-
Notifications
You must be signed in to change notification settings - Fork 1
139 lines (127 loc) · 4.69 KB
/
deploy_nais.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: NAIS Deploy
on:
pull_request:
types: [labeled]
# types: [opened]
# paths:
# - 'src/**'
# - 'build.gradle'
# - 'package.json'
env:
REGISTRY: europe-north1-docker.pkg.dev/nais-management-b3a7/ssbno/ssbno-mimir
IMAGE: mimir
TAG: ${{ github.head_ref }}-${{ github.sha }}
jobs:
build_xp:
name: 'Build XP jar'
runs-on: 'ubuntu-latest'
if: (startsWith(github.head_ref, 'MIM-') || startsWith(github.head_ref, 'mim-') && github.event.label.name == 'nais' && contains(fromJSON('["omsaggau", "annesiri", "ssb-cgn", "Glenruben", "johnnadeluy", "Carl-OW", "michaelpande"]'), github.actor))
steps:
- id: build_app
uses: enonic/release-tools/build-and-publish@master
with:
skipPublishing: true
- name: Upload artifacts
id: upload_artifacts
if: success()
uses: actions/upload-artifact@v4
with:
name: mimir-nais-${{ github.run_number }}
path: "./build/libs/*.jar"
build_image_and_push:
needs: build_xp
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
steps:
- name: Calculate sha
id: calculate_sha
run: echo ${{ env.REGISTRY }} && echo ${{ env.IMAGE }} && echo ${{ env.TAG }}
- name: Checkout mimir
uses: actions/checkout@v4
- name: Give GitHub Actions acces to docker repo
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.DOCKER_REPO_READ_KEY }}
- name: Checkout docker
uses: actions/checkout@v4
with:
ref: "master"
path: "ssbno-xp-docker"
repository: "statisticsnorway/ssbno-xp-docker"
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: mimir-nais-${{ github.run_number }}
path: "./ssbno-xp-docker"
# turn 'MIM-9876_new_feature' into 'mim-9876' so it can be used in URL, it can be found in env.ISSUE_NUMBER
- name: "Get JIRA issue number"
id: jira_issue_number
run: |
BRANCH="${{ github.head_ref }}"
ISSUE_NUMBER=${BRANCH:0:8}
ISSUE_NUMBER=$(echo $ISSUE_NUMBER | tr '[:upper:]' '[:lower:]')
echo "ISSUE_NUMBER=${ISSUE_NUMBER}" >> $GITHUB_ENV;
echo "Issue number: $ISSUE_NUMBER";
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/[email protected]"
with:
workload_identity_provider: "projects/906675412832/locations/global/workloadIdentityPools/ssb-identity-pool/providers/github-oidc-provider"
service_account: "[email protected]"
token_format: "access_token"
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Docker meta
id: metadata
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE }}
# Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern=v{{version}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=sha
type=raw,value=${{ env.TAG }}, enable=true
- name: Build and push
uses: docker/build-push-action@v5
with:
context: ./ssbno-xp-docker
file: "./ssbno-xp-docker/Dockerfile"
push: true
tags: ${{ steps.metadata.outputs.tags }}
# tags: ${{ github.ref_name }}-${{ github.sha }}
labels: ${{ steps.metadata.outputs.labels }}
deploy:
name: Deploy to NAIS
needs: build_image_and_push
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: "Get JIRA issue number"
id: jira_issue_number
run: |
BRANCH="${{ github.head_ref }}"
ISSUE_NUMBER=${BRANCH:0:8}
ISSUE_NUMBER=$(echo $ISSUE_NUMBER | tr '[:upper:]' '[:lower:]')
echo "ISSUE_NUMBER=${ISSUE_NUMBER}" >> $GITHUB_ENV;
echo "Issue number: $ISSUE_NUMBER";
- uses: nais/deploy/actions/deploy@v2
env:
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
CLUSTER: staging
RESOURCE: nais.yaml
VAR: image=${{ env.REGISTRY }}/${{env.IMAGE}}:${{ env.TAG }},branch=${{ env.ISSUE_NUMBER }}
DEPLOY_SERVER: deploy.ssb.cloud.nais.io:443