diff --git a/.github/workflows/dependabot.yaml b/.github/workflows/dependabot.yaml deleted file mode 100644 index eb3310140..000000000 --- a/.github/workflows/dependabot.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Run tests for dependabot PRs -on: - workflow_dispatch: - pull_request: - types: [ ready_for_review, opened, synchronize ] - branches: - - 'dependabot/**' - -env: - GITHUB_USERNAME: x-access-token - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - -jobs: - run-tests: - runs-on: ubuntu-latest - name: Run tests - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - uses: actions/cache@v3 - with: - path: ~/.m2 - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -B -e --settings .m2/maven-settings.xml clean test diff --git a/.github/workflows/deploy_feature.yaml b/.github/workflows/deploy_feature.yaml index 7e769c55e..d45c9179a 100644 --- a/.github/workflows/deploy_feature.yaml +++ b/.github/workflows/deploy_feature.yaml @@ -8,72 +8,13 @@ on: - '!dependabot/**' env: - GITHUB_USERNAME: x-access-token GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: - build: + build-deploy: + name: "Build and deploy to feature" permissions: contents: "read" id-token: "write" - name: Build with maven and docker - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - uses: actions/cache@v3 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -B -e --settings .m2/maven-settings.xml clean install - - uses: nais/docker-build-push@v0 - id: docker-push - with: - team: bidrag - identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} - project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} - outputs: - image: ${{ steps.docker-push.outputs.image }} - tag: ${{ steps.docker-push.outputs.tag }} - - run-tests: - runs-on: ubuntu-latest - name: Run tests - needs: build - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - uses: actions/cache@v3 - with: - path: ~/.m2 - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -B -e --settings .m2/maven-settings.xml clean install - - - deploy-feature: - runs-on: ubuntu-latest - name: Deploy feature - needs: - - build - steps: - - uses: actions/checkout@v4 - with: - path: deploy - - name: Deploy to dev-gcp for feature.yaml - uses: nais/deploy/actions/deploy@v1 - env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} - CLUSTER: dev-gcp - RESOURCE: deploy/.nais/nais.yaml - VARS: deploy/.nais/feature.yaml - IMAGE: ${{ needs.build.outputs.image }} + uses: navikt/bidrag-workflow/.github/workflows/deploy_feature.yaml@main + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 777944bf3..3460495d2 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -8,72 +8,13 @@ on: - '!dependabot/**' env: - GITHUB_USERNAME: x-access-token GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: - build: - if: github.event.pull_request.draft == false && ${{ github.actor != 'dependabot[bot]' }} + build-deploy: + name: "Build and deploy to main" permissions: contents: "read" id-token: "write" - name: Build with maven and docker - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - uses: actions/cache@v3 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -B -e --settings .m2/maven-settings.xml clean install - - uses: nais/docker-build-push@v0 - id: docker-push - with: - team: bidrag - identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} - project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} - outputs: - image: ${{ steps.docker-push.outputs.image }} - tag: ${{ steps.docker-push.outputs.tag }} - - deploy-dev: - runs-on: ubuntu-latest - name: Deploy dev - needs: - - build - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - uses: actions/cache@v3 - with: - path: ~/.m2 - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -B -e --settings .m2/maven-settings.xml clean install - - deploy-main: - runs-on: ubuntu-latest - name: Deploy main - needs: build - steps: - - uses: actions/checkout@v4 - with: - path: deploy - - name: Deploy main branch to dev-gcp - uses: nais/deploy/actions/deploy@v1 - env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} - CLUSTER: dev-gcp - RESOURCE: deploy/.nais/nais.yaml - VARS: deploy/.nais/main.yaml - IMAGE: ${{ needs.build.outputs.image }} + uses: navikt/bidrag-workflow/.github/workflows/deploy_main.yaml@main + secrets: