From cbc66310405cfaa4501d89701e8d1fb2c557a323 Mon Sep 17 00:00:00 2001 From: Niklas Koehnecke Date: Wed, 10 Apr 2024 12:48:53 +0200 Subject: [PATCH] feat: add running only manually --- .github/workflows/artifactory.yml | 60 +++---------------------------- 1 file changed, 5 insertions(+), 55 deletions(-) diff --git a/.github/workflows/artifactory.yml b/.github/workflows/artifactory.yml index b75093e99..66fe809ae 100644 --- a/.github/workflows/artifactory.yml +++ b/.github/workflows/artifactory.yml @@ -1,7 +1,7 @@ name: Artifactory Deployment of PyPi and trace-viewer on: - push: {} + workflow_dispatch: {} env: ARTIFACTORY_URL: https://alephalpha.jfrog.io @@ -9,7 +9,7 @@ env: ARTIFACTORY_DOCKER_REGISTRY: alephalpha.jfrog.io/intelligence-layer-images jobs: - push-to: + build-and-push-pypi: permissions: contents: read id-token: write @@ -52,51 +52,6 @@ jobs: JFROG_ACCESS_TOKEN_SUBJECT=$(echo $JFROG_ACCESS_TOKEN | awk -F'.' '{print $2}' | sed 's/.\{1,3\}$/&==/' | base64 -d | jq '.sub' -r) poetry config http-basic.artifactory "$JFROG_ACCESS_TOKEN_SUBJECT" "$JFROG_ACCESS_TOKEN" poetry publish -r artifactory - - build-and-push-image: - # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}-trace-viewer - runs-on: ubuntu-latest - # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. - permissions: - contents: read - packages: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - - # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. - - name: Log in to the Container registry - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. - # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. - # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - context: ./trace-viewer - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - publish-docker: permissions: contents: read @@ -105,8 +60,6 @@ jobs: env: GITHUB_DOCKER_REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }}-trace-viewer - #needs: - #["build-and-push-image"] runs-on: ubuntu-latest steps: - name: Get Identity Token From Github @@ -114,7 +67,7 @@ jobs: ID_TOKEN=$(curl -sLS -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \ "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=https://alephalpha.jfrog.io" | jq .value | tr -d '"') echo "ID_TOKEN=${ID_TOKEN}" >> $GITHUB_ENV - - name: Get Jfrog Access Token with Github Identity Token + - name: Get Jfrog Access Token & Token Subject with Github Identity Token env: ID_TOKEN: ${{ env.ID_TOKEN }} run: | @@ -128,10 +81,6 @@ jobs: echo "JFROG_ACCESS_TOKEN=${JFROG_ACCESS_TOKEN}" >> $GITHUB_ENV JFROG_ACCESS_TOKEN_SUBJECT=$(echo $JFROG_ACCESS_TOKEN | awk -F'.' '{print $2}' | sed 's/.\{1,3\}$/&==/' | base64 -d | jq '.sub' -r) echo "JFROG_ACCESS_TOKEN_SUBJECT=${JFROG_ACCESS_TOKEN_SUBJECT}" >> $GITHUB_ENV - - echo $ID_TOKEN - echo $JFROG_ACCESS_TOKEN - echo $JFROG_ACCESS_TOKEN_SUBJECT - name: Log in to the github container registry uses: docker/login-action@v3 with: @@ -148,10 +97,11 @@ jobs: username: ${{ env.JFROG_ACCESS_TOKEN_SUBJECT }} password: ${{ env.JFROG_ACCESS_TOKEN }} - name: Build package and push to Artifactory + # Docker accepts only lower-case names. Therefore, the first line is needed run: | IMAGE_NAME=${IMAGE_NAME,,} echo $GITHUB_DOCKER_REGISTRY/$IMAGE_NAME echo $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest docker pull $GITHUB_DOCKER_REGISTRY/$IMAGE_NAME docker tag $GITHUB_DOCKER_REGISTRY/$IMAGE_NAME $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest - docker push $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest \ No newline at end of file + docker push $ARTIFACTORY_DOCKER_REGISTRY/trace-viewer:latest