Skip to content

Dependency update #2459

Dependency update

Dependency update #2459

Workflow file for this run

name: Build
on:
repository_dispatch:
pull_request:
types: [assigned, opened, synchronize, reopened, ready_for_review]
push:
branches:
- master
jobs:
build:
name: Build and push to Github Container Registry
runs-on: ubuntu-latest
outputs:
image: ${{steps.docker_image.outputs.IMAGE}}
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: set-up-environment
uses: DFE-Digital/github-actions/set-up-environment@master
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: DfE-Digital/keyvault-yaml-secret@v1
id: keyvault-yaml-secret
with:
keyvault: ${{ secrets.KEY_VAULT}}
secret: INFRA-KEYS
key: SLACK-WEBHOOK
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
version: v0.9.1 # More recent buildx versions generate an OCI manifest which is incompatible with Cloud Foundry
- name: Get Short SHA
id: vars
run: |
echo "sha_short=$(echo $GITHUB_SHA | cut -c -7)" >> $GITHUB_OUTPUT
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to Github Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build
uses: docker/build-push-action@v5
with:
push: ${{ github.ref == 'refs/heads/master' }}
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
tags: |
${{env.DOCKER_REPOSITORY}}:sha-${{ steps.vars.outputs.sha_short }}
build-args: GIT_COMMIT_SHA=${{ steps.vars.outputs.sha_short }}
- name: Slack Notification
if: failure() && github.ref == 'refs/heads/master'
uses: rtCamp/action-slack-notify@master
env:
SLACK_COLOR: ${{env.SLACK_FAILURE}}
SLACK_MESSAGE: 'The pipeline has failed to build the API image'
SLACK_TITLE: 'Failure to Build API '
SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK-WEBHOOK }}
development:
name: Development Deployment
needs: build
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
outputs:
release_tag: ${{steps.tag_version.outputs.pr_number}}
release_sha: ${{github.sha}}
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: set-up-environment
uses: DFE-Digital/github-actions/set-up-environment@master
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: DfE-Digital/keyvault-yaml-secret@v1
id: keyvault-yaml-secret
with:
keyvault: ${{ secrets.KEY_VAULT}}
secret: INFRA-KEYS
key: SLACK-WEBHOOK
- name: Trigger Development Deployment
uses: ./.github/workflows/actions/deploy
id: deploy
with:
environment: Development
sha: ${{ github.sha }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
KEY_VAULT: ${{ secrets.KEY_VAULT }}
ARM_ACCESS_KEY: ${{ secrets.ARM_ACCESS_KEY }}
- name: Generate Tag from PR Number
id: tag_version
uses: DFE-Digital/github-actions/GenerateReleaseFromSHA@master
with:
sha: ${{github.sha}}
- name: Create a GitHub Release
id: release
if: steps.tag_version.outputs.pr_found == 1
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.tag_version.outputs.pr_number }}
release_name: Release ${{ steps.tag_version.outputs.pr_number }}
commitish: ${{github.sha}}
prerelease: false
draft: false
- name: Copy PR Info to Release
if: steps.release.outputs.id
uses: DFE-Digital/github-actions/CopyPRtoRelease@master
with:
PR_NUMBER: ${{ steps.tag_version.outputs.pr_number }}
RELEASE_ID: ${{ steps.release.outputs.id }}
TOKEN: ${{ secrets.GITHUB_TOKEN }}
qa:
name: Quality Assurance Deployment
needs: build
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
environment:
name: Test
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: set-up-environment
uses: DFE-Digital/github-actions/set-up-environment@master
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: DfE-Digital/keyvault-yaml-secret@v1
id: keyvault-yaml-secret
with:
keyvault: ${{ secrets.KEY_VAULT}}
secret: INFRA-KEYS
key: SLACK-WEBHOOK
- name: Trigger Deployment to QA
uses: ./.github/workflows/actions/deploy
id: deploy
with:
environment: Test
sha: ${{ github.sha }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
KEY_VAULT: ${{ secrets.KEY_VAULT }}
ARM_ACCESS_KEY: ${{ secrets.ARM_ACCESS_KEY }}
- name: Slack Notification
if: failure()
uses: rtCamp/action-slack-notify@master
env:
SLACK_COLOR: ${{env.SLACK_FAILURE}}
SLACK_TITLE: Failure in Post-Development Deploy
SLACK_MESSAGE: Failure with initialising QA deployment for ${{env.APPLICATION}}
SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK-WEBHOOK }}