name: Build and Push Docker Image on: push: branches: - main workflow_dispatch: env: BASE_DOMAIN: dataprovider01.sandbox-cat-dat.simpl-europe.eu jobs: build-and-push: runs-on: orchestration-platform defaults: run: shell: sh env: REGISTRY: gitea.${{ env.BASE_DOMAIN }} IMAGE_REPO: gitea.${{ env.BASE_DOMAIN }}/dataprovider01/template-code-location REPO_DIR: repo REPO_CLONE_URL: https://gitea.${{ env.BASE_DOMAIN }}/dataprovider01/template-code-location.git steps: - name: Checkout repository (shell) run: | CLONE_USER="${{ secrets.REGISTRY_USERNAME }}" CLONE_PASS="${{ secrets.REGISTRY_PASSWORD }}" REF_NAME="${GITHUB_REF_NAME}" if [ -z "${REF_NAME}" ]; then REF_NAME="${GITHUB_REF#refs/heads/}" fi if [ -z "${CLONE_USER}" ] || [ -z "${CLONE_PASS}" ]; then echo "Missing REGISTRY_USERNAME or REGISTRY_PASSWORD secret" exit 1 fi rm -rf "${REPO_DIR}" AUTH_HEADER="$(printf '%s:%s' "${CLONE_USER}" "${CLONE_PASS}" | base64 | tr -d '\n')" git clone --depth 1 --branch "${REF_NAME}" \ -c "http.extraHeader=Authorization: Basic ${AUTH_HEADER}" \ "${REPO_CLONE_URL}" \ "${REPO_DIR}" if [ ! -f "${REPO_DIR}/Dockerfile" ]; then echo "Dockerfile not found after clone" exit 1 fi - name: Validate registry secrets run: | if [ -z "${{ secrets.REGISTRY_USERNAME }}" ] || [ -z "${{ secrets.REGISTRY_PASSWORD }}" ]; then echo "Missing REGISTRY_USERNAME or REGISTRY_PASSWORD secret" exit 1 fi - name: Login to registry run: | echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "${REGISTRY}" \ -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin - name: Build image run: | COMMIT_SHA="${GITHUB_SHA:-$GITEA_SHA}" SHORT_SHA="$(echo "${COMMIT_SHA}" | cut -c1-12)" cd "${REPO_DIR}" docker build \ -t "${IMAGE_REPO}:latest" \ -t "${IMAGE_REPO}:${SHORT_SHA}" \ . - name: Validate Dagster runtime imports run: | COMMIT_SHA="${GITHUB_SHA:-$GITEA_SHA}" SHORT_SHA="$(echo "${COMMIT_SHA}" | cut -c1-12)" docker run --rm "${IMAGE_REPO}:${SHORT_SHA}" \ python -c "import dagster_postgres; print('dagster_postgres import OK')" - name: Push image tags run: | COMMIT_SHA="${GITHUB_SHA:-$GITEA_SHA}" SHORT_SHA="$(echo "${COMMIT_SHA}" | cut -c1-12)" docker push "${IMAGE_REPO}:latest" docker push "${IMAGE_REPO}:${SHORT_SHA}" # The automated update of the deployment requires a technical user with # their kube config in the secrets. See the user manual. # - name: Install kubectl # run: | # apk add --no-cache kubectl # - name: Setup kubectl # run: | # mkdir -p "${KUBE_CONFIG_DIR}" # echo "${{ secrets.KUBE_CONFIG_B64 }}" | base64 -d > "${KUBE_CONFIG_FILE}" # chmod 600 "${KUBE_CONFIG_FILE}" # - name: Update Dagster user deployment image # run: | # COMMIT_SHA="${GITHUB_SHA:-$GITEA_SHA}" # SHORT_SHA="$(echo "${COMMIT_SHA}" | cut -c1-12)" # # Keep both the code server image and DAGSTER_CURRENT_IMAGE in sync. # kubectl patch deployment "${DEPLOYMENT_NAME}" \ # -n "${K8S_NAMESPACE}" \ # --type='strategic' \ # -p="{\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\":\"dagster-user-deployments\",\"image\":\"${IMAGE_REPO}:${SHORT_SHA}\",\"env\":[{\"name\":\"DAGSTER_CURRENT_IMAGE\",\"value\":\"${IMAGE_REPO}:${SHORT_SHA}\"}]}]}}}}" # # Wait for rollout to complete # kubectl rollout status deployment/"${DEPLOYMENT_NAME}" \ # -n "${K8S_NAMESPACE}" \ # --timeout=5m