-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(workflow): upgraded workflows to push to radix
- Loading branch information
Showing
9 changed files
with
310 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
name: Build and publish component | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
Registry: | ||
required: true | ||
type: string | ||
Tag: | ||
required: true | ||
type: string | ||
ImageName: | ||
required: true | ||
type: string | ||
Environment: | ||
required: true | ||
type: string | ||
GitRef: | ||
required: false | ||
type: string | ||
|
||
jobs: | ||
build-and-push-container: | ||
runs-on: ubuntu-latest | ||
environment: ${{ inputs.Environment }} | ||
permissions: | ||
contents: read | ||
packages: write | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ inputs.GitRef }} | ||
|
||
- name: Log in to the Github Container registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ${{ inputs.Registry }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Extract metadata (tags, labels) for Docker | ||
id: meta | ||
uses: docker/metadata-action@v5 | ||
with: | ||
images: ${{ inputs.Registry }}/${{ inputs.ImageName }} | ||
|
||
- name: 'Create env file' | ||
run: | | ||
touch .env | ||
echo REACT_APP_AAD_CLIENT_ID=${{ secrets.CLIENT_ID }} >> .env | ||
echo REACT_APP_AAD_TENANT_ID=${{ secrets.TENANT_ID }} >> .env | ||
echo REACT_APP_AAD_REDIRECT_URI=/ >> .env | ||
echo REACT_APP_BACKEND_URL=${{ vars.BACKEND_URL }} >> .env | ||
echo REACT_APP_BACKEND_API_SCOPE=${{ vars.BACKEND_API_SCOPE }} >> .env | ||
cat .env | ||
- name: Build and push Docker image | ||
uses: docker/build-push-action@v5 | ||
with: | ||
context: ./src | ||
file: ./Dockerfile | ||
target: release | ||
push: true | ||
tags: | | ||
${{ inputs.Registry }}/${{ inputs.ImageName }}:${{ inputs.Tag }} | ||
labels: ${{ steps.meta.outputs.labels }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
name: Deploy to Development | ||
|
||
# Only one workflow in a concurrency group may run at a time | ||
concurrency: | ||
group: development-concurrency | ||
cancel-in-progress: true | ||
|
||
on: | ||
release: | ||
types: [created] | ||
push: | ||
branches: | ||
- "main" | ||
paths: | ||
- "src/**" | ||
- "package.json" | ||
- "package-lock.json" | ||
- "yarn.lock" | ||
|
||
jobs: | ||
trigger-github-deployment: | ||
name: Trigger Github Deployment | ||
runs-on: ubuntu-latest | ||
environment: dev | ||
steps: | ||
- name: Notify | ||
run: echo "Deployment started" | ||
|
||
get-or-create-tag: | ||
needs: trigger-github-deployment | ||
name: Get or create tag | ||
outputs: | ||
tag: ${{ steps.get-tag.outputs.tag }} | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: get-tag | ||
run: | | ||
if echo ${{ github.event_name }} | grep "release" | ||
then | ||
RELEASE_TAG=$(echo ${{ github.event.release.tag_name }}) | ||
echo "tag=$RELEASE_TAG" >> "$GITHUB_OUTPUT" | ||
else | ||
SHA_SHORT=$(echo ${{ github.sha }} | cut -c1-8) | ||
echo "tag=$SHA_SHORT" >> "$GITHUB_OUTPUT" | ||
fi | ||
shell: bash | ||
|
||
build-and-publish-component: | ||
name: "Build and publish component" | ||
needs: [get-or-create-tag, trigger-github-deployment] | ||
uses: ./.github/workflows/build-and-publish.yml | ||
with: | ||
Registry: ghcr.io | ||
ImageName: ${{ github.repository }} | ||
Environment: dev | ||
# Add dev. prefix for the tags used in dev environment, | ||
# due to the commit hash can be interpreted as an integer if only numbers | ||
# PS: Needs to match deploy.with.Tag | ||
Tag: dev.${{ needs.get-or-create-tag.outputs.tag }} | ||
secrets: inherit | ||
|
||
deploy: | ||
name: Update deployment in Develompent | ||
needs: [build-and-publish-component, trigger-github-deployment, get-or-create-tag] | ||
uses: ./.github/workflows/deploy-to-radix.yml | ||
with: | ||
Environment: dev | ||
VersionTag: "dev.${{ needs.get-or-create-tag.outputs.tag }}" | ||
secrets: | ||
ClientId: ${{ secrets.CLIENT_ID }} | ||
TenantId: ${{ secrets.TENANT_ID }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
name: Promote to Production | ||
|
||
# Only one workflow in a concurrency group may run at a time | ||
concurrency: | ||
group: production-concurrency | ||
cancel-in-progress: true | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
