-
Notifications
You must be signed in to change notification settings - Fork 1
143 lines (133 loc) · 5.49 KB
/
push.yaml
File metadata and controls
143 lines (133 loc) · 5.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: Build simple-container-com CLI
on:
workflow_dispatch:
push:
branches:
- 'main'
# allow only one concurrent build
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
permissions:
contents: write
jobs:
prepare:
name: Prepare build
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Get next version
uses: reecetech/version-increment@2023.10.2
id: version
with:
scheme: "calver"
increment: "patch"
use_api: "true"
build:
name: Build and release simple-container
runs-on: blacksmith-8vcpu-ubuntu-2204
needs: prepare
outputs:
cicd-bot-telegram-token: ${{ steps.prepare-secrets.outputs.cicd-bot-telegram-token }}
cicd-bot-telegram-chat-id: ${{ steps.prepare-secrets.outputs.cicd-bot-telegram-chat-id }}
steps:
- uses: actions/checkout@v4
- uses: fregante/setup-git-user@v2
- name: install sc tool (latest release)
shell: bash
run: |-
# Install latest SC release to get secrets for embeddings generation
curl -s "https://dist.simple-container.com/sc.sh" | bash
- name: prepare secrets for build
run: |
cat << EOF > ./.sc/cfg.default.yaml
${{ secrets.SC_CONFIG }}
EOF
cat << EOF > ./.sc/cfg.test.yaml
${{ secrets.SC_CONFIG }}
EOF
sc secrets reveal
- name: get openai key
id: get-openai-key
run: |
echo "openai-key=$(sc stack secret-get -s dist openai-api-key 2>/dev/null || echo '')" >> $GITHUB_OUTPUT
- name: prepare sc tool (rebuild)
shell: bash
env:
OPENAI_API_KEY: ${{ steps.get-openai-key.outputs.openai-key }}
run: |-
git remote set-url origin https://${{ secrets.GITHUB_TOKEN }}@github.com/simple-container-com/api.git
bash <(curl -Ls "https://welder.simple-container.com/welder.sh") run rebuild
- name: prepare additional secrets
id: prepare-secrets
run: |
echo "cicd-bot-telegram-token=$(${{ github.workspace }}/bin/sc stack secret-get -s dist cicd-bot-telegram-token)" >> $GITHUB_OUTPUT
echo "cicd-bot-telegram-chat-id=$(${{ github.workspace }}/bin/sc stack secret-get -s dist cicd-bot-telegram-chat-id)" >> $GITHUB_OUTPUT
- name: build sc tool
shell: bash
env:
VERSION: ${{ needs.prepare.outputs.version }}
run: |-
git remote set-url origin https://${{ secrets.GITHUB_TOKEN }}@github.com/simple-container-com/api.git
bash <(curl -Ls "https://welder.simple-container.com/welder.sh") make --timestamps
bash <(curl -Ls "https://welder.simple-container.com/welder.sh") docker build --push --timestamps
- name: publish sc tool
shell: bash
env:
VERSION: ${{ needs.prepare.outputs.version }}
run: |-
bash <(curl -Ls "https://welder.simple-container.com/welder.sh") deploy -e prod --timestamps
finalize:
name: Finalize build and deploy for ${{ needs.prepare.outputs.stack-name }}
runs-on: ubuntu-latest
if: ${{ always() }}
permissions:
contents: write
needs:
- prepare
- build
steps:
- uses: actions/checkout@v4
if: ${{ always() }}
- name: Extract git reference
id: extract_git_ref
if: ${{ always() }}
shell: bash
run: |-
cat <<'EOF' > /tmp/commit_message.txt
${{ github.event.head_commit.message || github.event.workflow_run.head_commit.message }}
EOF
message="$(cat /tmp/commit_message.txt | tr -d '\n')"
# Truncate message if too long for Telegram (max ~200 chars to leave room for other content)
if [ ${#message} -gt 200 ]; then
# Take first 80 chars and last 80 chars with separator
truncated_message="${message:0:80}...${message: -80}"
message="$truncated_message"
fi
echo "branch=$GITHUB_REF_NAME" >> $GITHUB_OUTPUT
echo "message=$message" >> $GITHUB_OUTPUT
echo "author=$GITHUB_ACTOR" >> $GITHUB_OUTPUT
echo "url=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> $GITHUB_OUTPUT
# Notify telegram
- uses: yanzay/notify-telegram@v0.1.0
if: ${{ success() && !contains(needs.*.result, 'failure') }}
continue-on-error: true
with:
chat: ${{ needs.build.outputs.cicd-bot-telegram-chat-id }}
token: ${{ needs.build.outputs.cicd-bot-telegram-token }}
status: ✅ success (${{ steps.extract_git_ref.outputs.branch }}) (v${{ needs.prepare.outputs.version }}) - ${{ steps.extract_git_ref.outputs.message }} by ${{ steps.extract_git_ref.outputs.author }}
- uses: yanzay/notify-telegram@v0.1.0
if: ${{ failure() || contains(needs.*.result, 'failure') }}
continue-on-error: true
with:
chat: ${{ needs.build.outputs.cicd-bot-telegram-chat-id }}
token: ${{ needs.build.outputs.cicd-bot-telegram-token }}
status: ❗ failure (${{ steps.extract_git_ref.outputs.branch }}) - ${{ steps.extract_git_ref.outputs.message }} by ${{ steps.extract_git_ref.outputs.author }}
- name: Build failed due to previously failed steps
id: fail_if_needed
if: ${{ failure() || contains(needs.*.result, 'failure') }}
shell: bash
run: |-
exit 1