Skip to content

fix app deployments #26

fix app deployments

fix app deployments #26

Workflow file for this run

name: CI/CD Main
on:
workflow_dispatch:
push:
# todo: change to main after testing
branches: [chore/restructure-bicep-and-actions]
paths-ignore:
- "tests/k6/**"
# todo: maybe split into two workflows, one for backend and one for azure
jobs:
check-for-changes:
name: Check for changes
uses: ./.github/workflows/action-check-for-changes.yml
build-and-test:
name: Build and test backend
uses: ./.github/workflows/action-build-and-test.yml
needs: [check-for-changes]
with:
skip: ${{ needs.check-for-changes.outputs.hasBackendChanges != 'true' }}
publish:
name: Build and publish docker images
uses: ./.github/workflows/action-publish.yml
needs: [check-for-changes, build-and-test]
secrets:
GCR_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
with:
skip: ${{ needs.check-for-changes.outputs.hasBackendChanges != 'true' }}
dockerImageBaseName: ghcr.io/digdir/dialogporten-
deploy-infra-test:
name: Deploy infra to test
needs: [check-for-changes, publish]
# todo: test this out
# if: ${{ jobs.build-and-test.result == 'success' || jobs.blah.result == 'skipped' }}
uses: ./.github/workflows/action-deploy-infra.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }}
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }}
with:
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }}
environment: test
region: norwayeast
dryRun: true
deploy-apps-test:
name: Deploy apps to test
needs: [check-for-changes, deploy-infra-test]
uses: ./.github/workflows/action-deploy-apps.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# todo: consider resolving these in another way since they are created in the infra-step
AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
AZURE_ADO_CONNECTION_STRING_SECRET_URI: ${{ secrets.AZURE_ADO_CONNECTION_STRING_SECRET_URI }}
AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }}
AZURE_CONTAINER_APP_ENVIRONMENT_ID: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_ID }}
AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }}
AZURE_APP_CONFIGURATION_NAME: ${{ secrets.AZURE_APP_CONFIGURATION_NAME }}
with:
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }}
environment: test
region: norwayeast
skipApproval: true
# todo: change to false after testing
dryRun: true
deploy-slack-notifier-test:
name: Deploy slack notifier (test)
needs: [check-for-changes, deploy-apps-test]
uses: ./.github/workflows/action-deploy-function.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
with:
skip: ${{ needs.check-for-changes.outputs.hasSlackNotifierChanges != 'true' }}
function-app-name: "dp-be-test-slacknotifier-fa"
function-project-path: "./src/Digdir.Tool.Dialogporten.SlackNotifier"
environment: test
dry-run-deploy-infra-staging:
name: Deploy infra to staging (dry run)
needs: [check-for-changes, deploy-infra-test]
uses: ./.github/workflows/action-deploy-infra.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }}
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }}
with:
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }}
environment: staging
region: norwayeast
skipApproval: true
dryRun: true
deploy-infra-staging:
name: Deploy infra to staging
needs: [check-for-changes, dry-run-deploy-infra-staging]
uses: ./.github/workflows/action-deploy-infra.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }}
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }}
with:
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }}
environment: staging
region: norwayeast
# todo: change to false after testing
dryRun: true
# todo: don't think we need to feature gate twice here..
dry-run-deploy-apps-staging:
name: Deploy apps to staging (dryrun)
needs: [check-for-changes, deploy-infra-staging]
uses: ./.github/workflows/action-deploy-infra.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }}
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }}
with:
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }}
environment: staging
region: norwayeast
dryRun: true
deploy-apps-staging:
name: Deploy apps to staging (dryrun)
needs: [check-for-changes, dry-run-deploy-apps-staging]
uses: ./.github/workflows/action-deploy-infra.yml
secrets:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_NAME: ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }}
AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID: ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }}
AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP: ${{ secrets.AZURE_SOURCE_KEY_VAULT_RESOURCE_GROUP }}
with:
skip: ${{ needs.check-for-changes.outputs.hasAzureChanges != 'true' }}
environment: staging
region: norwayeast
# todo: change to false after testing
dryRun: true