Skip to content

chore(deps): update zaproxy/action-full-scan action to v0.12.0 (#244) #192

chore(deps): update zaproxy/action-full-scan action to v0.12.0 (#244)

chore(deps): update zaproxy/action-full-scan action to v0.12.0 (#244) #192

Workflow file for this run

name: Merge
on:
push:
branches: [main]
paths-ignore:
- '*.md'
- '.github/**'
- '.github/graphics/**'
- '!.github/workflows/**'
concurrency:
# Do not interrupt previous workflows
group: ${{ github.workflow }}
cancel-in-progress: false
jobs:
vars:
name: Variables
outputs:
pr: ${{ steps.pr.outputs.pr }}
runs-on: ubuntu-latest
timeout-minutes: 1
steps:
# Get PR number for squash merges to main
- name: PR Number
id: pr
uses: bcgov-nr/[email protected]
deploys-test:
name: TEST Deploys
needs: [vars]
environment: test
runs-on: ubuntu-24.04
permissions:
issues: write
strategy:
matrix:
name: [backend, frontend]
include:
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
verification_path: /health
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
parameters:
-p VITE_USER_POOLS_WEB_CLIENT_ID=${{ vars.VITE_USER_POOLS_WEB_CLIENT_ID }}
steps:
- uses: bcgov-nr/[email protected]
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=test -p TAG=${{ needs.vars.outputs.pr }}
-p S3_SECRETKEY=${{ secrets.S3_SECRETKEY }}
${{ matrix.parameters }}
verification_path: ${{ matrix.verification_path }}
deploys-prod:
name: PROD Deploys
needs: [vars, deploys-test]
environment: prod
runs-on: ubuntu-24.04
strategy:
matrix:
name: [backend, frontend]
include:
- name: backend
file: backend/openshift.deploy.yml
overwrite: true
verification_path: /health
- name: frontend
file: frontend/openshift.deploy.yml
overwrite: true
steps:
- uses: bcgov-nr/[email protected]
with:
file: ${{ matrix.file }}
oc_namespace: ${{ vars.OC_NAMESPACE }}
oc_server: ${{ vars.OC_SERVER }}
oc_token: ${{ secrets.OC_TOKEN }}
overwrite: ${{ matrix.overwrite }}
parameters:
-p ZONE=prod -p TAG=${{ needs.vars.outputs.pr }}
-p S3_SECRETKEY=${{ secrets.S3_SECRETKEY }}
${{ matrix.parameters }}
verification_path: ${{ matrix.verification_path }}
image-promotions:
name: Promote images
needs: [vars, deploys-prod]
runs-on: ubuntu-24.04
permissions:
packages: write
strategy:
matrix:
component: [backend, frontend]
steps:
- uses: shrink/actions-docker-registry-tag@v4
with:
registry: ghcr.io
repository: ${{ github.repository }}/${{ matrix.component }}
target: ${{ needs.vars.outputs.pr }}
tags: prod