inherit diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a4496cd63..9f1160942 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -4,76 +4,13 @@ on: branches: - 'main' env: - GITHUB_USERNAME: x-access-token GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: - build: + build-deploy: + name: "Build and deploy to prod" permissions: - contents: "read" + contents: "write" id-token: "write" - name: Build with maven and docker - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - uses: actions/cache@v3 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -Dmaven.test.skip=true -B -e --settings .m2/maven-settings.xml clean install - - uses: nais/docker-build-push@v0 - id: docker-push - with: - team: bidrag - identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} - project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} - outputs: - image: ${{ steps.docker-push.outputs.image }} - tag: ${{ steps.docker-push.outputs.tag }} - - deploy: - runs-on: ubuntu-latest - name: Deploy to prod - needs: build - - steps: - - uses: actions/checkout@v4 - with: - path: deploy - - uses: nais/deploy/actions/deploy@v1 - env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} - CLUSTER: prod-gcp - RESOURCE: deploy/.nais/nais.yaml - VARS: deploy/.nais/prod.yaml - IMAGE: ${{ needs.build.outputs.image }} - outputs: - image: ${{ needs.build.outputs.image }} - tag: ${{ needs.build.outputs.tag }} - - tag: - runs-on: ubuntu-latest - name: Tag release - permissions: - contents: write - needs: deploy - steps: - - uses: actions/checkout@v4 - - name: Push latest image tag as github tag - id: tag_version - uses: mathieudutour/github-tag-action@v6.1 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - custom_tag: ${{ needs.deploy.outputs.tag }} - - name: Create a GitHub release - uses: ncipollo/release-action@v1 - with: - tag: ${{ steps.tag_version.outputs.new_tag }} - name: Release ${{ steps.tag_version.outputs.new_tag }} - body: ${{ steps.tag_version.outputs.changelog }} \ No newline at end of file + uses: navikt/bidrag-workflow/.github/workflows/release.yaml@main + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/rollback_prod.yaml b/.github/workflows/rollback_prod.yaml index e68cef058..f10a678bd 100644 --- a/.github/workflows/rollback_prod.yaml +++ b/.github/workflows/rollback_prod.yaml @@ -7,54 +7,13 @@ on: required: false env: - GITHUB_USERNAME: x-access-token GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: - prepare_deploy: + build-deploy: + name: "Rollback and deploy previous version to prod" permissions: - contents: "read" + contents: "write" id-token: "write" - runs-on: ubuntu-latest - name: Find tag to deploy - - steps: - - uses: actions/checkout@v4 - - name: NAIS login - uses: nais/login@v0 - id: login - with: - team: bidrag - identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} - project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} - - id: deploy_version - name: Find deploy version - run: | - git fetch --all --tags - echo ${GITHUB_EVENT_NAME} - REPO_NAME=${GITHUB_REPOSITORY/$GITHUB_REPOSITORY_OWNER\//} - DEPLOY_TAG=${{ github.event.inputs.deploy_tag }} - if [ -z "$INPUT_TAG" ]; then - echo "NULL"; - DEPLOY_TAG=$(git tag -l | sort -V | tail -2 | head -1) - fi - echo "IMAGE=${{ steps.login.outputs.registry }}/$REPO_NAME:$DEPLOY_TAG" >> $GITHUB_OUTPUT - echo "DEPLOY_TAG=$DEPLOY_TAG" >> $GITHUB_OUTPUT - outputs: - image: ${{ steps.deploy_version.outputs.IMAGE }} - version: ${{ steps.deploy_version.outputs.DEPLOY_TAG }} - - deploy: - runs-on: ubuntu-latest - name: Deploy docker image to prod - needs: prepare_deploy - - steps: - - uses: actions/checkout@v4 - - uses: nais/deploy/actions/deploy@v1 - env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} - CLUSTER: prod-gcp - RESOURCE: deploy/.nais/nais.yaml - VARS: deploy/.nais/prod.yaml - IMAGE: ${{ needs.prepare_deploy.outputs.image }} \ No newline at end of file + uses: navikt/bidrag-workflow/.github/workflows/rollback_prod.yaml@main + secrets: inherit \ No newline at end of file diff --git a/.m2/maven-settings.xml b/.m2/maven-settings.xml deleted file mode 100644 index 8d27d889d..000000000 --- a/.m2/maven-settings.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - - github - ${env.GITHUB_USERNAME} - ${env.GITHUB_TOKEN} - - - -