ci: include Dockerfile changes in image tag logic (#86)

* ci: include Dockerfile changes in image tag logic * ci: trigger build * ci: remove build trigger
dvsa · Apr 25, 2024 · def2ba5 · def2ba5
1 parent c746fea
commit def2ba5
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 19 deletions.
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -150,15 +150,15 @@ jobs:
       - id: api-version
         uses: ./.github/actions/get-app-version
         with:
-          project-path: app/api
+          project-path: app/api infra/docker/api
       - id: selfserve-version
         uses: ./.github/actions/get-app-version
         with:
-          project-path: app/selfserve
+          project-path: app/selfserve infra/docker/selfserve
       - id: internal-version
         uses: ./.github/actions/get-app-version
         with:
-          project-path: app/internal
+          project-path: app/internal infra/docker/internal
       - id: assets-version
         uses: ./.github/actions/get-app-version
         with:
@@ -238,7 +238,7 @@ jobs:
       project: ${{ matrix.project }}
       version: ${{ needs.get-version.outputs[matrix.project] }}
       app-artefact-name: ${{ matrix.project}}
-      should-upload-artefact-to-ecr: true
+      push: true
     permissions:
       contents: read
       id-token: write

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -140,15 +140,15 @@ jobs:
       - id: api-version
         uses: ./.github/actions/get-app-version
         with:
-          project-path: app/api
+          project-path: app/api infra/docker/api
       - id: selfserve-version
         uses: ./.github/actions/get-app-version
         with:
-          project-path: app/selfserve
+          project-path: app/selfserve infra/docker/selfserve
       - id: internal-version
         uses: ./.github/actions/get-app-version
         with:
-          project-path: app/internal
+          project-path: app/internal infra/docker/internal
       - id: assets-version
         uses: ./.github/actions/get-app-version
         with:
@@ -227,7 +227,7 @@ jobs:
       project: ${{ matrix.project }}
       version: ${{ needs.get-version.outputs[matrix.project] }}
       app-artefact-name: ${{ matrix.project}}
-      should-upload-artefact-to-ecr: false
+      push: false
     permissions:
       contents: read
       id-token: write

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
@@ -15,7 +15,7 @@ on:
       app-artefact-name:
         type: string
         required: true
-      should-upload-artefact-to-ecr:
+      push:
         type: boolean
         required: true
         default: false
@@ -28,7 +28,7 @@ env:
   WORKING_DIR: infra/docker/${{ inputs.project }}
   REGISTRY: 054614622558.dkr.ecr.eu-west-1.amazonaws.com
   REGISTRY_MIRROR: ghcr.io
-  AWS_OIDC_ROLE: ${{ vars[format('ACCOUNT_nonprod_TF_OIDC{0}_ROLE', (inputs.should-upload-artefact-to-ecr && '' || '_READONLY'))] || (inputs.should-upload-artefact-to-ecr && vars.TF_OIDC_ROLE || vars.TF_OIDC_READONLY_ROLE) }}
+  AWS_OIDC_ROLE: ${{ vars[format('ACCOUNT_nonprod_TF_OIDC{0}_ROLE', (inputs.push && '' || '_READONLY'))] || (inputs.push && vars.TF_OIDC_ROLE || vars.TF_OIDC_READONLY_ROLE) }}
   AWS_REGION: ${{ vars.TF_AWS_REGION }}
 
 jobs:
@@ -46,7 +46,7 @@ jobs:
           dockerfile: ${{ env.WORKING_DIR }}/Dockerfile
 
   build:
-    name: Build ${{ inputs.should-upload-artefact-to-ecr && 'and push to ECR' || '' }}
+    name: Build ${{ inputs.push && 'and push' || '' }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -75,51 +75,51 @@ jobs:
             type=raw,value=latest
 
       - name: Configure AWS credentials
-        if: ${{ inputs.should-upload-artefact-to-ecr }}
+        if: ${{ inputs.push }}
         uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: ${{ env.AWS_OIDC_ROLE }}
           aws-region: ${{ env.AWS_REGION }}
 
       - name: Login to ECR
-        if: ${{ inputs.should-upload-artefact-to-ecr }}
+        if: ${{ inputs.push }}
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
 
       - name: Login to GHCR
-        if: ${{ inputs.should-upload-artefact-to-ecr }}
+        if: ${{ inputs.push }}
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY_MIRROR }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Untag existing latest image in ECR
-        if: ${{ inputs.should-upload-artefact-to-ecr }}
+        if: ${{ inputs.push }}
         run: |
           aws ecr batch-delete-image --repository-name vol-app/${{ inputs.project }} --image-ids imageTag=latest
 
-      - name: Build ${{ inputs.should-upload-artefact-to-ecr && 'and push ' || '' }}Docker image
+      - name: Build ${{ inputs.push && 'and push ' || '' }}Docker image
         id: build-and-push
         uses: docker/build-push-action@v5
         with:
           context: ${{ env.WORKING_DIR }}
           platforms: linux/amd64,linux/arm64
-          push: ${{ inputs.should-upload-artefact-to-ecr }}
+          push: ${{ inputs.push }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
 
       - name: Setup Notation CLI
-        if: ${{ inputs.should-upload-artefact-to-ecr }}
+        if: ${{ inputs.push }}
         uses: notaryproject/notation-action/setup@v1
         with:
           version: "1.1.0"
 
       - name: Sign artefact
-        if: ${{ inputs.should-upload-artefact-to-ecr }}
+        if: ${{ inputs.push }}
         uses: notaryproject/notation-action/sign@v1
         with:
           plugin_name: com.amazonaws.signer.notation.plugin