|
11 | 11 | build_and_deploy_stage: |
12 | 12 | runs-on: ubuntu-latest |
13 | 13 | permissions: |
14 | | - contents: write |
15 | 14 | packages: write |
16 | 15 | actions: write |
| 16 | + outputs: |
| 17 | + branch: ${{ steps.extract_branch.outputs.branch }} |
| 18 | + version: ${{ env.RELEASE_VERSION }} |
17 | 19 | steps: |
18 | 20 | - name: Checkout code |
19 | 21 | uses: actions/checkout@v4 |
@@ -80,25 +82,54 @@ jobs: |
80 | 82 | push: true |
81 | 83 | tags: ghcr.io/${{ env.REPO_LC }}:${{ env.RELEASE_VERSION }},ghcr.io/${{ env.REPO_LC }}:${{ env.COMMIT_SHA }} |
82 | 84 |
|
| 85 | + update_deployment: |
| 86 | + runs-on: ubuntu-latest |
| 87 | + needs: build_and_deploy_stage |
| 88 | + permissions: |
| 89 | + contents: write |
| 90 | + env: |
| 91 | + branch: ${{ needs.build_and_deploy_stage.outputs.branch }} |
| 92 | + version: ${{ needs.build_and_deploy_stage.outputs.version }} |
| 93 | + steps: |
| 94 | + - uses: actions/create-github-app-token@v2 |
| 95 | + id: app-token |
| 96 | + with: |
| 97 | + app-id: ${{ vars.APP_ID }} |
| 98 | + private-key: ${{ secrets.APP_PRIVATE_KEY }} |
| 99 | + permission-contents: write |
| 100 | + |
| 101 | + - name: Checkout code |
| 102 | + uses: actions/checkout@v4 |
| 103 | + with: |
| 104 | + token: ${{ steps.app-token.outputs.token }} |
| 105 | + fetch-depth: 0 |
| 106 | + fetch-tags: true |
| 107 | + |
83 | 108 | - name: 'Setup yq' |
84 | 109 | uses: dcarbone/install-yq-action@v1.3.1 |
85 | 110 | with: |
86 | 111 | version: 'v4.44.3' |
87 | 112 | force: true |
88 | 113 |
|
| 114 | + - name: Bump version in values/stage.yaml |
| 115 | + run: yq -i '.deployment.image.tag=strenv(version)' ./k8s/values/stage.yaml |
| 116 | + |
| 117 | + - name: Get GitHub App User ID |
| 118 | + id: get-user-id |
| 119 | + env: |
| 120 | + GH_TOKEN: ${{ steps.app-token.outputs.token }} |
| 121 | + run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" |
| 122 | + |
89 | 123 | - name: Initialize mandatory git config |
90 | 124 | run: | |
91 | | - git config --global user.name 'GitHub Actions' |
92 | | - git config --global user.email 'noreply@github.com' |
93 | | -
|
94 | | - - name: Bump version in values/stage.yaml |
95 | | - run: yq -i '.deployment.image.tag=strenv(RELEASE_VERSION)' ./k8s/values/stage.yaml |
| 125 | + git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]' |
| 126 | + git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com' |
96 | 127 |
|
97 | 128 | - name: Commit k8s values and push changes |
98 | 129 | env: |
99 | | - GITHUB_TOKEN: ${{ secrets.GREEN_ECOLUTION_PAT }} |
| 130 | + GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} |
100 | 131 | run: | |
101 | 132 | git add ./k8s/values/stage.yaml |
102 | | - git commit --message "chore: update stage image to version ${{ env.RELEASE_VERSION }}" \ |
| 133 | + git commit --message "chore: update stage image to version ${{ env.RELEASE_VERSION }} [skip ci]" \ |
103 | 134 | && git push origin ${{ steps.extract_branch.outputs.branch }} \ |
104 | 135 | || echo "No changes to commit" |
0 commit comments