Skip to content
Sandbox build and push latest

Sandbox build and push latest #44

Sign in to view logs

Sandbox build and push latest

Sandbox build and push latest #44

Workflow file for this run

.github/workflows/sandbox-build-push.yml at f40b1e8
name: Sandbox build and push latest
on:
workflow_run:
workflows: ["docker checker"]
branches: [develop]
types:
- completed
release:
types: [published]
env:
IMAGE_NAME: geoscienceaustralia/sandbox
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
set_dev_tags:
if: github.ref == 'refs/heads/develop'
&& github.event.workflow_run.conclusion == 'success'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build a new docker image with tag
id: tag-image
run: |
echo "TAG=dev$(git rev-parse --short HEAD)" \
>> $GITHUB_OUTPUT
outputs:
image_tag: ${{ steps.tag-image.outputs.TAG }}
set_release_tags:
if: github.ref_type == 'tag'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build a new docker image with tag
id: tag-image
run: |
echo "TAG=${{ github.ref_name }}" \
>> $GITHUB_OUTPUT
outputs:
image_tag: ${{ steps.tag-image.outputs.TAG }}
push_ecr:
name: Push image
if: ${{ always() && contains(join(needs.*.result, ','), 'success') }}
needs: [set_dev_tags, set_release_tags]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Get image tag
id: tag-image
run: |
# check if the tag string is empty
# tag = `dev_tag` if triggered by pr merged
# or `release_tag, stable` if triggered by release published
# or `dev_tag,release_tag, stable`, which should not happen given current workflow though
if [[ ! -z "${{ needs.set_dev_tags.outputs.image_tag }}" ]]; then \
tag="${{ needs.set_dev_tags.outputs.image_tag }}"; fi
if [[ ! -z "${{ needs.set_release_tags.outputs.image_tag }}" ]]; then \
if [[ ! -z $tag ]]; then \
tag=$tag",${{ needs.set_release_tags.outputs.image_tag }}"; else \
tag="${{ needs.set_release_tags.outputs.image_tag }}"; fi; \
tag=$tag",stable"; fi
echo "TAG=$tag" >> $GITHUB_OUTPUT
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::538673716275:role/github-actions-role
aws-region: ap-southeast-2
- name: Wait for tests to succeed
uses: lewagon/wait-on-check-action@v1.3.1
with:
ref: ${{ github.ref }}
running-workflow-name: 'Push image'
repo-token: ${{ secrets.GITHUB_TOKEN }}
wait-interval: 20
- name: Free disk space
run: |
sudo rm -rf /swapfile /usr/share/dotnet /usr/local/lib/android /opt/ghc /usr/local/share/boost "$AGENT_TOOLSDIRECTORY" || true
sudo apt purge aria2 ansible azure-cli shellcheck rpm xorriso zsync \
clang-6.0 lldb-6.0 lld-6.0 clang-format-6.0 clang-8 lldb-8 lld-8 clang-format-8 \
clang-9 lldb-9 lld-9 clangd-9 clang-format-9 dotnet-sdk-3.0 dotnet-sdk-3.1=3.1.101-1 \
esl-erlang firefox g++-8 g++-9 gfortran-8 gfortran-9 google-chrome-stable \
google-cloud-sdk ghc-8.0.2 ghc-8.2.2 ghc-8.4.4 ghc-8.6.2 ghc-8.6.3 ghc-8.6.4 \
ghc-8.6.5 ghc-8.8.1 ghc-8.8.2 ghc-8.8.3 ghc-8.10.1 cabal-install-2.0 cabal-install-2.2 \
cabal-install-2.4 cabal-install-3.0 cabal-install-3.2 heroku imagemagick \
libmagickcore-dev libmagickwand-dev libmagic-dev ant ant-optional kubectl \
mercurial apt-transport-https mono-complete mysql-client libmysqlclient-dev \
mysql-server mssql-tools unixodbc-dev yarn bazel chrpath libssl-dev libxft-dev \
libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev php7.1 php7.1-bcmath \
php7.1-bz2 php7.1-cgi php7.1-cli php7.1-common php7.1-curl php7.1-dba php7.1-dev \
php7.1-enchant php7.1-fpm php7.1-gd php7.1-gmp php7.1-imap php7.1-interbase php7.1-intl \
php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-mysql php7.1-odbc \
php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-readline php7.1-recode \
php7.1-snmp php7.1-soap php7.1-sqlite3 php7.1-sybase php7.1-tidy php7.1-xml \
php7.1-xmlrpc php7.1-xsl php7.1-zip php7.2 php7.2-bcmath php7.2-bz2 php7.2-cgi \
php7.2-cli php7.2-common php7.2-curl php7.2-dba php7.2-dev php7.2-enchant php7.2-fpm \
php7.2-gd php7.2-gmp php7.2-imap php7.2-interbase php7.2-intl php7.2-json php7.2-ldap \
php7.2-mbstring php7.2-mysql php7.2-odbc php7.2-opcache php7.2-pgsql php7.2-phpdbg \
php7.2-pspell php7.2-readline php7.2-recode php7.2-snmp php7.2-soap php7.2-sqlite3 \
php7.2-sybase php7.2-tidy php7.2-xml php7.2-xmlrpc php7.2-xsl php7.2-zip php7.3 \
php7.3-bcmath php7.3-bz2 php7.3-cgi php7.3-cli php7.3-common php7.3-curl php7.3-dba \
php7.3-dev php7.3-enchant php7.3-fpm php7.3-gd php7.3-gmp php7.3-imap php7.3-interbase \
php7.3-intl php7.3-json php7.3-ldap php7.3-mbstring php7.3-mysql php7.3-odbc \
php7.3-opcache php7.3-pgsql php7.3-phpdbg php7.3-pspell php7.3-readline php7.3-recode \
php7.3-snmp php7.3-soap php7.3-sqlite3 php7.3-sybase php7.3-tidy php7.3-xml \
php7.3-xmlrpc php7.3-xsl php7.3-zip php7.4 php7.4-bcmath php7.4-bz2 php7.4-cgi \
php7.4-cli php7.4-common php7.4-curl php7.4-dba php7.4-dev php7.4-enchant php7.4-fpm \
php7.4-gd php7.4-gmp php7.4-imap php7.4-interbase php7.4-intl php7.4-json php7.4-ldap \
php7.4-mbstring php7.4-mysql php7.4-odbc php7.4-opcache php7.4-pgsql php7.4-phpdbg \
php7.4-pspell php7.4-readline php7.4-snmp php7.4-soap php7.4-sqlite3 php7.4-sybase \
php7.4-tidy php7.4-xml php7.4-xmlrpc php7.4-xsl php7.4-zip php-amqp php-apcu \
php-igbinary php-memcache php-memcached php-mongodb php-redis php-xdebug \
php-zmq snmp pollinate libpq-dev postgresql-client powershell ruby-full \
sphinxsearch subversion mongodb-org -yq >/dev/null 2>&1 || true
sudo apt-get autoremove -y >/dev/null 2>&1 || true
sudo apt-get autoclean -y >/dev/null 2>&1 || true
sudo rm -rf ${GITHUB_WORKSPACE}/.git
- name: Push image to ECR
uses: whoan/docker-build-with-cache-action@master
with:
context: ./docker
registry: 538673716275.dkr.ecr.ap-southeast-2.amazonaws.com
image_name: ${{ env.IMAGE_NAME }}
image_tag: latest,${{ steps.tag-image.outputs.TAG }}
build_extra_args: '{"--build-arg": "UPDATE_VERSION=${{ steps.tag-image.outputs.TAG }}"}'