Skip to content

chore: bump step-security/helm-gh-pages from 1.7.0 to 1.7.1 (#1512) #30

chore: bump step-security/helm-gh-pages from 1.7.0 to 1.7.1 (#1512)

chore: bump step-security/helm-gh-pages from 1.7.0 to 1.7.1 (#1512) #30

name: "ZXF: Release Docker Image"
on:
push:
tags:
- 'release/v[0-9]+.[0-9]+.[0-9]+-?*'
- 'v[0-9]+.[0-9]+.[0-9]+-?*'
workflow_dispatch:
inputs:
new-version:
description: "New Release Version (ie. 0.30.0):"
type: string
required: true
defaults:
run:
shell: bash
permissions:
id-token: write
contents: read
env:
LC_ALL: C.UTF-8
jobs:
prepare-release:
name: Release / Prepare
runs-on: mirror-node-linux-medium
outputs:
version: ${{ steps.extract.outputs.version }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Install Semantic Version Tools
run: |
echo "::group::Download SemVer Binary"
sudo curl -L -o /usr/local/bin/semver https://raw.githubusercontent.com/fsaintjacques/semver-tool/master/src/semver
echo "::endgroup::"
echo "::group::Change SemVer Binary Permissions"
sudo chmod -v +x /usr/local/bin/semver
echo "::endgroup::"
echo "::group::Show SemVer Binary Version Info"
semver --version
echo "::endgroup::"
- name: Validate Version
run: |
VALID_VERSION="$(semver validate "${{ inputs.new-version || github.ref_name }}")"
if [[ "${VALID_VERSION}" != "valid" ]]; then
echo "::error title=Version Error::The supplied new-version parameter of '${{ inputs.new_version || github.ref_name }}' is invalid and does not conform to the semantic versioning specifications."
exit 2
fi
- name: Extract Version
id: extract
run: |
RELEASE_VERSION="$(semver get release "${{ inputs.new-version || github.ref_name }}")"
PRERELEASE_VERSION="$(semver get prerel "${{ inputs.new-version || github.ref_name }}")"
FINAL_VERSION="${RELEASE_VERSION}"
[[ -n "${PRERELEASE_VERSION}" ]] && FINAL_VERSION="${RELEASE_VERSION}-${PRERELEASE_VERSION}"
echo "version=${FINAL_VERSION}" >>"${GITHUB_OUTPUT}"
deploy-docker-image:
name: Deploy / Docker / Image
runs-on: mirror-node-linux-medium
needs:
- prepare-release
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Checkout Code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install JSON Tools
run: |
if ! command -v jq >/dev/null 2>&1; then
echo "::group::Setup JQ Command"
sudo apt update
sudo apt install -y jq
echo "::endgroup::"
fi
JQ_VERSION="$(jq --version)"
if [[ "${JQ_VERSION}" != "jq-1.6" ]]; then
echo "::group::Updating JQ Version"
sudo apt update
sudo apt upgrade -y jq
echo "::endgroup::"
fi
if ! command -v tee >/dev/null 2>&1; then
echo "::group::Setup Tee Command"
sudo apt update
sudo apt install -y coreutils
echo "::endgroup::"
fi
echo "::group::Show JQ Version"
jq --version
echo "::endgroup::"
- name: Update Application Version
run: |
cat package.json | \
jq --arg version "${{ needs.prepare-release.outputs.version }}" '.version = $version' | \
tee package.json
- name: Setup NodeJS
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: 19
cache: npm
- name: Authenticate to Google Cloud
id: google-auth
uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: 'projects/101730247931/locations/global/workloadIdentityPools/hedera-registry-pool/providers/hedera-registry-gh-actions'
service_account: 'swirlds-automation@hedera-registry.iam.gserviceaccount.com'
token_format: access_token
- name: Setup Docker Buildx QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Authorize Docker
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: gcr.io
username: oauth2accesstoken
password: ${{ steps.google-auth.outputs.access_token }}
- name: Install Dependencies
run: npm ci
- name: Compile Code
run: npm run build
- name: Build and Push Image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
push: true
file: Dockerfile
context: .
platforms: |
linux/arm64
linux/amd64
tags: |
gcr.io/hedera-registry/hedera-mirror-node-explorer:${{ needs.prepare-release.outputs.version }}
gcr.io/hedera-registry/hedera-mirror-node-explorer:latest
- name: Render Job Summary
run: |
printf "### Published Docker Images\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| Image Name | Version | URL | Supported Architectures |\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| ---------- | ------- | --- | ----------------------- |\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| %s | %s | %s | %s |\n" \
"gcr.io/hedera-regsitry/hedera-mirror-node-explorer" \
"${{ needs.prepare-release.outputs.version }}" \
"[GCP Console](https://console.cloud.google.com/gcr/images/hedera-registry/global/hedera-mirror-node-explorer?project=hedera-registry)" \
"linux/amd64, linux/arm64" >> "${GITHUB_STEP_SUMMARY}"
printf "| %s | %s | %s | %s |\n" \
"gcr.io/hedera-regsitry/hedera-mirror-node-explorer" \
"latest" \
"[GCP Console](https://console.cloud.google.com/gcr/images/hedera-registry/global/hedera-mirror-node-explorer?project=hedera-registry)" \
"linux/amd64, linux/arm64" >> "${GITHUB_STEP_SUMMARY}"
printf "\n\n" >> "${GITHUB_STEP_SUMMARY}"