Auto-Tag and Release #3

Workflow file for this run

.github/workflows/tag-and-release.yml at 640913c

	name: Auto-Tag and Release

	on:
	workflow_run:
	workflows: ["CI"]
	types:
	- completed

	jobs:
	auto-git-tag-and-release:
	runs-on: ubuntu-latest
	if: ${{ github.ref == 'refs/heads/main' && github.event.workflow_run.conclusion == 'success' }}

	# Expose step outputs as job outputs
	outputs:
	new_tag: ${{ steps.determine_next_tag.outputs.new_tag }}

	steps:
	- uses: actions/github-script@v6
	id: get_pr_data
	with:
	script: \|
	return (
	await github.rest.repos.listPullRequestsAssociatedWithCommit({
	commit_sha: context.sha,
	owner: context.repo.owner,
	repo: context.repo.repo,
	})
	).data[0];

	- uses: actions/checkout@v4
	- uses: fregante/setup-git-user@v2
	- name: Determine new tag version
	id: determine_next_tag
	# User controlled input needs to be santitised beforehand e.g., by adding an
	# intermediate env var to prevent the workflow being exposed to a critical
	# command injection attack
	env:
	PR_BODY: '${{ fromJson(steps.get_pr_data.outputs.result).body }}'
	PR_NUMBER: '${{ fromJson(steps.get_pr_data.outputs.result).number }}'
	run: \|
	echo "Attempting to auto-tag merge commit"
	script_output=$(.github/auto-tag.sh "${PR_BODY}" "${PR_NUMBER}")
	if $? != 0; then
	exit 1
	fi
	new_tag=$(echo "${script_output}" \| tail -n 1)
	echo "New tag: ${new_tag}"
	echo "new_tag=${new_tag}" >> "$GITHUB_OUTPUT"

	- name: Create Git tag and release
	uses: marvinpinto/action-automatic-releases@latest
	with:
	repo_token: "${{ secrets.GITHUB_TOKEN }}"
	prerelease: false
	automatic_release_tag: ${{ steps.determine_next_tag.outputs.new_tag }}
	id: run_auto_tag_and_release


	semver-for-manually-created-tags:
	if: ${{ startsWith(github.ref, 'refs/tags/') }}
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: Docker pull, retag and push
	env:
	DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	run: \|
	docker pull ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8}
	docker tag ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8} navigator-admin-backend:main-${GITHUB_SHA::8}
	.github/retag-and-push.sh navigator-admin-backend main-${GITHUB_SHA::8}


	auto-semver:
	needs: auto-git-tag-and-release
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/[email protected]

	- name: Docker pull, retag and push
	env:
	NEW_TAG: ${{needs.auto-git-tag-and-release.outputs.new_tag}}
	DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	run: \|
	docker pull ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8}
	docker tag ${DOCKER_REGISTRY}/navigator-admin-backend:main-${GITHUB_SHA::8} navigator-admin-backend:main-${GITHUB_SHA::8}
	.github/retag-and-push.sh navigator-admin-backend main-${GITHUB_SHA::8}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Auto-Tag and Release #3

Workflow file

Auto-Tag and Release #3

Jobs

Run details

Workflow file for this run