env: | ||
REGISTRY: ghcr.io | ||
|
||
jobs: | ||
trigger-github-deployment: | ||
name: Trigger GitHub Deployment | ||
environment: prod | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Deploy production | ||
run: echo "Deplying to production" | ||
|
||
get-test-version: | ||
name: Get version from test | ||
needs: trigger-github-deployment | ||
outputs: | ||
versionTag: ${{ steps.get_version_tag.outputs.tags }} | ||
runs-on: ubuntu-latest | ||
environment: prod | ||
steps: | ||
|
||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Log in to the Github Container registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Extract metadata (tags, labels) for Docker | ||
id: get_version_tag | ||
uses: docker/metadata-action@v5 | ||
with: | ||
images: ${{ env.REGISTRY }}/${{ github.repository }}/test:latest | ||
tags: | | ||
type=semver,pattern=v{{version}} | ||
build-and-publish-prod: | ||
name: Build and publish Production | ||
needs: get-test-version | ||
uses: ./.github/workflows/build-and-publish.yml | ||
with: | ||
Registry: ghcr.io | ||
ImageName: ${{ github.repository }} | ||
Tag: prod.${{ needs.get-test-version.outputs.versionTag }} | ||
Environment: prod | ||
GitRef: ${{ needs.get-test-version.outputs.versionTag }} | ||
secrets: inherit | ||
|
||
deploy: | ||
name: Update deployment in Production | ||
needs: [get-test-version, trigger-github-deployment] | ||
uses: ./.github/workflows/deploy-to-radix.yml | ||
with: | ||
Environment: prod | ||
VersionTag: prod.${{ needs.get-test-version.outputs.versionTag }} | ||
secrets: | ||
ClientId: ${{ secrets.CLIENT_ID }} | ||
TenantId: ${{ secrets.TENANT_ID }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
name: Deploy to Radix | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
Environment: | ||
required: true | ||
type: string | ||
VersionTag: | ||
required: true | ||
type: string | ||
secrets: | ||
ClientId: | ||
required: true | ||
TenantId: | ||
required: true | ||
|
||
|
||
permissions: | ||
id-token: write | ||
contents: read | ||
|
||
jobs: | ||
deploy: | ||
runs-on: ubuntu-latest | ||
environment: ${{inputs.Environment}} | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: 'Az CLI login' | ||
uses: azure/login@v2 | ||
with: | ||
client-id: ${{ secrets.ClientId}} | ||
tenant-id: ${{ secrets.TenantId}} | ||
allow-no-subscriptions: true | ||
|
||
- name: RADIX Login | ||
run: | | ||
token=$(az account get-access-token --resource 6dae42f8-4368-4678-94ff-3960e28e3630 --query=accessToken -otsv | tr -d '[:space:]') | ||
echo "::add-mask::$token" | ||
echo "APP_SERVICE_ACCOUNT_TOKEN=$token" >> $GITHUB_ENV | ||
- name: 'Deploy API on Radix' | ||
uses: equinor/radix-github-actions@v1 | ||
with: | ||
github-token: ${{ secrets.GITHUB_TOKEN }} | ||
args: > | ||
create pipeline-job | ||
deploy | ||
--application pepm | ||
--component web | ||
--environment ${{ inputs.Environment }} | ||
--image-tag-name web=${{ inputs.VersionTag }} | ||
--follow |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: Deploy to Test | ||
|
||
# Only one workflow in a concurrency group may run at a time | ||
concurrency: | ||
group: test-concurrency | ||
cancel-in-progress: true | ||
|
||
on: | ||
release: | ||
types: [created] | ||
|
||
jobs: | ||
trigger-github-deployment: | ||
name: Trigger GitHub Deployment | ||
environment: test | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Start deployment to test | ||
run: echo "Deployment to test started" | ||
|
||
build-and-publish-release-to-test: | ||
name: Build and publish containers for test | ||
uses: ./.github/workflows/build-and-publish.yml | ||
needs: trigger-github-deployment | ||
with: | ||
Registry: ghcr.io | ||
ImageName: ${{ github.repository }} | ||
Tag: test.${{ github.event.release.tag_name }} | ||
Environment: test | ||
secrets: inherit | ||
|
||
deploy: | ||
name: Update deployment in Test | ||
needs: [trigger-github-deployment, build-and-publish-release-to-test] | ||
uses: ./.github/workflows/deploy-to-radix.yml | ||
with: | ||
Environment: test | ||
VersionTag: ${{ github.event.release.tag_name }} | ||
secrets: | ||
ClientId: ${{ secrets.CLIENT_ID }} | ||
TenantId: ${{ secrets.TENANT_ID }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters