Skip to content

index

index #360

Workflow file for this run

name: index
on:
workflow_dispatch:
push:
branches: [ master ]
pull_request:
branches: [ master ]
schedule:
- cron: '0 */24 * * *'
jobs:
update-revisions:
runs-on: ubuntu-latest
outputs:
update_deps: ${{ env.UPDATE_DEPS }}
do_update: ${{ env.DO_UPDATE }}
if: >-
( github.event_name == 'schedule' ||
github.event_name == 'push' ||
github.event_name == 'workflow_dispatch' ||
github.event.inputs.check-for-updates )
steps:
- name: Checkout this repository
id: checkout
uses: actions/checkout@v3
- name: Check for new commits in tested repositories
id: check
# The script update-deps.py defines the following environment variables:
# DO_UPDATE : boolean
# If set to true, then there is at least one update required
# COMMIT_MSG_FILE : string
# Name of file containing the commit message used by bot
if: github.event_name != 'workflow_dispatch'
run: |
apt -y update && apt -y install python3 python3-pip
pip install -r requirements.txt
python3 update-deps.py
echo "UPDATE_DEPS=$(cat update-deps.json)" >> $GITHUB_ENV
- name: (Workflow dispatch) Configure build commit
id: workflow_dispatch_update
if: github.event_name == 'workflow_dispatch'
run: |
echo "DO_UPDATE=true" | tee -a "$GITHUB_ENV"
echo "UPDATE_DEPS=$(cat deps.json)" | tee -a "$GITHUB_ENV"
echo "Workflow dispatch update" > commit_message.txt
echo "COMMIT_MSG_FILE=commit_message.txt" | tee -a "$GITHUB_ENV"
- name: Print environment variables
id: print
run: |
echo "DO_UPDATE="${{ env.DO_UPDATE }}
echo "UPDATE_DEPS="${{ env.UPDATE_DEPS }}
echo "COMMIT_MSG_FILE="${{ env.COMMIT_MSG_FILE }}
- name: Update revisions
id: update
if: ${{ env.DO_UPDATE != 'False' || github.event_name == 'workflow_dispatch' }}
run: |
git config --global user.name 'github-actions[bot]'
git config --global user.email '41898282+github-actions[bot]@users.noreply.github.com'
git commit -a --allow-empty -F ${{ env.COMMIT_MSG_FILE }}
git push origin master
index-cores:
needs: update-revisions
if: ${{ needs.update-revisions.outputs.do_update != 'False' }}
runs-on: ubuntu-latest
strategy:
matrix: ${{ fromJson( needs.update-revisions.outputs.update_deps ) }}
env:
IMAGE: ${{ secrets.IMAGE }}
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Set environment variables
shell: bash
run: |
echo "REPOSITORY_NAME=${{ matrix.cores.repository_name }}" >> $GITHUB_ENV
echo "REPOSITORY_URL=${{ matrix.cores.repository_url }}" >> $GITHUB_ENV
echo "REPOSITORY_BRANCH=${{ matrix.cores.repository_branch }}" >> $GITHUB_ENV
echo "REPOSITORY_REV=${{ matrix.cores.repository_revision }}" >> $GITHUB_ENV
- name: Update commit status (pending)
# Status is set automatically for all commits except those created with GH Action
if: ${{ needs.update-revisions.outputs.do_update }}
run: ./set-status ${{ secrets.GITHUB_TOKEN }} $(git rev-parse HEAD) pending
- name: index-core
uses: antmicro/[email protected]
with:
repository_name: ${{ env.REPOSITORY_NAME }}
repository_url: ${{ env.REPOSITORY_URL }}
repository_branch: ${{ env.REPOSITORY_BRANCH }}
repository_revision: ${{ env.REPOSITORY_REV }}
- uses: actions/download-artifact@v3
id: download-artifact
with:
name: server-files
- name: Extract artifacts .tar archive
run: |
ls -al
mkdir artifacts
tar -xf server-files-${{ env.REPOSITORY_NAME }}.tar -C artifacts
- name: Build container image
run: docker build --tag $IMAGE:${{ env.REPOSITORY_NAME }} .
- name: Login to GitHub Container Registry (GHCR)
if: github.event_name != 'pull_request' && github.repository == 'antmicro/verible-indexer'
uses: docker/login-action@v2
with:
registry: ghcr.io
username: gha
password: ${{ github.token }}
- name: Push container image to GitHub Container Registry (GHCR)
if: github.event_name != 'pull_request' && github.repository == 'antmicro/verible-indexer'
run: docker push $IMAGE:${{ env.REPOSITORY_NAME }}
- name: Update commit status to build result
if: always() && ${{ needs.update-revisions.outputs.do_update }}
run: ./set-status ${{ secrets.GITHUB_TOKEN }} $(git rev-parse HEAD) ${{ job.status }}
setup-default-service:
needs: update-revisions
if: >-
( needs.update-revisions.outputs.do_update != 'False' &&
github.event_name != 'pull_request' &&
github.repository == 'antmicro/verible-indexer' )
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
env:
GCR: ${{ secrets.GCR }}
