fix app deployments #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Main | |
on: | |
workflow_dispatch: | |
push: | |
# todo: change to main after testing | |
branches: [chore/restructure-bicep-and-actions] | |
paths-ignore: | |
- "tests/k6/**" | |
# todo: maybe split into two workflows, one for backend and one for azure | |
jobs: | |
check-for-changes: | |
name: Check for changes | |
uses: ./.github/workflows/action-check-for-changes.yml | |
build-and-test: | |
name: Build and test backend | |
uses: ./.github/workflows/action-build-and-test.yml | |
needs: [check-for-changes] | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasBackendChanges != 'true' }} | |
publish: | |
name: Build and publish docker images | |
uses: ./.github/workflows/action-publish.yml | |
needs: [check-for-changes, build-and-test] | |
secrets: | |
GCR_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasBackendChanges != 'true' }} | |
dockerImageBaseName: ghcr.io/digdir/dialogporten- | |
deploy-infra-test: | |
name: Deploy infra to test | |
needs: [check-for-changes, publish] | |
# todo: test this out | |
# if: ${{ jobs.build-and-test.result == 'success' || jobs.blah.result == 'skipped' }} | |
uses: ./.github/workflows/action-deploy-infra.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} | |
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }} | |
environment: test | |
region: norwayeast | |
dryRun: true | |
deploy-apps-test: | |
name: Deploy apps to test | |
needs: [check-for-changes, deploy-infra-test] | |
uses: ./.github/workflows/action-deploy-apps.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
# todo: consider resolving these in another way since they are created in the infra-step | |
AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} | |
AZURE_ADO_CONNECTION_STRING_SECRET_URI: ${{ secrets.AZURE_ADO_CONNECTION_STRING_SECRET_URI }} | |
AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} | |
AZURE_CONTAINER_APP_ENVIRONMENT_ID: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_ID }} | |
AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }} | |
AZURE_APP_CONFIGURATION_NAME: ${{ secrets.AZURE_APP_CONFIGURATION_NAME }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }} | |
environment: test | |
region: norwayeast | |
skipApproval: true | |
# todo: change to false after testing | |
dryRun: true | |
deploy-slack-notifier-test: | |
name: Deploy slack notifier (test) | |
needs: [check-for-changes, deploy-apps-test] | |
uses: ./.github/workflows/action-deploy-function.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasSlackNotifierChanges != 'true' }} | |
function-app-name: "dp-be-test-slacknotifier-fa" | |
function-project-path: "./src/Digdir.Tool.Dialogporten.SlackNotifier" | |
environment: test | |
dry-run-deploy-infra-staging: | |
name: Deploy infra to staging (dry run) | |
needs: [check-for-changes, deploy-infra-test] | |
uses: ./.github/workflows/action-deploy-infra.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} | |
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }} | |
environment: staging | |
region: norwayeast | |
skipApproval: true | |
dryRun: true | |
deploy-infra-staging: | |
name: Deploy infra to staging | |
needs: [check-for-changes, dry-run-deploy-infra-staging] | |
uses: ./.github/workflows/action-deploy-infra.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} | |
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }} | |
environment: staging | |
region: norwayeast | |
# todo: change to false after testing | |
dryRun: true | |
# todo: don't think we need to feature gate twice here.. | |
dry-run-deploy-apps-staging: | |
name: Deploy apps to staging (dryrun) | |
needs: [check-for-changes, deploy-infra-staging] | |
uses: ./.github/workflows/action-deploy-infra.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} | |
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }} | |
environment: staging | |
region: norwayeast | |
dryRun: true | |
deploy-apps-staging: | |
name: Deploy apps to staging (dryrun) | |
needs: [check-for-changes, dry-run-deploy-apps-staging] | |
uses: ./.github/workflows/action-deploy-infra.yml | |
secrets: | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} | |
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} | |
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }} | |
with: | |
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }} | |
environment: staging | |
region: norwayeast | |
# todo: change to false after testing | |
dryRun: true |