ai-workspace-services/accounts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce release traceability in deploy workflow

Browse Source
This commit is contained in:
Haitao Pan 2026-04-12 14:52:34 +08:00
parent 39ac3a1bde
commit 35316454b6
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/pipeline.yml vendored
View File

@ -195,6 +195,15 @@ jobs:
exit 1 exit 1
fi fi
- name: Guard Release Traceability Contract
working-directory: ${{ github.workspace }}/playbooks
run: |
set -euo pipefail
rg -n 'ACCOUNTS_IMAGE_REF' deploy_accounts_svc_plus.yml roles/vhosts/accounts_service >/dev/null
rg -n 'IMAGE=\{\{ accounts_service_image_ref \}\}|IMAGE: "\{\{ accounts_service_image_ref \}\}"' \
roles/vhosts/accounts_service >/dev/null
- name: Set Up Python - name: Set Up Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.0.0 uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.0.0
with: with:
@ -218,8 +227,6 @@ jobs:
working-directory: ${{ github.workspace }}/playbooks working-directory: ${{ github.workspace }}/playbooks
env: env:
ACCOUNTS_IMAGE_REF: ${{ steps.deploy_image.outputs.image_ref }} ACCOUNTS_IMAGE_REF: ${{ steps.deploy_image.outputs.image_ref }}
ACCOUNTS_IMAGE_REPO: ${{ steps.deploy_image.outputs.image_repo }}
ACCOUNTS_IMAGE_TAG: ${{ steps.deploy_image.outputs.image_tag }}
ACCOUNTS_PULL_IMAGE: "true" ACCOUNTS_PULL_IMAGE: "true"
run: | run: |
set -euo pipefail set -euo pipefail