Skip to content

Commit

Permalink
feat: add running only manually
Browse files Browse the repository at this point in the history
  • Loading branch information
NiklasKoehneckeAA committed Apr 10, 2024
1 parent 41960aa commit cbc6631
Showing 1 changed file with 5 additions and 55 deletions.
60 changes: 5 additions & 55 deletions .github/workflows/artifactory.yml
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
name: Artifactory Deployment of PyPi and trace-viewer

on:
push: {}
workflow_dispatch: {}

env:
ARTIFACTORY_URL: https://alephalpha.jfrog.io
ARTIFACTORY_PYPI_REPOSITORY: "intelligence-layer"
ARTIFACTORY_DOCKER_REGISTRY: alephalpha.jfrog.io/intelligence-layer-images

jobs:
push-to:
build-and-push-pypi:
permissions:
contents: read
id-token: write
Expand Down Expand Up @@ -52,51 +52,6 @@ jobs:
JFROG_ACCESS_TOKEN_SUBJECT=$(echo $JFROG_ACCESS_TOKEN | awk -F'.' '{print $2}' | sed 's/.\{1,3\}$/&==/' | base64 -d | jq '.sub' -r)
poetry config http-basic.artifactory "$JFROG_ACCESS_TOKEN_SUBJECT" "$JFROG_ACCESS_TOKEN"
poetry publish -r artifactory
build-and-push-image:
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}-trace-viewer
runs-on: ubuntu-latest
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
- name: Log in to the Container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: ./trace-viewer
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

publish-docker:
permissions:
contents: read
Expand All @@ -105,16 +60,14 @@ jobs:
env:
GITHUB_DOCKER_REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}-trace-viewer
#needs:
#["build-and-push-image"]
runs-on: ubuntu-latest
steps:
- name: Get Identity Token From Github
run: |
ID_TOKEN=$(curl -sLS -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
"${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=https://alephalpha.jfrog.io" | jq .value | tr -d '"')
echo "ID_TOKEN=${ID_TOKEN}" >> $GITHUB_ENV
- name: Get Jfrog Access Token with Github Identity Token
- name: Get Jfrog Access Token & Token Subject with Github Identity Token
env:
ID_TOKEN: ${{ env.ID_TOKEN }}
run: |
Expand All @@ -128,10 +81,6 @@ jobs:
echo "JFROG_ACCESS_TOKEN=${JFROG_ACCESS_TOKEN}" >> $GITHUB_ENV
JFROG_ACCESS_TOKEN_SUBJECT=$(echo $JFROG_ACCESS_TOKEN | awk -F'.' '{print $2}' | sed 's/.\{1,3\}$/&==/' | base64 -d | jq '.sub' -r)
echo "JFROG_ACCESS_TOKEN_SUBJECT=${JFROG_ACCESS_TOKEN_SUBJECT}" >> $GITHUB_ENV
echo $ID_TOKEN
echo $JFROG_ACCESS_TOKEN
echo $JFROG_ACCESS_TOKEN_SUBJECT
- name: Log in to the github container registry
uses: docker/login-action@v3
with:
Expand All @@ -148,10 +97,11 @@ jobs:
username: ${{ env.JFROG_ACCESS_TOKEN_SUBJECT }}
password: ${{ env.JFROG_ACCESS_TOKEN }}
- name: Build package and push to Artifactory
# Docker accepts only lower-case names. Therefore, the first line is needed
run: |
IMAGE_NAME=${IMAGE_NAME,,}
echo $GITHUB_DOCKER_REGISTRY/$IMAGE_NAME
echo $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest
docker pull $GITHUB_DOCKER_REGISTRY/$IMAGE_NAME
docker tag $GITHUB_DOCKER_REGISTRY/$IMAGE_NAME $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest
docker push $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest
docker push $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest

0 comments on commit cbc6631

Please sign in to comment.