feat: Adopt Identity Platform #695
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Commit | |
on: | |
pull_request: | |
push: | |
branches: | |
- master | |
repository_dispatch: | |
types: | |
- radar-release | |
jobs: | |
yamllint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.9' | |
- name: Install dependencies | |
run: pip install -r ./.scripts/python_requirements.txt | |
- name: Yaml lint | |
run: python .scripts/yaml_lint.py | |
- name: Verify schema | |
run: python .scripts/yaml_validate.py | |
test: | |
runs-on: ubuntu-latest | |
needs: | |
- yamllint | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: .nvmrc | |
cache: npm | |
- name: NPM install | |
run: npm ci | |
- name: Lint javascript | |
run: | | |
for module in app backend builder; do | |
npm run lint:js -w "@tech-radar/$module" -- \ | |
--format junit \ | |
--output-file test-results/eslint/TEST-eslint.xml | |
done | |
- name: Unit tests | |
run: | | |
for module in app backend builder; do | |
npm test -w "@tech-radar/$module" -- --ci --runInBand | |
done | |
- name: Build radar | |
run: npm run build | |
- name: SonarCloud Scan | |
uses: extenda/actions/sonar-scanner@v0 | |
with: | |
sonar-host: https://sonarcloud.io | |
service-account-key: ${{ secrets.SECRET_AUTH }} | |
release: | |
if: github.ref == 'refs/heads/master' | |
runs-on: ubuntu-latest | |
needs: | |
- yamllint | |
- test | |
outputs: | |
docker-image-name: ${{ steps.docker-publish.outputs.docker-image-name }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: .nvmrc | |
cache: npm | |
- uses: extenda/actions/gcp-secret-manager@v0 | |
with: | |
service-account-key: ${{ secrets.SECRET_AUTH }} | |
secrets: | | |
ORG_TOKEN: github-token | |
- uses: extenda/actions/gcp-secret-manager@v0 | |
with: | |
service-account-key: ${{ secrets.GCLOUD_AUTH }} | |
secrets: | | |
LD_CLIENT_ID: launchdarkly-client-id | |
- name: Checkout IT & BIS radar repository | |
uses: actions/checkout@v4 | |
with: | |
token: ${{ env.ORG_TOKEN }} | |
repository: extenda/it-bis-radar | |
path: .it-bis_radar | |
- name: Copy IT & BIS radar | |
run: mv .it-bis_radar/radar radar_it | |
- name: Create release | |
uses: extenda/actions/conventional-release@v0 | |
id: release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: NPM install | |
run: npm ci | |
- name: Build radar | |
run: | | |
npm version ${{ steps.release.outputs.version }} --no-git-tag-version | |
npm run build | |
- uses: extenda/actions/setup-gcloud@v0 | |
id: gcloud | |
with: | |
service-account-key: ${{ secrets.GCLOUD_AUTH }} | |
- name: Publish Docker image | |
id: docker-publish | |
run: | | |
gcloud auth configure-docker --quiet | |
IMAGE=gcr.io/${{ steps.gcloud.outputs.project-id }}/tech-radar:${{ steps.release.outputs.release-tag }} | |
echo "::set-output name=docker-image-name::$IMAGE" | |
docker build -t $IMAGE . | |
docker push $IMAGE | |
deploy: | |
if: github.ref == 'refs/heads/master' | |
runs-on: ubuntu-latest | |
needs: | |
- release | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: extenda/actions/setup-gcloud@v0 | |
id: gcloud | |
with: | |
service-account-key: ${{ secrets.GCLOUD_AUTH }} | |
- name: Deploy to Cloud Run | |
run: | | |
gcloud run deploy tech-radar \ | |
--image=${{ needs.release.outputs.docker-image-name }} \ | |
--service-account=cloudrun-runtime@${{ steps.gcloud.outputs.project-id }}.iam.gserviceaccount.com \ | |
--platform=managed \ | |
--region=europe-west1 \ | |
--project=${{ steps.gcloud.outputs.project-id }} \ | |
--cpu=1 \ | |
--memory=256Mi \ | |
--min-instances=0 \ | |
--max-instances=20 \ | |
--allow-unauthenticated \ | |
--set-env-vars=SERVICE_PROJECT_ID=${{ steps.gcloud.outputs.project-id }},SERVICE_ENVIRONMENT=prod \ | |
--set-secrets=LD_SDK_KEY=launchdarkly-sdk-key:latest |