APP_ENGINE_PROJECT: ${{ secrets.APP_ENGINE_PROJECT }}
DEFAULT_SERVICE_IMAGE_NAME: ${{ secrets.DEFAULT_SERVICE_IMAGE_NAME }}
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- id: gcp-auth
name: GCP Authentcation
uses: google-github-actions/auth@v1
with:
service_account: ${{ secrets.GCP_SA }}
workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
cleanup_credentials: true
create_credentials_file: true
export_environment_variables: false
- name: Setup gcloud
uses: google-github-actions/setup-gcloud@v1
env:
GOOGLE_GHA_CREDS_PATH: ${{ steps.gcp-auth.outputs.credentials_file_path }}
with:
project_id: ${{ secrets.APP_ENGINE_PROJECT }}
version: '>= 363.0.0'
- name: Check default service
id: check-default
run: echo "service-exists=$(gcloud app services list | grep default | wc -l)" >> "$GITHUB_OUTPUT"
- name: Authenticate docker
if: ${{ steps.check-default.outputs.service-exists == 0 }}
run: |
gcloud auth configure-docker
- name: Build default service
if: ${{ steps.check-default.outputs.service-exists == 0 }}
run: docker build -t $GCR/$DEFAULT_SERVICE_IMAGE_NAME service
- name: Push image to Google Container Registry (GCR)
if: ${{ steps.check-default.outputs.service-exists == 0 }}
run: docker push $GCR/$DEFAULT_SERVICE_IMAGE_NAME
- name: Create default service
if: ${{ steps.check-default.outputs.service-exists == 0 }}
run: gcloud app deploy service/app.yaml --quiet --project $APP_ENGINE_PROJECT --image-url=$GCR/$DEFAULT_SERVICE_IMAGE_NAME --version=v1
- name: Stop deafult service
if: ${{ steps.check-default.outputs.service-exists == 0 }}
run: gcloud app versions stop v1 --quiet --project $APP_ENGINE_PROJECT --service=default
deploy-to-gcp:
needs: [ index-cores, setup-default-service, update-revisions ]
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
strategy:
matrix: ${{ fromJson( needs.update-revisions.outputs.update_deps ) }}
env:
REPOSITORY_NAME: ${{ matrix.cores.repository_name }}
APP_ENGINE_PROJECT: ${{ secrets.APP_ENGINE_PROJECT }}
GCR: ${{ secrets.GCR }}
IMAGE: ${{ secrets.IMAGE }}
IMAGE_NAME: ${{ secrets.IMAGE_NAME }}
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- id: gcp-auth
name: GCP Authentcation
uses: google-github-actions/auth@v1
with:
service_account: ${{ secrets.GCP_SA }}
workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
cleanup_credentials: true
create_credentials_file: true
export_environment_variables: false
- name: Setup gcloud
uses: google-github-actions/setup-gcloud@v1
env:
GOOGLE_GHA_CREDS_PATH: ${{ steps.gcp-auth.outputs.credentials_file_path }}
with:
project_id: ${{ secrets.APP_ENGINE_PROJECT }}
version: '>= 363.0.0'
- name: Authenticate docker
run: |
gcloud auth configure-docker
- name: Push container image to Google Container Registry (GCR)
run: |
docker pull $IMAGE:$REPOSITORY_NAME
docker tag $IMAGE:$REPOSITORY_NAME $GCR/$IMAGE_NAME:$REPOSITORY_NAME
docker push $GCR/$IMAGE_NAME:$REPOSITORY_NAME
- name: Set service name
run: |
echo "service: $(echo ${REPOSITORY_NAME//_/-} | tr '[:upper:]' '[:lower:]')" >> service/app.yaml
- name: Deploy App Engine's service
run: gcloud app deploy service/app.yaml --quiet --project $APP_ENGINE_PROJECT --image-url $GCR/$IMAGE_NAME:$REPOSITORY_NAME --version v1 --promote
gcr-cleaner:
needs: [ deploy-to-gcp ]
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
env:
GCR: ${{ secrets.GCR }}
IMAGE_NAME: ${{ secrets.IMAGE_NAME }}
KEEP_IMAGES: 10
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- id: gcp-auth
name: GCP Authentcation
uses: google-github-actions/auth@v1
with:
service_account: ${{ secrets.GCP_SA }}
workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
cleanup_credentials: true
create_credentials_file: true
export_environment_variables: false
- name: Setup gcloud
uses: google-github-actions/setup-gcloud@v1
env:
GOOGLE_GHA_CREDS_PATH: ${{ steps.gcp-auth.outputs.credentials_file_path }}
with:
project_id: ${{ secrets.APP_ENGINE_PROJECT }}
version: '>= 363.0.0'
- name: Remove old images from GCR
run: |
TAGGED_IMAGES=$(gcloud container images list-tags $GCR/$IMAGE_NAME --filter="tags:*" --format="get(digest)" | wc -l)
gcloud container images list-tags $GCR/$IMAGE_NAME --filter="NOT tags:*" --format="get(digest)" --sort-by="~timestamp" | tail -n +$(($KEEP_IMAGES * $TAGGED_IMAGES + 1)) | xargs -I _ gcloud container images delete --quiet $GCR/$IMAGE_NAME@_