Test case update (#1427) #810
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # =============================================================== | |
| # βοΈ MCP Gateway βΈ Build, Cache & Deploy to IBM Code Engine | |
| # =============================================================== | |
| # | |
| # This workflow: | |
| # - Restores / updates a local **BuildKit layer cache** βοΈ | |
| # - Builds the Docker image from **Containerfile.lite** ποΈ | |
| # - Pushes the image to **IBM Container Registry (ICR)** π€ | |
| # - Creates / updates an **IBM Cloud Code Engine** app π | |
| # | |
| # --------------------------------------------------------------- | |
| # Required repository **secret** | |
| # --------------------------------------------------------------- | |
| # ββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ | |
| # β Secret name β Example value β | |
| # ββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββ€ | |
| # β IBM_CLOUD_API_KEY β abcdef-1234567890abcdef-1234567890 β | |
| # ββββββββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββ | |
| # | |
| # --------------------------------------------------------------- | |
| # Required repository **variables** | |
| # --------------------------------------------------------------- | |
| # ββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββ | |
| # β Variable name β Example value β | |
| # ββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββ€ | |
| # β IBM_CLOUD_REGION β us-south β | |
| # β REGISTRY_HOSTNAME β us.icr.io β | |
| # β ICR_NAMESPACE β myspace β | |
| # β APP_NAME β mcpgateway β | |
| # β CODE_ENGINE_PROJECT β my-ce-project β | |
| # β CODE_ENGINE_REGISTRY_SECRETβ my-registry-secret β | |
| # β CODE_ENGINE_PORT β "4444" β | |
| # ββββββββββββββββββββββββββββββ΄βββββββββββββββββββββββββββββββ | |
| # * Note: CODE_ENGINE_REGISTRY_SECRET is the name of the secret, | |
| # not the secret value. | |
| # Triggers: | |
| # - Every push to `main` | |
| # - Expects a secret called `mcpgateway-dev` in Code Engine. Ex: | |
| # ibmcloud ce secret create \ | |
| # --name mcpgateway-dev \ | |
| # --from-env-file .env | |
| # --------------------------------------------------------------- | |
| name: Deploy to IBM Code Engine | |
| on: | |
| push: | |
| branches: ["main"] | |
| # ----------------------------------------------------------------- | |
| # Minimal permissions (Principle of Least Privilege) | |
| # ----------------------------------------------------------------- | |
| permissions: | |
| contents: read | |
| # ----------------------------------------------------------------- | |
| # Global environment (secrets & variables) | |
| # ----------------------------------------------------------------- | |
| env: | |
| # Build metadata | |
| GITHUB_SHA: ${{ github.sha }} | |
| CACHE_DIR: /tmp/.buildx-cache # BuildKit layer cache dir | |
| # IBM Cloud region (variable) | |
| IBM_CLOUD_REGION: ${{ vars.IBM_CLOUD_REGION }} | |
| # Registry coordinates (variables) | |
| REGISTRY_HOSTNAME: ${{ vars.REGISTRY_HOSTNAME }} | |
| ICR_NAMESPACE: ${{ vars.ICR_NAMESPACE }} | |
| # Image / app naming (variables) | |
| IMAGE_NAME: ${{ vars.APP_NAME }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| # Code Engine deployment (variables) | |
| CODE_ENGINE_APP_NAME: ${{ vars.APP_NAME }} | |
| CODE_ENGINE_PROJECT: ${{ vars.CODE_ENGINE_PROJECT }} | |
| CODE_ENGINE_REGISTRY_SECRET: ${{ vars.CODE_ENGINE_REGISTRY_SECRET }} | |
| PORT: ${{ vars.CODE_ENGINE_PORT }} | |
| jobs: | |
| build-push-deploy: | |
| name: π Build, Cache, Push & Deploy | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| # ----------------------------------------------------------- | |
| # 0οΈβ£ Checkout repository | |
