Skip to content

Commit

Permalink
fix(github-actions): dependabot updates, add gar cleanup workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
vincejv committed Sep 1, 2023
1 parent 653dd1d commit f3b1ef8
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 2 deletions.
2 changes: 2 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ updates:
- "vincejv"
labels:
- "dependencies"
open-pull-requests-limit: 20

- package-ecosystem: "github-actions"
# Workflow files stored in the
Expand All @@ -22,3 +23,4 @@ updates:
labels:
- "dependencies"
- "ci-cd"
open-pull-requests-limit: 20
34 changes: 33 additions & 1 deletion .github/workflows/release-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -249,4 +249,36 @@ jobs:
if: ${{ always() && needs.pre_job.outputs.should_skip != 'true' && needs.deploy_to_cloud.outputs.artifact_version == '' }}
with:
message: |
❌ CI Build & Deployment failed, please check the [logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details
❌ CI Build & Deployment failed, please check the [logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details
gcr-cleaner:
name: Clean-up old artifact registry images
needs: deploy_to_cloud
runs-on: 'ubuntu-latest'
permissions:
contents: read
id-token: write
steps:
- name: Google Auth
id: gcp-auth
uses: google-github-actions/auth@v1
with:
token_format: 'access_token'
workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'

- name: Login to Google Docker Registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: 'oauth2accesstoken'
password: ${{ steps.gcp-auth.outputs.access_token }}

- name: Run GCR Cleaner
uses: docker://us-docker.pkg.dev/gcr-cleaner/gcr-cleaner/gcr-cleaner-cli
with:
args: >-
-repo=${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}
-tag-filter-any "."
-keep=1
-recursive=true
34 changes: 33 additions & 1 deletion .github/workflows/release-main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -254,4 +254,36 @@ jobs:
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
run: mvn -B deploy -Dlib-only -Prelease-for-oss
run: mvn -B deploy -Dlib-only -Prelease-for-oss

gcr-cleaner:
name: Clean-up old artifact registry images
needs: deploy_to_cloud
runs-on: 'ubuntu-latest'
permissions:
contents: read
id-token: write
steps:
- name: Google Auth
id: gcp-auth
uses: google-github-actions/auth@v1
with:
token_format: 'access_token'
workload_identity_provider: '${{ secrets.WIF_PROVIDER }}'
service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}'

- name: Login to Google Docker Registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: 'oauth2accesstoken'
password: ${{ steps.gcp-auth.outputs.access_token }}

- name: Run GCR Cleaner
uses: docker://us-docker.pkg.dev/gcr-cleaner/gcr-cleaner/gcr-cleaner-cli
with:
args: >-
-repo=${{ env.REGISTRY }}/${{ env.PROJECT_ID }}/${{ env.GHUB_REPO_NAME }}/${{ env.SERVICE }}
-tag-filter-any "."
-keep=1
-recursive=true

0 comments on commit f3b1ef8

Please sign in to comment.