chore(deps): update github actions digests #725
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Publish Changed Docker Images | |
| on: | |
| push: | |
| branches: [ 'main' ] | |
| pull_request: | |
| env: | |
| REGISTRY: ghcr.io | |
| NAMESPACED_REGISTRY: ghcr.io/apollographql/ci-utility-docker-images | |
| jobs: | |
| calculate-images-to-build: | |
| name: Calculate Images To Build | |
| runs-on: ubuntu-latest | |
| outputs: | |
| changed_dirs: ${{ steps.filter_config_directories.outputs.changed_dirs }} | |
| steps: | |
| - name: "Checkout repository" | |
| uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 | |
| - name: "Calculate changed files directories" | |
| id: calculate_changed_files | |
| uses: tj-actions/changed-files@abda8aa2d055f53806b6d35f984ea80315fab52b | |
| with: | |
| dir_names: true | |
| dir_names_exclude_current_dir: true | |
| json: true | |
| - name: "Filter out config directories" | |
| id: filter_config_directories | |
| run: | | |
| CHANGED_DIRS=$(echo "${{ steps.calculate_changed_files.outputs.all_changed_files }}" | jq -c '[.[] | select(. | startswith(".") | not)']) | |
| echo "changed_dirs=$CHANGED_DIRS" >> "$GITHUB_OUTPUT" | |
| build-and-push-images: | |
| name: Build and Push Docker Image | |
| if: ${{ needs.calculate-images-to-build.outputs.changed_dirs != '' && toJson(fromJson(needs.calculate-images-to-build.outputs.changed_dirs)) != '[]' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| needs: | |
| - calculate-images-to-build | |
| strategy: | |
| matrix: | |
| changed_dir: ${{ fromJSON(needs.calculate-images-to-build.outputs.changed_dirs ) }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 | |
| - name: Extract Details From config.yml | |
| id: extract_from_config_yaml | |
| uses: ./.github/actions/extract_details_from_config | |
| with: | |
| config_yaml_path: ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | |
| - name: Check Image to Build Does Not Already Exist | |
| run: | | |
| if docker manifest inspect ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.current_version }} > /dev/null; then | |
| echo "The tag "${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.current_version }}" already exists in the repository. Do you need to bump the version in the config.yml?" | |
| exit 1 | |
| fi | |
| - name: Calculate Version | |
| id: calculate_version | |
| run: | | |
| VERSION=${{ github.event_name == 'pull_request' && format('{0}-PR{1}.{2}', steps.extract_from_config_yaml.outputs.current_version, github.event.number, github.event.pull_request.head.sha) || steps.extract_from_config_yaml.outputs.current_version}} | |
| echo "version=$VERSION" >> "$GITHUB_OUTPUT" | |
| - name: Build Docker Image (${{ matrix.changed_dir }}) | |
| uses: ./.github/actions/build_docker_image | |
| with: | |
| image_description: ${{ steps.extract_from_config_yaml.outputs.description }} | |
| directory: ${{ github.workspace }}/${{ matrix.changed_dir }} | |
| image_name: ${{ matrix.changed_dir }} | |
| namespaced_image_registry: ${{ env.NAMESPACED_REGISTRY }} | |
| image_registry: ${{ env.REGISTRY }} | |
| platforms: ${{ steps.extract_from_config_yaml.outputs.platforms }} | |
| tags: | | |
| type=semver,pattern={{version}},value=v${{ steps.calculate_version.outputs.version }} | |
| type=sha,prefix= | |
| image_registry_password: ${{ secrets.GITHUB_TOKEN }} | |
| image_registry_username: ${{ github.actor }} | |
| wiz_client_secret: ${{ secrets.WIZ_CLIENT_SECRET }} | |
| wiz_client_id: ${{ secrets.WIZ_CLIENT_ID }} | |
| - name: Create Git Tag | |
| uses: mathieudutour/github-tag-action@9d35d648e836d5db77936aa35a3a5c7bc16092c8 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| default_bump: false | |
| default_prerelease_bump: false | |
| custom_tag: ${{ matrix.changed_dir }}/v${{ steps.calculate_version.outputs.version }} | |
| dry_run: ${{ github.event_name == 'pull_request' }} | |
| tag_prefix: "" | |
| - name: Create GitHub Release | |
| if: ${{ github.event_name != 'pull_request' }} | |
| uses: comnoco/create-release-action@6ac85b5a67d93e181c1a8f97072e2e3ffc582ec4 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ matrix.changed_dir }}/v${{ steps.calculate_version.outputs.version }} | |
| release_name: ${{ matrix.changed_dir }} - v${{ steps.calculate_version.outputs.version }} | |
| check-builds-all-completes: | |
| name: Docker Images Built & Pushed | |
| if: ${{ always() }} | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build-and-push-images | |
| steps: | |
| - run: | | |
| exit ${{ (contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) && 1 || 0 }} | |