-
Notifications
You must be signed in to change notification settings - Fork 1
131 lines (122 loc) · 3.68 KB
/
merge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Merge to Main
env:
deployment_name: pay-transparency
on:
push:
branches: [main]
paths-ignore:
- "*.md"
- "docker-compose.yml"
- "renovate.json"
- "COMPLIANCE.yaml"
- ".gitignore"
- ".vscode/**"
- ".diagrams/**"
- ".graphics/**"
- "sysdig/**"
- ".github/workflows/sysdig.yml"
- "clamav-service/**"
workflow_dispatch:
inputs:
pr_no:
description: "PR-numbered container set to deploy"
type: number
required: true
concurrency:
group: merge-to-main
cancel-in-progress: false # queue the workflows , if multiples are triggered.
jobs:
vars:
name: Set Variables
outputs:
pr: ${{ steps.pr.outputs.pr }}
runs-on: ubuntu-22.04
timeout-minutes: 1
steps: # Get PR number for squash merges to main
- name: PR Number
id: pr
uses: bcgov-nr/[email protected]
codeql:
name: Semantic Code Analysis
runs-on: ubuntu-22.04
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v4
- name: Initialize
uses: github/codeql-action/init@v3
with:
languages: javascript
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
semantic-version: # Create a semantic version based on the commit messages and tag the commit.
outputs:
semanticVersion: ${{ steps.changelog.outputs.version }}
tag: ${{ steps.changelog.outputs.tag }}
clean_changelog: ${{ steps.changelog.outputs.clean_changelog }}
runs-on: ubuntu-22.04
timeout-minutes: 1
steps:
- uses: actions/checkout@v4
- name: Conventional Changelog Update
uses: TriPSs/conventional-changelog-action@v5
id: changelog
continue-on-error: true
with:
preset: "conventionalcommits"
github-token: ${{ github.token }}
output-file: "CHANGELOG.md"
skip-version-file: "true"
skip-commit: "true"
skip-on-empty: "false"
git-push: "true"
retag-images:
needs: [vars, semantic-version]
runs-on: ubuntu-22.04
strategy:
matrix:
package:
[
backend,
database-migrations,
admin-frontend,
frontend,
doc-gen-service,
backend-external,
maintenance,
]
steps:
- name: Tag Docker Images
uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.package }}
target: ${{ needs.vars.outputs.pr }}
tags: |
${{ needs.semantic-version.outputs.semanticVersion }}
dev
deploys:
name: Deploys (dev)
needs: [retag-images, semantic-version]
uses: ./.github/workflows/.deploy.yml
secrets: inherit
with:
target: dev
tag: ${{ needs.semantic-version.outputs.semanticVersion }}
frontend-url: https://dev.paytransparency.fin.gov.bc.ca
admin-frontend-url: https://dev.ptrtadmin.fin.gov.bc.ca
semver: ${{ needs.semantic-version.outputs.semanticVersion }}
values: "values-dev.yaml"
test-integration:
name: Integration
needs: [deploys]
uses: ./.github/workflows/.integration.yml
secrets: inherit
with:
backend-external-url: https://pay-transparency-dev-backend-external.apps.silver.devops.gov.bc.ca/api