Skip to content

feat: add service pipeline#82

Merged
swibrow merged 3 commits into
mainfrom
service-pipeline
Feb 16, 2026
Merged

feat: add service pipeline#82
swibrow merged 3 commits into
mainfrom
service-pipeline

Conversation

@swibrow
Copy link
Copy Markdown
Contributor

@swibrow swibrow commented Jan 30, 2026
edited
Loading

Description

Adds a new reusable service-pipeline.yaml workflow — an end-to-end build and release pipeline for containerized services. It builds a Docker image, pushes to ECR across multiple AWS environments (via matrix config), creates a GitHub release using semantic-release, and optionally sends a Slack notification.

Features

  • Language agnostic — works with any language via Dockerfile
  • Docker build secrets (docker_secrets) — mount secrets during build for private registry access (npm tokens, pip credentials, etc.)
  • Custom build arguments (docker_build_args) — pass additional build args beyond the built-in VERSION, BUILD_DATE, VCS_REF
  • Multi-environment push — builds once, pushes to multiple AWS accounts/regions via a YAML matrix config
  • Semantic release integration — dry-run detection before push, automatic version tagging
  • PR tagging — automatic pr-<number> image tags on pull requests
  • Slack notifications — optional release notifications with service/version details
  • Docker layer caching — via GitHub Actions cache
  • Concurrency control — per service and branch

New inputs

Input Description
service_name Name of the service / ECR repository
service_path Path to service directory containing the Dockerfile
dockerfile_path Path to the Dockerfile relative to service_path
config_path Path to the matrix config file with AWS environments
docker_build_args Additional Docker build arguments (newline-separated KEY=VALUE)
slack_channel Slack channel ID for release notifications
app_id GitHub App ID for semantic-release authentication

New secrets

Secret Description
docker_secrets Docker build secrets for --mount=type=secret usage
slack_bot_token Slack bot token for notifications
app_private_key GitHub App private key for semantic-release

Motivation and Context

Provides a standardised, opinionated pipeline for containerized services so teams don't have to compose docker-build + docker-push-ecr + gh-release + Slack notification workflows manually.

Breaking Changes

None — this is a new workflow.

How Has This Been Tested?

  • I have updated at least one of the .github/workflows/_test-*.yaml to demonstrate and validate my change(s)
    • _test-service-pipeline.yaml includes: build stage test, setup/config test, and a build-with-secrets test (verifies secret mounting and custom build args)
    • tests/service-pipeline/secrets.Dockerfile exercises --mount=type=secret and ARG usage
  • I have executed pre-commit run -a on my pull request
  • I have executed make gen_docs_run on my pull request

Github Conventional Commit Release

https://dnd-it.github.io/github-workflows/workflows/gh-release/

@github-actions github-actions Bot added the documentation Improvements or additions to documentation label Jan 30, 2026
@swibrow swibrow force-pushed the service-pipeline branch 5 times, most recently from 4bc9e08 to f353490 Compare January 30, 2026 14:36
@github-actions github-actions Bot added the gitops label Feb 5, 2026
@swibrow swibrow merged commit 2a86b14 into main Feb 16, 2026
9 checks passed
@swibrow swibrow deleted the service-pipeline branch February 16, 2026 15:11
tamedia-fission Bot pushed a commit that referenced this pull request Feb 16, 2026
@semantic-release-bot
chore(release): 3.19.0 [skip ci]
f792fe5 
## [3.19.0](v3.18.0...v3.19.0) (2026-02-16)

### ✨ Features

* add service pipeline ([#82](#82)) ([2a86b14](2a86b14))
@tamedia-fission
Copy link
Copy Markdown

tamedia-fission Bot commented Feb 16, 2026

🎉 This PR is included in version 3.19.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation gitops released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@swibrow