Skip to content

Release

Release #5

Workflow file for this run

name: Release
on:
push:
branches: [main]
tags: ['v*']
workflow_dispatch:
# Required for keyless auth to GCP via Workload Identity Federation.
permissions:
contents: read
id-token: write
jobs:
release:
runs-on: ubuntu-latest
env:
IMAGE_REPO: ${{ vars.IMAGE_REPO }}
VERSION: ${{ github.ref_type == 'tag' && github.ref_name || format('sha-{0}', github.sha) }}
steps:
- uses: actions/checkout@v4
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: ${{ vars.GCP_WIF_PROVIDER }}
service_account: ${{ vars.GCP_DEPLOYER_SA }}
token_format: access_token
- name: Configure Docker for eu.gcr.io
run: gcloud auth configure-docker eu.gcr.io --quiet
- uses: docker/setup-buildx-action@v3
- name: Build and push image
uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
platforms: linux/amd64
push: true
tags: |
${{ env.IMAGE_REPO }}:${{ env.VERSION }}
${{ env.IMAGE_REPO }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Set up gke-gcloud-auth-plugin
uses: google-github-actions/setup-gcloud@v2
with:
install_components: gke-gcloud-auth-plugin
- name: Get GKE credentials
uses: google-github-actions/get-gke-credentials@v2
with:
cluster_name: ${{ vars.GKE_CLUSTER }}
location: ${{ vars.GKE_LOCATION }}
- name: Set up Helm
uses: azure/setup-helm@v4
with:
version: v3.16.2
- name: Helm release
run: |
helm upgrade --install ${{ vars.HELM_RELEASE }} \
./deploy/helm/eudi-wallet-compliance \
--namespace ${{ vars.HELM_NAMESPACE }} \
--set image.repository=${{ env.IMAGE_REPO }} \
--set image.tag=${{ env.VERSION }} \
--wait --timeout 5m