Update GitHub Actions workflow to use GH_PAT secret instead of TOKEN
#5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Kustomize CI - Build and Push | |
| on: | |
| push: | |
| branches: | |
| - feature/** | |
| - development | |
| jobs: | |
| build-and-push: | |
| name: Build and Push Docker Image | |
| runs-on: ubuntu-latest | |
| env: | |
| IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/springboot-postgres | |
| IMAGE_TAG: ${{ needs.build-and-push.outputs.image-tag }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Build Spring Boot App | |
| working-directory: ./app | |
| run: ./mvnw clean package -DskipTests | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and Push Docker Image | |
| run: | | |
| COMMIT_SHA=$(echo "${{ github.sha }}" | cut -c1-7) | |
| BRANCH=$(echo "${GITHUB_REF#refs/heads/}" | tr '/' '-') | |
| TAG="${BRANCH}-${COMMIT_SHA}" | |
| docker build -t $IMAGE_NAME:$TAG ./app | |
| docker push $IMAGE_NAME:$TAG | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Update image tag in dev overlay | |
| run: | | |
| FILE="kustomize/overlays/dev/patch-deployment-image.yaml" | |
| echo "Updating $FILE with image: $IMAGE_NAME:$IMAGE_TAG" | |
| sed -i.bak -E "s|image:.*|image: ${IMAGE_NAME}:${IMAGE_TAG}|" "$FILE" | |
| - name: Commit and push changes | |
| env: | |
| TOKEN: ${{ secrets.GH_PAT }} | |
| IMAGE_TAG: ${{ env.IMAGE_TAG }} | |
| run: | | |
| git config --global user.name ${{ secrets.GIT_USER_EMAIL }} | |
| git config --global user.email ${{ secrets.GIT_USER_NAME }} | |
| git remote set-url origin https://x-access-token:${{ secrets.GH_PAT }}@github.com/${{ github.repository }}.git | |
| git add kustomize/overlays/dev/patch-deployment-image.yaml | |
| git commit -m "Update latest image tag to $IMAGE_TAG" | |
| git push | |
| # update-kustomize: | |
| # name: Update Kustomize Overlay | |
| # needs: build-and-push | |
| # runs-on: ubuntu-latest | |
| # env: | |
| # IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/springboot-postgres | |
| # IMAGE_TAG: ${{ needs.build-and-push.outputs.image-tag }} | |
| # steps: | |
| # - name: Checkout code | |
| # uses: actions/checkout@v4 | |
| # - name: Update image tag in dev overlay | |
| # run: | | |
| # FILE="kustomize/overlays/dev/patch-deployment-image.yaml" | |
| # echo "Updating $FILE with image: $IMAGE_NAME:$IMAGE_TAG" | |
| # sed -i.bak -E "s|image:.*|image: ${IMAGE_NAME}:${IMAGE_TAG}|" "$FILE" | |
| # - name: Commit and push changes | |
| # env: | |
| # TOKEN: ${{ secrets.GH_PAT }} | |
| # IMAGE_TAG: ${{ env.IMAGE_TAG }} | |
| # run: | | |
| # git config --global user.name ${{ secrets.GIT_USER_EMAIL }} | |
| # git config --global user.email ${{ secrets.GIT_USER_NAME }} | |
| # git remote set-url origin https://x-access-token:${TOKEN}@github.com/${{ github.repository }}.git | |
| # git add kustomize/overlays/dev/patch-deployment-image.yaml | |
| # git commit -m "Update latest image tag to $IMAGE_TAG" | |
| # git push |