Merge branch 'production' into staging #367
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish Marxan Docker images | |
permissions: | |
id-token: write | |
contents: read | |
on: | |
push: | |
branches: | |
- 'main' | |
- 'staging' | |
paths: | |
- '.github/**' | |
- 'api/**' | |
- 'app/**' | |
- 'webshot/**' | |
workflow_dispatch: | |
inputs: | |
enable_maintenance_mode: | |
type: boolean | |
description: If maintenance mode should be enabled | |
default: false | |
waitForTest: | |
description: 'Set to "false" to skip waiting for tests to pass.' | |
required: true | |
default: 'true' | |
jobs: | |
wait_for_tests: | |
name: Wait for tests to finish running | |
if: ${{ github.event.inputs.enable_maintenance_mode != 'true' }} | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Wait for API tests to run | |
if: ${{ github.event.inputs.waitForTest == 'true' }} | |
uses: fountainhead/[email protected] | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
checkName: API Tests | |
ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
intervalSeconds: 20 | |
- name: Wait for Client tests to run | |
if: ${{ github.event.inputs.waitForTest == 'true' }} | |
uses: fountainhead/[email protected] | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
checkName: Client Tests | |
ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
intervalSeconds: 20 | |
push_api_to_registry: | |
name: Push API Docker image to Azure Container Registry | |
needs: wait_for_tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: 'Login via Azure CLI' | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Build and push image | |
uses: azure/docker-login@v1 | |
with: | |
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }} | |
username: ${{ secrets.REGISTRY_USERNAME }} | |
password: ${{ secrets.REGISTRY_PASSWORD }} | |
- run: | | |
docker build ./api -f api/api.Dockerfile \ | |
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api:${{ github.sha }} \ | |
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }} | |
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-api | |
push_geoprocessing_to_registry: | |
name: Push Geoprocessing Docker image to Azure Container Registry | |
needs: wait_for_tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: Login via Azure CLI | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Build and push image | |
uses: azure/docker-login@v1 | |
with: | |
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }} | |
username: ${{ secrets.REGISTRY_USERNAME }} | |
password: ${{ secrets.REGISTRY_PASSWORD }} | |
- run: | | |
docker build ./api -f api/geo.Dockerfile \ | |
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing:${{ github.sha }} \ | |
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }} | |
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-geoprocessing | |
push_client_to_registry: | |
name: Push Client Docker image to Azure Container Registry | |
if: ${{ github.event.inputs.enable_maintenance_mode == 'true' && always() || success() }} | |
needs: wait_for_tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: Login via Azure CLI | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Build and push image | |
uses: azure/docker-login@v1 | |
with: | |
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }} | |
username: ${{ secrets.REGISTRY_USERNAME }} | |
password: ${{ secrets.REGISTRY_PASSWORD }} | |
- run: | | |
docker build ./app \ | |
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client:${{ github.sha }} \ | |
-t ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client:${{ github.ref != 'refs/heads/main' && 'staging' || 'production' }} \ | |
--build-arg NEXT_PUBLIC_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_URL_STAGING || secrets.NEXT_PUBLIC_URL_PRODUCTION }} \ | |
--build-arg NEXT_PUBLIC_API_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_API_URL_STAGING || secrets.NEXT_PUBLIC_API_URL_PRODUCTION }} \ | |
--build-arg NEXTAUTH_URL=${{ github.ref != 'refs/heads/main' && secrets.NEXTAUTH_URL_STAGING || secrets.NEXTAUTH_URL_PRODUCTION }} \ | |
--build-arg NEXT_PUBLIC_FEATURE_FLAGS=${{ github.ref != 'refs/heads/main' && secrets.NEXT_PUBLIC_FEATURE_FLAGS_STAGING || secrets.NEXT_PUBLIC_FEATURE_FLAGS_PRODUCTION }} \ | |
--build-arg NEXT_PUBLIC_MAPBOX_API_TOKEN=${{ secrets.NEXT_PUBLIC_MAPBOX_API_TOKEN }} \ | |
--build-arg ENABLE_MAINTENANCE_MODE=${{ github.event.inputs.enable_maintenance_mode }} \ | |
--build-arg NEXT_PUBLIC_CONTACT_EMAIL=${{ secrets.NEXT_PUBLIC_CONTACT_EMAIL }} | |
docker push -a ${{ secrets.REGISTRY_LOGIN_SERVER }}/marxan-client |