Fjern altinn fra external hosts fordi vi ikke lenger gjør kall direkt… #3303
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- main | |
- preprod/** | |
- dev/** | |
env: | |
DOCKER_REGISTRY: ghcr.io | |
DOCKER_IMAGE_PREFIX: ${{ github.repository }}/im- | |
ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} | |
jobs: | |
generate_vars: | |
runs-on: ubuntu-latest | |
outputs: | |
short_sha: ${{ steps.set_short_sha.outputs.short_sha }} | |
matrix: ${{ steps.set_matrix.outputs.matrix }} | |
is_matrix_empty: ${{ steps.set_matrix.outputs.is_matrix_empty }} | |
deploy_matrix: ${{ steps.set_matrix.outputs.deploy_matrix }} | |
is_deploy_matrix_empty: ${{ steps.set_matrix.outputs.is_deploy_matrix_empty }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
- uses: gradle/actions/setup-gradle@v4 | |
- name: Determine short SHA | |
id: set_short_sha | |
run: | | |
SHORT_SHA=$(echo ${{ github.sha }} | cut -c 1-7) | |
echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT | |
- name: Determine changes files | |
run: | | |
# Create a comma-separated list of changed files for use in build.gradle.kts | |
CHANGED_FILES=$(git diff-tree --no-commit-id --name-only -r -m $GITHUB_SHA | tr '\r\n' ',' | sed -e 's/,$//' | tr -d '"') | |
echo "CHANGED_FILES=$CHANGED_FILES" >> $GITHUB_ENV | |
- name: Determine projects to deploy | |
id: set_matrix | |
run: | | |
MATRIX=$(./gradlew -q buildMatrix --console=plain) | |
echo $MATRIX | |
DEPLOY_MATRIX=$(./gradlew -q deployMatrixDev --console=plain) | |
echo $DEPLOY_MATRIX | |
MATRIX_SIZE=$(echo $MATRIX | jq '.project|length') | |
DEPLOY_MATRIX_SIZE=$(echo $DEPLOY_MATRIX | jq '.project|length') | |
if [ "$MATRIX_SIZE" == '0' ]; then | |
echo "Empty matrix" | |
echo "matrix=[]" >> $GITHUB_OUTPUT # to prevent error because matrix is empty | |
echo "is_matrix_empty=true" >> $GITHUB_OUTPUT | |
else | |
echo Setting matrix to $MATRIX | |
echo "matrix=$MATRIX" >> $GITHUB_OUTPUT | |
echo "is_matrix_empty=false" >> $GITHUB_OUTPUT | |
fi | |
if [ "$DEPLOY_MATRIX_SIZE" == '0' ]; then | |
echo "Empty deploy matrix" | |
echo "deploy_matrix=[]" >> $GITHUB_OUTPUT # to prevent error because matrix is empty | |
echo "is_deploy_matrix_empty=true" >> $GITHUB_OUTPUT | |
else | |
echo Setting deploy matrix to $DEPLOY_MATRIX | |
echo "deploy_matrix=$DEPLOY_MATRIX" >> $GITHUB_OUTPUT | |
echo "is_deploy_matrix_empty=false" >> $GITHUB_OUTPUT | |
fi | |
build: | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write | |
needs: generate_vars | |
if: needs.generate_vars.outputs.is_matrix_empty == 'false' | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJSON(needs.generate_vars.outputs.matrix) }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: temurin | |
- uses: gradle/actions/setup-gradle@v4 | |
- name: Test and build | |
run: ./gradlew ${{ matrix.project }}:test ${{ matrix.project }}:build | |
- name: Check app.jar existence | |
id: app_jar | |
uses: andstor/file-existence-action@v3 | |
with: | |
files: "apps/${{ matrix.project }}/build/libs/app.jar" | |
- name: Create docker tag | |
if: steps.app_jar.outputs.files_exists == 'true' | |
run: | | |
echo "IMAGE=$DOCKER_REGISTRY/${DOCKER_IMAGE_PREFIX}${{ matrix.project }}:${{ needs.generate_vars.outputs.short_sha }}" >> $GITHUB_ENV | |
- name: Build docker image | |
if: steps.app_jar.outputs.files_exists == 'true' | |
run: docker build apps/${{ matrix.project }} --pull -t $IMAGE -f Dockerfile | |
- name: Push docker image | |
if: steps.app_jar.outputs.files_exists == 'true' | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login --username $GITHUB_REPOSITORY --password-stdin https://$DOCKER_REGISTRY | |
docker push $IMAGE | |
deploy: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
needs: [generate_vars, build] | |
if: needs.generate_vars.outputs.is_deploy_matrix_empty == 'false' | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJSON(needs.generate_vars.outputs.deploy_matrix) }} | |
concurrency: | |
group: deploy-dev-${{ matrix.project }} | |
steps: | |
- name: Check if docker image exists | |
run: | | |
LAYERS=$(curl -X GET https://$DOCKER_REGISTRY/${DOCKER_IMAGE_PREFIX}${{ matrix.project }}/manifests/${{ needs.generate_vars.outputs.short_sha }} -u $GITHUB_ACTOR:${{ secrets.GITHUB_TOKEN }} | jq '.layers') | |
if [ "$LAYERS" == 'null' ]; then | |
echo "IMAGE_EXISTS=false" >> $GITHUB_ENV | |
else | |
echo "IMAGE_EXISTS=true" >> $GITHUB_ENV | |
fi | |
- name: Fetch sources | |
if: env.IMAGE_EXISTS == 'true' | |
uses: actions/checkout@v4 | |
- name: Determine app configuration file | |
if: env.IMAGE_EXISTS == 'true' | |
run: | | |
CONFIG_FILE="config/${{ matrix.project }}/${{ matrix.cluster }}.yml" | |
echo "VARS=$CONFIG_FILE" >> $GITHUB_ENV # VARS-variable is used by nais/deploy/actions/deploy | |
- name: Confirm app configuration file existence | |
id: confirm_config_file | |
if: env.IMAGE_EXISTS == 'true' | |
uses: andstor/file-existence-action@v3 | |
with: | |
files: "${{ env.VARS }}" | |
- name: Deploy | |
if: env.IMAGE_EXISTS == 'true' && steps.confirm_config_file.outputs.files_exists == 'true' | |
uses: nais/deploy/actions/deploy@v2 | |
env: | |
CLUSTER: ${{ matrix.cluster }} | |
IMAGE: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_PREFIX }}${{ matrix.project }}:${{ needs.generate_vars.outputs.short_sha }} | |
RESOURCE: config/nais.yml | |
VAR: app=${{ matrix.project }} |