jcoakley/dev1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed entrypoint
Some checks failed
ci/woodpecker/manual/woodpecker Pipeline failed
Details

Browse Source
This commit is contained in:
Josh 2025-09-12 15:42:41 +00:00
parent d5848a6494
commit e3ed1e3b13
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
.woodpecker.yml
View File

@ -6,11 +6,12 @@ name: prod-promotion
steps: steps:
- name: promote-tag-and-mirror - name: promote-tag-and-mirror
image: google/cloud-sdk:latest image: google/cloud-sdk:latest
entrypoint: [bash, -c] entrypoint:
commands: - bash
- -lc
- | - |
set -euo pipefail set -euo pipefail
if [ "x$PROMOTE" != "xprod" ]; then echo "⏭ Skipping (PROMOTE=$PROMOTE)"; exit 0; fi if [ "${PROMOTE:-}" != "prod" ]; then echo "⏭ Skipping (PROMOTE=$PROMOTE)"; exit 0; fi
# Dev is the single source of truth for IMG_TAG # Dev is the single source of truth for IMG_TAG
IMG_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)" IMG_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)"
@ -33,18 +34,18 @@ steps:
"$SRC_REF" "$DST_REF" "$SRC_REF" "$DST_REF"
done done
printf "%s" "$IMG_TAG" | gcloud secrets versions add IMG_TAG --data-file=- --project=aptivaai-prod >/dev/null printf '%s' "$IMG_TAG" | gcloud secrets versions add IMG_TAG --data-file=- --project=aptivaai-prod >/dev/null
echo "🏷 Promoted IMG_TAG=$IMG_TAG → aptivaai-prod" echo "🏷 Promoted IMG_TAG=$IMG_TAG → aptivaai-prod"
- name: verify-sync - name: verify-sync
depends_on: [promote-tag-and-mirror] depends_on: [promote-tag-and-mirror]
image: google/cloud-sdk:latest image: google/cloud-sdk:latest
entrypoint: [bash, -c] entrypoint:
commands: - bash
- -lc
- | - |
set -euo pipefail set -euo pipefail
if [ "x$PROMOTE" != "xprod" ]; then echo "⏭ Skipping (PROMOTE=$PROMOTE)"; exit 0; fi if [ "${PROMOTE:-}" != "prod" ]; then echo "⏭ Skipping (PROMOTE=$PROMOTE)"; exit 0; fi
IMG_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)" IMG_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)"
PROD_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-prod)" PROD_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-prod)"
@ -61,15 +62,15 @@ steps:
done done
echo "✅ Prod AR has all images at :$IMG_TAG" echo "✅ Prod AR has all images at :$IMG_TAG"
- name: security-scan - name: security-scan
depends_on: [verify-sync] depends_on: [verify-sync]
image: google/cloud-sdk:latest image: google/cloud-sdk:latest
entrypoint: [bash, -c] entrypoint:
commands: - bash
- -lc
- | - |
set -euo pipefail set -euo pipefail
if [ "x$PROMOTE" != "xprod" ]; then echo "⏭ Skipping (PROMOTE=$PROMOTE)"; exit 0; fi if [ "${PROMOTE:-}" != "prod" ]; then echo "⏭ Skipping (PROMOTE=$PROMOTE)"; exit 0; fi
IMG_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)" IMG_TAG="$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)"
REG="us-central1-docker.pkg.dev/aptivaai-prod/aptiva-repo" REG="us-central1-docker.pkg.dev/aptivaai-prod/aptiva-repo"
@ -88,7 +89,6 @@ steps:
--exit-code 1 --severity CRITICAL "$REF" --exit-code 1 --severity CRITICAL "$REF"
done done
- name: prod-deploy - name: prod-deploy
depends_on: [security-scan] depends_on: [security-scan]
image: google/cloud-sdk:latest image: google/cloud-sdk:latest