Auto-Tag #39

Workflow file for this run

	name: Auto-Tag

	on:
	workflow_run:
	workflows: ["CI"]
	types:
	- completed

	jobs:
	auto-git-and-semver-tag:
	runs-on: ubuntu-latest
	if: ${{ github.ref == 'refs/heads/main' && github.event.workflow_run.conclusion == 'success' }}

	# Expose step outputs as job outputs
	outputs:
	new_tag: ${{ steps.run_git_auto_tag.outputs.new_tag }}

	steps:
	- uses: actions/github-script@v6
	id: get_pr_data
	with:
	script: \|
	return (
	await github.rest.repos.listPullRequestsAssociatedWithCommit({
	commit_sha: context.sha,
	owner: context.repo.owner,
	repo: context.repo.repo,
	})
	).data[0];

	- uses: actions/checkout@v4
	- uses: fregante/setup-git-user@v2
	- name: Determine new tag version
	id: run_git_auto_tag
	# User controlled input needs to be santitised beforehand e.g., by adding an
	# intermediate env var to prevent the workflow being exposed to a critical
	# command injection attack
	env:
	PR_BODY: '${{ fromJson(steps.get_pr_data.outputs.result).body }}'
	PR_NUMBER: '${{ fromJson(steps.get_pr_data.outputs.result).number }}'
	run: \|
	echo "Attempting to auto-tag merge commit"
	script_output=$(.github/auto-tag.sh "${PR_BODY}" "${PR_NUMBER}")
	if $? != 0; then
	exit 1
	fi
	script_output=$(echo "${script_output}" \| tail -n 1)
	echo "New tag version: ${script_output}"
	echo "new_tag=${script_output}" >> "$GITHUB_OUTPUT"

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/[email protected]

	- name: Docker pull, retag and push
	env:
	NEW_TAG: ${{ steps.run_git_auto_tag.outputs.new_tag }}
	DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	run: \|
	docker pull ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8}
	docker tag ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8} navigator-admin-backend:main-${GITHUB_SHA::8}
	.github/retag-and-push.sh navigator-admin-backend main-${GITHUB_SHA::8}

	- name: Create and push Git tag
	run: \|
	new_tag=${{ steps.run_git_auto_tag.outputs.new_tag }}
	new_version_num=${new_tag#v}
	git tag -a "${new_tag}" -m "Version ${new_version_num}"
	git push --tags origin "${new_tag}"

	semver-for-manually-created-tags:
	if: ${{ startsWith(github.ref, 'refs/tags/') }}
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: Docker pull, retag and push
	env:
	DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	run: \|
	docker pull ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8}
	docker tag ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8} navigator-admin-backend:main-${GITHUB_SHA::8}
	.github/retag-and-push.sh navigator-admin-backend main-${GITHUB_SHA::8}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Auto-Tag #39

Workflow file

Auto-Tag #39

Jobs

Run details

Workflow file for this run