Deploy to dev by @sebastian-quintero from develop #40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| run-name: Deploy to ${{ inputs.TARGET_ENVIRONMENT }} by @${{ github.actor }} from ${{ github.ref_name }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| TARGET_ENVIRONMENT: | |
| type: choice | |
| description: "The environment to release to (dev, staging, prod)" | |
| default: "dev" | |
| required: true | |
| options: | |
| - dev | |
| - staging | |
| - prod | |
| APPS: | |
| type: string | |
| description: "The apps to release with this format: `app-dir1=version1,app-dir2=version2`. E. g.: `knapsack-gosdk=v1.2.0,knapsack-java-ortools=v1.2.0`" | |
| required: true | |
| permissions: | |
| contents: read | |
| packages: read | |
| jobs: | |
| update_apps: | |
| if: ${{ inputs.APPS != '' }} | |
| runs-on: ubuntu-latest | |
| environment: ${{ inputs.TARGET_ENVIRONMENT || 'dev' }} | |
| env: | |
| BUCKET: ${{ secrets.S3_BUCKET }} | |
| FOLDER: ${{ secrets.S3_FOLDER }} | |
| MANIFEST: ${{ secrets.S3_MANIFEST }} | |
| ROLE: ${{ secrets.AWS_DEVTOOLS_ROLE }} | |
| REGION: ${{ secrets.AWS_REGION }} | |
| GH_TOKEN: ${{ github.token }} | |
| API_ENDPOINT: ${{ secrets.API_ENDPOINT }} | |
| CONSOLE_URL: ${{ secrets.CONSOLE_URL }} | |
| MARKETPLACE_API_KEY: ${{ secrets.MARKETPLACE_API_KEY }} | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - name: Configure git with the bot credentials | |
| run: | | |
| mkdir -p ~/.ssh | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
| ssh-add - <<< "${{ secrets.NEXTMVBOT_SSH_KEY }}" | |
| echo "${{ secrets.NEXTMVBOT_SIGNING_KEY }}" > ~/.ssh/signing.key | |
| chmod 600 ~/.ssh/signing.key | |
| git config --global user.name "nextmv-bot" | |
| git config --global user.email "tech+gh-nextmv-bot@nextmv.io" | |
| git config --global gpg.format ssh | |
| git config --global user.signingkey ~/.ssh/signing.key | |
| git clone git@github.com:nextmv-io/community-apps.git | |
| cd community-apps | |
| git fetch --all | |
| git checkout ${{ github.ref_name }} | |
| git pull | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install Python dependencies | |
| run: | | |
| pip install --upgrade pip | |
| pip install -r requirements.txt | |
| working-directory: ./community-apps/.nextmv | |
| - name: Set up AWS CLI | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.ROLE }} | |
| aws-region: ${{ env.REGION }} | |
| role-duration-seconds: 1200 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 21 | |
| cache: "maven" | |
| - name: Install Nextmv CLI | |
| run: | | |
| export NEXTMV_API_KEY=$MARKETPLACE_API_KEY | |
| export NEXTMV_BASE_URL=https://$API_ENDPOINT | |
| curl -sS "https://$CONSOLE_URL/install-cli.txt" | bash - | |
| - name: Set up Nextmv CLI | |
| run: | | |
| export PATH=$PATH:~/.nextmv # Make CLI available in non-interactive shell | |
| nextmv configure \ | |
| --api-key $MARKETPLACE_API_KEY \ | |
| -e $API_ENDPOINT | |
| nextmv activate | |
| nextmv sdk install | |
| - name: Upload apps and update manifest | |
| run: | | |
| export PATH=$PATH:~/.nextmv # Make CLI available in non-interactive shell | |
| python update_apps.py \ | |
| --apps "${{ inputs.APPS }}" \ | |
| --bucket "${{ env.BUCKET }}" \ | |
| --folder "${{ env.FOLDER }}" \ | |
| --manifest "${{ env.MANIFEST }}" | |
| working-directory: ./community-apps/.nextmv | |
| - name: Commit new versions | |
| if: ${{ github.ref_name == 'develop' && inputs.TARGET_ENVIRONMENT == 'prod' }} | |
| run: | | |
| git add */VERSION | |
| git commit -S -m "Bump app versions: ${{ inputs.APPS }}" | |
| git push | |
| working-directory: ./community-apps |