Skip to content

Add a GitHub workflow

This section shows you how to set up a workflow that listens for the event you send from the application repository. When the workflow receives the event, it commits the new image tag to the infrastructure repository.

Step 1: Create metadata file

The IaC repository needs a metadata file to store the image tag and digest. Create a new file in the app-too-tikki directory of your IaC repository, this is where the state of the current image will be stored.

The initial values are not so important, we will update them automatically in the steps below.

repo-iac/environments/dev/app-too-tikki/__gp_config_app_image.auto.tfvars.json
{
  "main_container_image_digest": "sha256:2eb61545144b6c60eae0a7ae6d622cdd3bb205124f0054cbc3ad799516b67c1a",
  "main_container_image_tag": "sha-cbd6a43f973802a3dc60ed55ecf43f8a817bdd54"
}

Step 2: Create a new configuration file

In the repo-iac/.github/workflows/_config/dev/ folder, create a new configuration file for the receive-dispatch workflow:

repo-iac/.github/workflows/_config/dev/
ok pkg add receive-dispatch-event too-tikki_receive-dispatch-event

Step 3: Update the configuration file

Update the configuration file for the receive-dispatch-event workflow:

repo-iac/.github/workflows/_config/dev/too-tikki_receive-dispatch-event.yml
AppName: "too-tikki"
CreatePr: true
GpgSign: true
WorkingDirectory: "environments/dev/app-{{ .AppName }}"
ImageMetadataFile: "__gp_config_app_image.auto.tfvars.json"

Step 3: Install the receive-dispatch-event package

repo-iac/.github/workflows/_config/dev
ok pkg install ../..

Step 3: Verify

The IaC repository should now contain a new workflow file located at repo-iac/.github/workflows/_gp_too-tikki_pirates-dev_receive_dispatch_event.yml.

The outcome values from configure the workflow should now be able to be identified in the new workflow file.

Commit your files

At this stage it is a good idea to commit your files.

Step 3: Try to run the workflow

Try to run the chain of workflows by building a new image. The receiving workflow will try to commit the changes, but it will fail because you've not configured a PAT and GPG key yet. The next section covers how to do this.

Next step

Add PAT as a secret to the infrastructure repository.