| # ----------------------------------------------------------- | |
| - name: β¬οΈ Checkout source | |
| uses: actions/checkout@v5 | |
| # ----------------------------------------------------------- | |
| # 1οΈβ£ Set up Docker Buildx | |
| # ----------------------------------------------------------- | |
| - name: π οΈ Set up Docker Buildx | |
| uses: docker/[email protected] | |
| # ----------------------------------------------------------- | |
| # 2οΈβ£ Restore BuildKit layer cache | |
| # ----------------------------------------------------------- | |
| - name: π Restore BuildKit cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ env.CACHE_DIR }} | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: ${{ runner.os }}-buildx- | |
| # ----------------------------------------------------------- | |
| # 3οΈβ£ Install IBM Cloud CLI + plugins & login | |
| # ----------------------------------------------------------- | |
| - name: π§° Install IBM Cloud CLI | |
| uses: IBM/actions-ibmcloud-cli@v1 | |
| with: | |
| api_key: ${{ secrets.IBM_CLOUD_API_KEY }} | |
| region: ${{ vars.IBM_CLOUD_REGION }} | |
| plugins: container-registry, code-engine | |
| # ----------------------------------------------------------- | |
| # 4οΈβ£ Authenticate to IBM Cloud Code Engine project | |
| # ----------------------------------------------------------- | |
| - name: π IBM Cloud Code Engine login | |
| run: | | |
| ibmcloud cr region-set "$IBM_CLOUD_REGION" | |
| ibmcloud cr login | |
| ibmcloud ce project select --name "$CODE_ENGINE_PROJECT" | |
| # ----------------------------------------------------------- | |
| # 5οΈβ£ Build & tag image (cache-aware) | |
| # ----------------------------------------------------------- | |
| - name: ποΈ Build Docker image (with cache) | |
| run: | | |
| docker buildx build \ | |
| --file Containerfile.lite \ | |
| --tag "$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$IMAGE_TAG" \ | |
| --cache-from type=local,src=${{ env.CACHE_DIR }} \ | |
| --cache-to type=local,dest=${{ env.CACHE_DIR }},mode=max \ | |
| --load \ | |
| . | |
| # ----------------------------------------------------------- | |
| # 6οΈβ£ Push image to IBM Container Registry | |
| # ----------------------------------------------------------- | |
| - name: π€ Push image to ICR | |
| run: | | |
| docker push "$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$IMAGE_TAG" | |
| # ----------------------------------------------------------- | |
| # 7οΈβ£ Deploy (create or update) Code Engine application | |
| # ----------------------------------------------------------- | |
| - name: π Deploy to Code Engine | |
| run: | | |
| if ibmcloud ce application get --name "$CODE_ENGINE_APP_NAME" > /dev/null 2>&1; then | |
| echo "π Updating existing application..." | |
| ibmcloud ce application update \ | |
| --name "$CODE_ENGINE_APP_NAME" \ | |
| --image "$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$IMAGE_TAG" \ | |
| --registry-secret "$CODE_ENGINE_REGISTRY_SECRET" \ | |
| --env-from-secret mcpgateway-dev \ | |
| --cpu 1 --memory 2G | |
| else | |
| echo "π Creating new application..." | |
| ibmcloud ce application create \ | |
| --name "$CODE_ENGINE_APP_NAME" \ | |
| --image "$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$IMAGE_TAG" \ | |
| --registry-secret "$CODE_ENGINE_REGISTRY_SECRET" \ | |
| --port "$PORT" \ | |
| --env-from-secret mcpgateway-dev \ | |
| --cpu 1 --memory 2G | |
| fi | |
| # ----------------------------------------------------------- | |
| # 8οΈβ£ Show deployment status | |
| # ----------------------------------------------------------- | |
| - name: π Display deployment status | |
| run: ibmcloud ce application get --name "$CODE_ENGINE_APP_NAME" |