From e29e15218e24a41ba6eb7c4dd46bb86e51198cb4 Mon Sep 17 00:00:00 2001 From: devthejo Date: Thu, 26 Jun 2025 09:03:22 +0200 Subject: [PATCH 1/5] fix: buildkit in gh --- .github/workflows/deactivate.yaml | 5 ++- .github/workflows/preproduction.yaml | 65 +++++++++++++++++++++------- .github/workflows/production.yaml | 42 ++++++++++++++++-- .github/workflows/review-auto.yaml | 48 ++++++++++++++++++-- .github/workflows/review.yaml | 48 ++++++++++++++++++-- .kontinuous/values.yaml | 8 +--- 6 files changed, 183 insertions(+), 33 deletions(-) diff --git a/.github/workflows/deactivate.yaml b/.github/workflows/deactivate.yaml index 9f6e3e230..100f0a7a5 100644 --- a/.github/workflows/deactivate.yaml +++ b/.github/workflows/deactivate.yaml @@ -18,6 +18,7 @@ on: - "!**-persist-**" jobs: - socialgouv: - uses: socialgouv/workflows/.github/workflows/use-ks-gh-deactivate.yaml@v1 + kontinuous: + name: "Deploy on Kubernetes 🐳" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-deactivate-atlas.yaml@v1 secrets: inherit diff --git a/.github/workflows/preproduction.yaml b/.github/workflows/preproduction.yaml index 0515cfad1..e69d3e0ce 100644 --- a/.github/workflows/preproduction.yaml +++ b/.github/workflows/preproduction.yaml @@ -1,17 +1,52 @@ -#name: 😎 PreProd -#on: -# workflow_dispatch: -# push: -# branches: -# - "master" -# - "main" +name: 😎 PreProd +on: + workflow_dispatch: + push: + branches: + - "master" + - "main" -#concurrency: -# cancel-in-progress: true -# group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} +concurrency: + cancel-in-progress: true + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} -#jobs: -# socialgouv: -# name: "🇫🇷 SocialGouv" -# uses: socialgouv/workflows/.github/workflows/use-ks-gh-preproduction.yaml@v1 -# secrets: inherit +jobs: + build-app: + environment: build-preproduction + outputs: + tags: ${{ steps.meta.outputs.tags }} + runs-on: ubuntu-latest + steps: + - name: ⏬ Checkout code repository + uses: actions/checkout@v4 + + - name: 📌 Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app + tags: | + type=sha,prefix=preprod-,format=long,priority=850 + type=sha,prefix=sha-,format=long,priority=890 + + - name: 📦 Build and push Docker image for app + uses: socialgouv/workflows/actions/buildkit@v1 + with: + context: "api" + dockerfile: "api/Dockerfile" + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + registry: "${{ vars.REGISTRY_URL }}" + registry-username: "${{ secrets.REGISTRY_USERNAME }}" + registry-password: "${{ secrets.REGISTRY_PASSWORD }}" + buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}" + buildkit-cert: "${{ secrets.BUILDKIT_CERT }}" + buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}" + buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }} + buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }} + + kontinuous: + needs: [build-app] + name: "Deploy on Kubernetes 🐳" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-preproduction-atlas.yaml@v1 + secrets: inherit diff --git a/.github/workflows/production.yaml b/.github/workflows/production.yaml index 3cae2d52a..0e5476c01 100644 --- a/.github/workflows/production.yaml +++ b/.github/workflows/production.yaml @@ -10,7 +10,43 @@ concurrency: group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} jobs: - socialgouv: - name: "🇫🇷 SocialGouv" - uses: socialgouv/workflows/.github/workflows/use-ks-gh-production.yaml@v1 + build-app: + environment: build-production + outputs: + tags: ${{ steps.meta.outputs.tags }} + runs-on: ubuntu-latest + steps: + - name: ⏬ Checkout code repository + uses: actions/checkout@v4 + + - name: 📌 Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app + tags: | + type=semver,pattern=v{{version}},priority=900 + type=sha,prefix=sha-,format=long,priority=890 + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }},priority=200 + + - name: 📦 Build and push Docker image for app + uses: socialgouv/workflows/actions/buildkit@v1 + with: + context: "api" + dockerfile: "api/Dockerfile" + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + registry: "${{ vars.REGISTRY_URL }}" + registry-username: "${{ secrets.REGISTRY_USERNAME }}" + registry-password: "${{ secrets.REGISTRY_PASSWORD }}" + buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}" + buildkit-cert: "${{ secrets.BUILDKIT_CERT }}" + buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}" + buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }} + buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }} + + kontinuous: + needs: [build-app] + name: "Deploy on Kubernetes 🐳" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-production-atlas.yaml@v1 secrets: inherit diff --git a/.github/workflows/review-auto.yaml b/.github/workflows/review-auto.yaml index 548cf4e01..e4fb1ff05 100644 --- a/.github/workflows/review-auto.yaml +++ b/.github/workflows/review-auto.yaml @@ -10,7 +10,49 @@ concurrency: group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} jobs: - socialgouv: - name: "🇫🇷 SocialGouv" - uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-auto.yaml@v1 + build-app: + environment: build-review-auto + outputs: + tags: ${{ steps.meta.outputs.tags }} + runs-on: ubuntu-latest + steps: + - name: ⏬ Checkout code repository + uses: actions/checkout@v4 + + - name: 📌 Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app + tags: | + type=sha,prefix=persist-,format=long,enable=${{ + github.ref_name == 'dev' || + github.ref_name == 'develop' || + github.ref_name == 'preprod' || + github.ref_name == 'main' || + github.ref_name == 'master' + }},priority=840 + type=sha,prefix=sha-,format=long,priority=890 + type=ref,event=branch,priority=600 + + - name: 📦 Build and push Docker image for app + uses: socialgouv/workflows/actions/buildkit@v1 + with: + context: "api" + dockerfile: "api/Dockerfile" + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + registry: "${{ vars.REGISTRY_URL }}" + registry-username: "${{ secrets.REGISTRY_USERNAME }}" + registry-password: "${{ secrets.REGISTRY_PASSWORD }}" + buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}" + buildkit-cert: "${{ secrets.BUILDKIT_CERT }}" + buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}" + buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }} + buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }} + + kontinuous: + needs: [build-app] + name: "Deploy on Kubernetes 🐳" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-auto-atlas.yaml@v1 secrets: inherit diff --git a/.github/workflows/review.yaml b/.github/workflows/review.yaml index 258abaf35..89996a2a9 100644 --- a/.github/workflows/review.yaml +++ b/.github/workflows/review.yaml @@ -13,7 +13,49 @@ concurrency: group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} jobs: - socialgouv: - name: "🇫🇷 SocialGouv" - uses: socialgouv/workflows/.github/workflows/use-ks-gh-review.yaml@v1 + build-app: + environment: build-review + outputs: + tags: ${{ steps.meta.outputs.tags }} + runs-on: ubuntu-latest + steps: + - name: ⏬ Checkout code repository + uses: actions/checkout@v4 + + - name: 📌 Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app + tags: | + type=sha,prefix=persist-,format=long,enable=${{ + github.ref_name == 'dev' || + github.ref_name == 'develop' || + github.ref_name == 'preprod' || + github.ref_name == 'main' || + github.ref_name == 'master' + }},priority=840 + type=sha,prefix=sha-,format=long,priority=890 + type=ref,event=branch,priority=600 + + - name: 📦 Build and push Docker image for app + uses: socialgouv/workflows/actions/buildkit@v1 + with: + context: "api" + dockerfile: "api/Dockerfile" + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + registry: "${{ vars.REGISTRY_URL }}" + registry-username: "${{ secrets.REGISTRY_USERNAME }}" + registry-password: "${{ secrets.REGISTRY_PASSWORD }}" + buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}" + buildkit-cert: "${{ secrets.BUILDKIT_CERT }}" + buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}" + buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }} + buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }} + + kontinuous: + needs: [build-app] + name: "Deploy on Kubernetes 🐳" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-atlas.yaml@v1 secrets: inherit diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index 3c06e8e79..5707a4ae5 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -1,7 +1,7 @@ # yaml-language-server: $schema=../../kontinuous/docs/values.schema.json app: - ~needs: [build-app, pg] + ~needs: [pg] containerPort: 3000 probesPath: /healthz envFrom: @@ -12,9 +12,3 @@ app: pg: ~chart: pg - -jobs: - runs: - build-app: - with: - context: api From 3369b42338c4fb8b0d1f157e27f1391697c6c60a Mon Sep 17 00:00:00 2001 From: devthejo Date: Thu, 26 Jun 2025 09:08:33 +0200 Subject: [PATCH 2/5] fix: buildkit in gh --- .github/workflows/preproduction.yaml | 2 +- .github/workflows/production.yaml | 2 +- .github/workflows/review-auto.yaml | 2 +- .github/workflows/review.