Integration with GitHub Actions in SourceCraft

SourceCraft CI/CD workflows support GitHub Actions.

GitHub Actions is GitHub's native CI/CD platform that enables you to create, set up, and run workflows to automate builds, testing, deployment, and other tasks within the software lifecycle as well as reuse these workflows across repositories.

You can integrate both custom and public GitHub Actions available in the GitHub Marketplace into your SourceCraft CI/CD workflows.

Note

To work with GitHub Actions in SourceCraft, you do not need to create a GitHub account or use the GitHub interface.

The example below shows a .sourcecraft/ci.yaml configuration file that describes the following steps:

Obtaining an IAM token for Yandex Cloud using a service connection.
Installing Docker Buildx in the worker environment using the Docker Setup Buildx GitHub Action.
Authenticating with Yandex Cloud Registry using the Docker Login GitHub Action and the Yandex Cloud IAM token.
Building a Docker image from the Dockerfile located at the repository root and pushing it to Cloud Registry using the Build and push Docker images GitHub Action.

tokens:
  # Token name (can be any).
  <token_name>:
    # Name of the service connection to Yandex Cloud
    service_connection: <service_connection_name>
    # Requested access scope:
    # org: All repositories
    # repo: Specific repository
    # ref: Branch or tag
    scope: repo

workflows:
  test-workflow:
    tasks:
      - name: test-gh-actions-task
        cubes:
          # The cube exchanges the SourceCraft token for the Yandex Cloud IAM token
          # and saves it to the `IAM_TOKEN` variable within the `outputs` section.
          - name: get-iam-token
            env:
              ID_TOKEN: ${{ tokens.<token_name>.id_token }}
              YC_SA_ID: ${{ tokens.<token_name>.service_account_id }}
            image: cr.yandex/sourcecraft/yc-iam:latest

          # The cube installs and configures the Docker Buildx utility.
          - name: setup-buildx
            action: docker/setup-buildx-action@v3.11.1

          # The cube authenticates with Yandex Cloud Registry 
          # using the IAM token.
          - name: login
            action: docker/login-action@v3.5.0
            with:
              registry: cr.yandex/<registry_ID>
              username: iam
              # Substitute to the `outputs` section the name of the IAM token cube,
              # e.g., `get-iam-token`.
              password: ${{ cubes.<IAM_token_cube_name>.outputs.IAM_TOKEN }}

          # The cube builds the Docker image from the Dockerfile and pushes it to the registry in
          # Cloud Registry.
          - name: build-and-push
            action: docker/build-push-action@v6.18.0
            with:
              context: .
              file: Dockerfile
              platforms: linux/amd64
              tags: |
                cr.yandex/<registry_ID>/image-name:latest
              push: true

on:
  push: test-workflow

Was the article helpful?

Service connections

Code Assistant

Integration with GitHub Actions in SourceCraft

See also

Was the article helpful?