Merge origin/main into feature/better-auth - resolve ci.yml conflict

Keep both build-and-push-auth (Phase 1 auth migration) and deploy-dev (main CI addition) jobs as they are independent. Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-29 19:38:53 +00:00
parent 587d444773 b43ec1fb9b
commit d7a4086647
13 changed files with 1105 additions and 6 deletions
@@ -49,6 +49,8 @@ jobs:
  build-and-push:
    runs-on: runners-cartsnitch
    needs: [lint, test]
+    outputs:
+      calver_tag: ${{ steps.calver.outputs.version }}
    steps:
      - uses: actions/checkout@v4
        with:
@@ -71,12 +73,6 @@ jobs:
          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
          echo "CalVer tag: $VERSION"

-      - name: Log in to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
      - name: Log in to GHCR
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
        uses: docker/login-action@v3
@@ -103,6 +99,8 @@ jobs:
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          target: prod
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

      - name: Create git tag
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
@@ -160,3 +158,41 @@ jobs:
          push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
+
+  deploy-dev:
+    runs-on: runners-cartsnitch
+    needs: [build-and-push]
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    steps:
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ secrets.CARTSNITCH_APP_ID }}
+          private-key: ${{ secrets.CARTSNITCH_APP_PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+          repositories: infra
+
+      - name: Checkout infra repo
+        uses: actions/checkout@v4
+        with:
+          repository: cartsnitch/infra
+          token: ${{ steps.app-token.outputs.token }}
+          ref: main
+
+      - name: Install kubectl
+        uses: azure/setup-kubectl@v4
+
+      - name: Update dev overlay image tag
+        working-directory: apps/overlays/dev
+        run: |
+          kustomize edit set image ghcr.io/cartsnitch/cartsnitch:${{ needs.build-and-push.outputs.calver_tag }}
+
+      - name: Commit and push to infra
+        run: |
+          cd apps/overlays/dev
+          git config user.name "cartsnitch-ci[bot]"
+          git config user.email "cartsnitch-ci[bot]@users.noreply.github.com"
+          git add kustomization.yaml
+          git commit -m "ci(dev): update cartsnitch image to ${{ needs.build-and-push.outputs.calver_tag }}"
+          git push origin main