Merge pull request #170 from datacite/fix-unsafe-redirect-error #85
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - "master" | |
| jobs: | |
| test: | |
| uses: ./.github/workflows/ci.yml | |
| secrets: inherit | |
| build: | |
| needs: test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: true | |
| tags: ${{ github.repository }}:latest | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache | |
| deploy: | |
| needs: [test, build] | |
| runs-on: ubuntu-latest | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Extract variables | |
| shell: bash | |
| run: | | |
| echo "::set-output name=BRANCH::$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//_/g')" | |
| echo "::set-output name=TAG::$(git tag --points-at HEAD)" | |
| echo "::set-output name=GIT_SHA::$(git rev-parse HEAD)" | |
| echo "::set-output name=GIT_SHA_SHORT::$(git rev-parse --short HEAD)" | |
| echo "::set-output name=MESSAGE::$(git log --format=%B -n 1 ${{ github.event.after }})" | |
| id: extract_variables | |
| - name: Checkout terraform config repo | |
| uses: actions/checkout@v2 | |
| with: | |
| # public repo with terraform configuration | |
| repository: 'datacite/mastino' | |
| persist-credentials: false | |
| - name: Commit changes to terraform config repository | |
| # use go template in terraform config repository to update git sha and tag | |
| # commit and push changes to trigger terraform workflow | |
| run: | | |
| export GIT_SHA=${{ steps.extract_variables.outputs.GIT_SHA_SHORT }} | |
| export GIT_TAG=${{ steps.extract_variables.outputs.GIT_TAG }} | |
| wget https://github.com/jwilder/dockerize/releases/download/v0.6.0/dockerize-linux-amd64-v0.6.0.tar.gz | |
| tar -xzvf dockerize-linux-amd64-v0.6.0.tar.gz | |
| rm dockerize-linux-amd64-v0.6.0.tar.gz | |
| ./dockerize -template stage/services/profiles/_volpino.auto.tfvars.tmpl:stage/services/profiles/_volpino.auto.tfvars | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "GitHub Action" | |
| git add stage/services/profiles/_volpino.auto.tfvars | |
| git commit -m "Adding volpino git variables for commit ${{ steps.extract_variables.outputs.GIT_SHA }}" | |
| - name: Push changes | |
| uses: ad-m/[email protected] | |
| with: | |
| github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| repository: 'datacite/mastino' | |
| branch: 'refs/heads/master' | |
| tags: false | |
| - name: Notify Slack | |
| uses: edge/simple-slack-notify@master | |
| with: | |
| channel: '#ops' | |
| color: 'good' | |
| text: 'A new version of the <https://profiles.stage.datacite.org|Profiles Service> is been deployed to stage.' | |
| failure_text: '${env.GITHUB_WORKFLOW} (${env.GITHUB_RUN_NUMBER}) build failed' | |
| fields: | | |
| [{ "title": "Commit message", "value": "${{ steps.extract_variables.outputs.MESSAGE }}" }, | |
| { "title": "Committed by", "value": "<https://github.com/${{ github.repository }}/commits?author=${{ github.actor }}|${{ github.actor }}>", "short": true }, | |
| { "title": "Commit SHA", "value": "<https://github.com/${{ github.repository }}/commit/${{ steps.extract_variables.outputs.GIT_SHA }}|${{ steps.extract_variables.outputs.GIT_SHA_SHORT }}>", "short": true }, | |
| { "title": "Repository", "value": "<https://github.com/${{ github.repository }}|${{ github.repository }}>", "short": true }, | |
| { "title": "Branch", "value": "<https://github.com/${{ github.repository }}/tree/${{ steps.extract_variables.outputs.BRANCH }}|${{ steps.extract_variables.outputs.BRANCH }}>", "short": true }] |