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/preproduction.yaml b/.github/workflows/preproduction.yaml index e69d3e0ce..bf04d3a67 100644 --- a/.github/workflows/preproduction.yaml +++ b/.github/workflows/preproduction.yaml @@ -33,7 +33,7 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "api" - dockerfile: "api/Dockerfile" + dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" diff --git a/.github/workflows/production.yaml b/.github/workflows/production.yaml index 0e5476c01..c6c8caa21 100644 --- a/.github/workflows/production.yaml +++ b/.github/workflows/production.yaml @@ -33,7 +33,7 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "api" - dockerfile: "api/Dockerfile" + dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" diff --git a/.github/workflows/review-auto.yaml b/.github/workflows/review-auto.yaml index e4fb1ff05..bac056b44 100644 --- a/.github/workflows/review-auto.yaml +++ b/.github/workflows/review-auto.yaml @@ -39,7 +39,7 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "api" - dockerfile: "api/Dockerfile" + dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" diff --git a/.github/workflows/review.yaml b/.github/workflows/review.yaml index 89996a2a9..fa28e35cd 100644 --- a/.github/workflows/review.yaml +++ b/.github/workflows/review.yaml @@ -42,7 +42,7 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "api" - dockerfile: "api/Dockerfile" + dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" From c61d55fa18d59a283c2a1c5b4a47e099778c7da7 Mon Sep 17 00:00:00 2001 From: devthejo Date: Thu, 26 Jun 2025 09:32:28 +0200 Subject: [PATCH 3/5] fix: buildkit in gh --- .github/workflows/preproduction.yaml | 2 +- .github/workflows/production.yaml | 2 +- .github/workflows/review-auto.yaml | 2 +- .github/workflows/review.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/preproduction.yaml b/.github/workflows/preproduction.yaml index bf04d3a67..8d49ab8b4 100644 --- a/.github/workflows/preproduction.yaml +++ b/.github/workflows/preproduction.yaml @@ -32,7 +32,7 @@ jobs: - name: 📦 Build and push Docker image for app uses: socialgouv/workflows/actions/buildkit@v1 with: - context: "api" + context: "./api" dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/production.yaml b/.github/workflows/production.yaml index c6c8caa21..2bb847b27 100644 --- a/.github/workflows/production.yaml +++ b/.github/workflows/production.yaml @@ -32,7 +32,7 @@ jobs: - name: 📦 Build and push Docker image for app uses: socialgouv/workflows/actions/buildkit@v1 with: - context: "api" + context: "./api" dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/review-auto.yaml b/.github/workflows/review-auto.yaml index bac056b44..8f912265d 100644 --- a/.github/workflows/review-auto.yaml +++ b/.github/workflows/review-auto.yaml @@ -38,7 +38,7 @@ jobs: - name: 📦 Build and push Docker image for app uses: socialgouv/workflows/actions/buildkit@v1 with: - context: "api" + context: "./api" dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/review.yaml b/.github/workflows/review.yaml index fa28e35cd..d812a1944 100644 --- a/.github/workflows/review.yaml +++ b/.github/workflows/review.yaml @@ -41,7 +41,7 @@ jobs: - name: 📦 Build and push Docker image for app uses: socialgouv/workflows/actions/buildkit@v1 with: - context: "api" + context: "./api" dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 978d49a8d433d15f642c5e7cadd9c67b20fb30bf Mon Sep 17 00:00:00 2001 From: devthejo Date: Thu, 26 Jun 2025 09:45:18 +0200 Subject: [PATCH 4/5] chore: wip --- .github/workflows/preproduction.yaml | 1 - .github/workflows/production.yaml | 1 - .github/workflows/review-auto.yaml | 1 - .github/workflows/review.yaml | 1 - 4 files changed, 4 deletions(-) diff --git a/.github/workflows/preproduction.yaml b/.github/workflows/preproduction.yaml index 8d49ab8b4..27cf4a67a 100644 --- a/.github/workflows/preproduction.yaml +++ b/.github/workflows/preproduction.yaml @@ -33,7 +33,6 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "./api" - dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" diff --git a/.github/workflows/production.yaml b/.github/workflows/production.yaml index 2bb847b27..f3c7397d3 100644 --- a/.github/workflows/production.yaml +++ b/.github/workflows/production.yaml @@ -33,7 +33,6 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "./api" - dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" diff --git a/.github/workflows/review-auto.yaml b/.github/workflows/review-auto.yaml index 8f912265d..a3da7cea8 100644 --- a/.github/workflows/review-auto.yaml +++ b/.github/workflows/review-auto.yaml @@ -39,7 +39,6 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "./api" - dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" diff --git a/.github/workflows/review.yaml b/.github/workflows/review.yaml index d812a1944..97698024a 100644 --- a/.github/workflows/review.yaml +++ b/.github/workflows/review.yaml @@ -42,7 +42,6 @@ jobs: uses: socialgouv/workflows/actions/buildkit@v1 with: context: "./api" - dockerfile: "Dockerfile" tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} registry: "${{ vars.REGISTRY_URL }}" From 47ad3438eb9825f044c6770cb5beb9dc1eda3445 Mon Sep 17 00:00:00 2001 From: devthejo Date: Thu, 26 Jun 2025 09:50:23 +0200 Subject: [PATCH 5/5] chore: wip --- .socialgouv.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .socialgouv.yaml diff --git a/.socialgouv.yaml b/.socialgouv.yaml deleted file mode 100644 index e69de29bb..000000000