diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..2ec797d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,26 @@ +# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json +version: 2 +updates: + # pip deps + - package-ecosystem: pip + target-branch: "master" + schedule: + interval: weekly + directory: / + commit-message: + prefix: "deps" + groups: + opentelemetry: + patterns: + - "opentelemetry*" + patch: + update-types: + - patch + + # github deps + - package-ecosystem: github-actions + schedule: + interval: weekly + commit-message: + prefix: "ci" + directory: "/" diff --git a/.github/workflows/build_and_push.yaml b/.github/workflows/build_and_push.yaml index db2a6b4..500d6d8 100644 --- a/.github/workflows/build_and_push.yaml +++ b/.github/workflows/build_and_push.yaml @@ -3,30 +3,56 @@ name: Build and push artifacts on: push: tags: - - 'v*' - + - "v*" workflow_dispatch: - inputs: - version: - required: true - type: string -env: - HELM_EXPERIMENTAL_OCI: 1 +jobs: + build_and_push: + runs-on: ubuntu-latest + steps: + - name: Artifactory Login + uses: MapColonies/shared-workflows/actions/artifactory-login@artifactory-login-v1.0.0 + with: + registry: ${{ secrets.ACR_URL }} + username: ${{ secrets.ACR_PUSH_USER }} + password: ${{ secrets.ACR_PUSH_TOKEN }} -permissions: - contents: write - pull-requests: write + - name: Build Docker Image + id: build + uses: MapColonies/shared-workflows/actions/build-docker@build-docker-v1.1.0 + with: + domain: raster + registry: ${{ secrets.ACR_URL }} -jobs: - build_and_push_docker: - uses: MapColonies/shared-workflows/.github/workflows/build-and-push-docker.yaml@v2 - secrets: inherit - with: - scope: raster - - build_and_push_helm: - uses: MapColonies/shared-workflows/.github/workflows/build-and-push-helm.yaml@v2 - secrets: inherit - with: - scope: raster + - name: Push Docker Image + uses: MapColonies/shared-workflows/actions/push-docker@push-docker-v1.0.1 + with: + image_name: ${{ steps.build.outputs.docker_image_full_name }} + image_tag: ${{ steps.build.outputs.docker_image_tag }} + + - name: Build and Push Helm Chart + uses: MapColonies/shared-workflows/actions/build-and-push-helm@build-and-push-helm-v1.0.1 + with: + context: ./helm + domain: raster + registry: ${{ secrets.ACR_URL }} + + - name: Update Artifacts File- Docker + uses: MapColonies/shared-workflows/actions/update-artifacts-file@update-artifacts-file-v1.1.1 + with: + domain: raster + artifact_name: ${{ github.event.repository.name }} + artifact_tag: ${{ github.ref_name }} + type: docker + registry: ${{ secrets.ACR_URL }} + github_token: ${{ secrets.GH_PAT }} + + - name: Update Artifacts File- Helm + uses: MapColonies/shared-workflows/actions/update-artifacts-file@update-artifacts-file-v1.1.1 + with: + domain: raster + artifact_name: ${{ github.event.repository.name }} + artifact_tag: ${{ github.ref_name }} + type: helm + registry: ${{ secrets.ACR_URL }} + github_token: ${{ secrets.GH_PAT }} diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml new file mode 100644 index 0000000..58959c6 --- /dev/null +++ b/.github/workflows/pull_request.yaml @@ -0,0 +1,26 @@ +name: Pull Request + +on: + pull_request: + branches: + - master + +jobs: + helm-lint: + name: Run Helm lint Check + runs-on: ubuntu-latest + + steps: + - name: Check out TS Project Git repository + uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Helm Lint Checks + uses: MapColonies/shared-workflows/actions/helm-lint@helm-lint-v1 + + build_docker_image: + runs-on: ubuntu-latest + steps: + - name: Build and Push Docker image + uses: docker/build-push-action@v6 diff --git a/.github/workflows/release-on-tag-push.yaml b/.github/workflows/release-on-tag-push.yaml deleted file mode 100644 index 17d9b20..0000000 --- a/.github/workflows/release-on-tag-push.yaml +++ /dev/null @@ -1,18 +0,0 @@ -name: "Publish release on tag push" - -on: - push: - tags: - - "v*" - -jobs: - publish_release: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Publish Release to Github - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml new file mode 100644 index 0000000..72eb772 --- /dev/null +++ b/.github/workflows/release-please.yml @@ -0,0 +1,18 @@ +on: + push: + branches: + - master + +permissions: + contents: write + pull-requests: write + +name: release-please + +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - uses: googleapis/release-please-action@v4 + with: + token: ${{ secrets.GH_PAT }} diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml deleted file mode 100644 index 96eaec7..0000000 --- a/.github/workflows/snyk.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: snyk - -# Controls when the action will run. -on: [pull_request] - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel -jobs: - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/node@master - continue-on-error: true - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..4fcfdf7 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "1.9.0" +} diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..d6fd2da --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,21 @@ +{ + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json", + "release-type": "node", + "include-component-in-tag": false, + "packages": { + ".": { + "extra-files": [ + { + "type": "yaml", + "path": "helm/Chart.yaml", + "jsonpath": "$.version" + }, + { + "type": "yaml", + "path": "helm/Chart.yaml", + "jsonpath": "$.appVersion" + } + ] + } + } +}