
+  release:
+    types: [created]
+
+jobs:
+  build-docker:
+    permissions:
+      id-token: write
+      contents: write
+    runs-on: ubuntu-22.04
+    if: ${{ github.actor != 'dependabot[bot]' }}
+    name: "Build and push images"
+    strategy:
+      fail-fast: false
+      matrix:
+        application: [eth-spout]
+        include:
+          - application: eth-spout
+            docker_domain: asia-docker.pkg.dev
+            registry_prd: asia-docker.pkg.dev/prj-d-devops-services-4dgwlsse/zilliqa-public
+            image_name: eth-spout
+            path: products/eth-spout
+    env:
+      DEFAULT_BRANCH: main
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+          fetch-depth: 0
+
+      - name: "Authenticate to Google Cloud - prod"
+        if: github.ref_name == env.DEFAULT_BRANCH && github.event_name != 'release'
+        id: google-auth
+        uses: "google-github-actions/auth@v1"
+        with:
+          token_format: "access_token"
+          workload_identity_provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}"
+          service_account: "${{ secrets.GCP_PRD_GITHUB_SA_DOCKER_REGISTRY }}"
+          create_credentials_file: true
+
+      - name: Login to the registry - prod
+        if: github.ref_name == env.DEFAULT_BRANCH && github.event_name != 'release'
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ matrix.docker_domain }}
+          username: "oauth2accesstoken"
+          password: "${{ steps.google-auth.outputs.access_token }}"
+
+      - name: Get tag version - prod
+        if: github.ref_name == env.DEFAULT_BRANCH && github.event_name != 'release'
+        id: set-tag
+        uses: Zilliqa/gh-actions-workflows/actions/generate-tag@v1
+        with:
+          tag: ${{ matrix.registry_prd }}/${{ matrix.image_name }}
+          length: 8
+
+      - name: "Build and push ${{ matrix.application }} - prod"
+        if: github.ref_name == env.DEFAULT_BRANCH && github.event_name != 'release'
+        env:
+          ENVIRONMENT: stg
+          IMAGE_TAG: ${{ steps.set-tag.outputs.tags }}
+        run: |
+          cd ${{ matrix.path }}
+          make image/build-and-push
diff --git a/.github/workflows/eth-spout.yaml b/.github/workflows/eth-spout.yaml
diff --git a/products/eth-spout/Makefile b/products/eth-spout/Makefile
@@ -0,0 +1,13 @@
+.PHONY: all
+all: image/build-and-push
+
+.ONESHELL:
+SHELL := /bin/bash
+.SHELLFLAGS = -ec
+
+IMAGE_TAG ?= localhost:5001/eth-spout:latest
+
+## Build and push the Docker image
+image/build-and-push:
+	docker build -t "${IMAGE_TAG}" .
+	docker push "${IMAGE_TAG}"