[pre-commit.ci] pre-commit autoupdate #139
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Workflow to build Docker image | |
| # Based on openshift.yml (excluding OpenShift deployment) | |
| name: "Run tests, build and push image" | |
| env: | |
| APP_NAME: "physrisk-api" | |
| IMAGE_REGISTRY: "quay.io/os-climate" | |
| IMAGE_TAGS: "" | |
| # yamllint disable-line rule:truthy | |
| on: | |
| # https://docs.github.com/en/actions/reference/events-that-trigger-workflows | |
| push | |
| # yamllint disable rule:line-length | |
| jobs: | |
| build: | |
| name: "Build and push to Quay" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "Check for required secrets" | |
| uses: actions/github-script@v4 | |
| with: | |
| script: | | |
| const secrets = { | |
| OSC_PHYSRISK_API_QUAY_USER: `${{ secrets.OSC_PHYSRISK_API_QUAY_USER }}`, | |
| OSC_PHYSRISK_API_QUAY_TOKEN: `${{ secrets.OSC_PHYSRISK_API_QUAY_TOKEN }}`, | |
| }; | |
| const missingSecrets = Object.entries(secrets).filter(([ name, value ]) => { | |
| if (value.length === 0) { | |
| core.error(`Secret "${name}" is not set`); | |
| return true; | |
| } | |
| core.info(`✔️ Secret "${name}" is set`); | |
| return false; | |
| }); | |
| if (missingSecrets.length > 0) { | |
| core.setFailed(`❌ At least one required secret is not set in the repository. \n` + | |
| "You can add it using:\n" + | |
| "GitHub UI: https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository \n" + | |
| "GitHub CLI: https://cli.github.com/manual/gh_secret_set \n" + | |
| "Also, refer to https://github.com/redhat-actions/oc-login#getting-started-with-the-action-or-see-example"); | |
| } | |
| else { | |
| core.info(`✅ All the required secrets are set`); | |
| } | |
| - name: "Check out repository" | |
| uses: actions/checkout@v2 | |
| - name: "Determine app name" | |
| if: env.APP_NAME == '' | |
| run: | | |
| APP_NAME=$(basename "${PWD}") | |
| echo "${APP_NAME}" | tee -a "${GITHUB_ENV}" | |
| - name: "Determine image tags" | |
| if: env.IMAGE_TAGS == '' | |
| run: | | |
| echo "IMAGE_TAGS=latest ${GITHUB_SHA::12}" | tee -a "${GITHUB_ENV}" | |
| # https://github.com/redhat-actions/buildah-build#readme | |
| - name: "Build from Dockerfile" | |
| id: build-image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| image: ${{ env.APP_NAME }} | |
| tags: ${{ env.IMAGE_TAGS }} | |
| # If you don't have a Dockerfile/Containerfile, refer to https://github.com/redhat-actions/buildah-build#scratch-build-inputs | |
| # Or, perform a source-to-image build using https://github.com/redhat-actions/s2i-build | |
| # Otherwise, point this to your Dockerfile/Containerfile relative to the repository root. | |
| dockerfiles: | | |
| ./Dockerfile | |
| # https://github.com/redhat-actions/push-to-registry#readme | |
| - name: "Push to registry" | |
| id: push-image | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| image: ${{ steps.build-image.outputs.image }} | |
| tags: ${{ steps.build-image.outputs.tags }} | |
| registry: ${{ env.IMAGE_REGISTRY }} | |
| username: ${{ secrets.OSC_PHYSRISK_API_QUAY_USER }} | |
| password: ${{ secrets.OSC_PHYSRISK_API_QUAY_TOKEN }} |