diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index 6d3e7445..26680bd7 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -1,4 +1,4 @@ -name: 'Agora Docker build (no push)' +name: 'Agora build and push' on: workflow_dispatch: @@ -6,11 +6,12 @@ on: pull_request: jobs: - build-and-test: + build-and-push: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + - name: Git secrets setup run: | git clone https://github.com/awslabs/git-secrets.git ~/git-secrets @@ -18,18 +19,29 @@ jobs: git checkout ad82d68ee924906a0401dfd48de5057731a9bc84 sudo make install shell: bash + - name: Secrets check run: | sudo ln -s "$(which echo)" /usr/local/bin/say ./minnie-kenny.sh --force git secrets --scan-history shell: bash + - name: Setup JDK uses: actions/setup-java@v4 with: distribution: temurin java-version: 11 + - name: Bump the tag to a new version + uses: databiosphere/github-actions/actions/bumper@bumper-0.0.6 + id: tag + env: + DEFAULT_BUMP: patch + GITHUB_TOKEN: ${{ secrets.BROADBOT_TOKEN }} + RELEASE_BRANCHES: develop + WITH_V: true + - name: Build image run: | docker build -t agora . diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 00000000..8136ac9c --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,66 @@ +name: Tag +on: + workflow_dispatch: + workflow_call: + inputs: + ref: + description: "The branch, tag or SHA to checkout" + default: '' + required: false + type: string + dry-run: + description: "Determine the next version without tagging the branch. The workflow can use the outputs new_tag and tag in subsequent steps. Possible values are true and false (default)" + default: false + required: false + type: string + print-tag: + description: "Echo generated tag to console" + default: "true" + required: false + type: string + release-branches: + description: "Default branch (main, develop, etc)" + default: 'main' + required: false + type: string + outputs: + tag: + description: "The value of the latest tag after running this action" + value: ${{ jobs.tag-job.outputs.tag }} + new-tag: + description: "The value of the newly created tag" + value: ${{ jobs.tag-job.outputs.new-tag }} + secrets: + BROADBOT_TOKEN: + required: true + +jobs: + # On tag vs. new-tag. + # The new-tag is always the tag resulting from a bump to the original tag. + # However, the tag is by definition the value of the latest tag after running the action, + # which might not change if dry run is used, and remains same as the original tag. + tag-job: + runs-on: ubuntu-latest + outputs: + tag: ${{ steps.tag.outputs.tag }} + new-tag: ${{ steps.tag.outputs.new_tag }} + steps: + - name: Checkout current code + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + token: ${{ secrets.BROADBOT_TOKEN }} # this allows the push to succeed later + - name: Bump the tag to a new version + # https://github.com/DataBiosphere/github-actions/tree/master/actions/bumper + uses: databiosphere/github-actions/actions/bumper@bumper-0.3.0 + id: tag + env: + DEFAULT_BUMP: patch + GITHUB_TOKEN: ${{ secrets.BROADBOT_TOKEN }} + DRY_RUN: ${{ inputs.dry-run }} + RELEASE_BRANCHES: ${{ inputs.release-branches }} + WITH_V: true + - name: Echo generated tag to console + if: ${{ inputs.print-tag == 'true' }} + run: | + echo "Newly created version tag: '${{ steps.tag.outputs.new_tag }}'" \ No newline at end of file