Deploy færre apper om gangen til prod (fikset v2) #312
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Produksjon | |
on: | |
release: | |
types: [released] | |
env: | |
DOCKER_REGISTRY: ghcr.io | |
DOCKER_IMAGE_PREFIX: ${{ github.repository }}/im- | |
ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} | |
jobs: | |
generate_vars: | |
runs-on: ubuntu-latest | |
outputs: | |
short_sha: ${{ steps.set_short_sha.outputs.short_sha }} | |
matrix: ${{ steps.set_matrix.outputs.matrix }} | |
is_matrix_empty: ${{ steps.set_matrix.outputs.is_matrix_empty }} | |
deploy_matrix: ${{ steps.set_matrix.outputs.deploy_matrix }} | |
is_deploy_matrix_empty: ${{ steps.set_matrix.outputs.is_deploy_matrix_empty }} | |
steps: | |
- uses: actions/checkout@v4 | |
# We fetch tags here because 'fetch-tags'-option on checkout-action doesn't work on release | |
- name: Fetch tags | |
run: git fetch --depth=1 --tags --quiet | |
- name: Cache gradle wrapper | |
uses: actions/cache@v4 | |
with: | |
path: ~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-wrapper-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }} | |
- name: Cache gradle caches | |
uses: actions/cache@v4 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-caches-${{ hashFiles('**/build.gradle.kts') }} | |
restore-keys: | | |
${{ runner.os }}-gradle-caches- | |
- name: Determine short SHA | |
id: set_short_sha | |
run: | | |
SHORT_SHA=$(echo ${{ github.sha }} | cut -c 1-7) | |
echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT | |
- name: Determine changes files | |
run: | | |
PREVIOUS_TAG=$(git tag --sort version:refname | tail -n 2 | head -n 1) | |
# Create a comma-separated list of changed files for use in build.gradle.kts | |
CHANGED_FILES=$(git diff-tree --no-commit-id --name-only -r -m $PREVIOUS_TAG $GITHUB_REF | tr '\r\n' ',' | sed -e 's/,$//' | tr -d '"') | |
echo Files changed from $PREVIOUS_TAG to $GITHUB_REF are [$CHANGED_FILES] | |
echo "CHANGED_FILES=$CHANGED_FILES" >> $GITHUB_ENV | |
- name: Determine projects to deploy | |
id: set_matrix | |
run: | | |
MATRIX=$(./gradlew -q buildMatrix --console=plain) | |
echo $MATRIX | |
echo $(./gradlew -q deployMatrixProd --console=plain) | |
DEPLOY_MATRIX=$(./gradlew -q deployMatrixProd --console=plain) | |
echo $DEPLOY_MATRIX | |
MATRIX_SIZE=$(echo $MATRIX | jq '.project|length') | |
DEPLOY_MATRIX_SIZE=$(echo $DEPLOY_MATRIX | jq '.project|length') | |
if [ "$MATRIX_SIZE" == '0' ]; then | |
echo "Empty matrix" | |
echo "matrix=[]" >> $GITHUB_OUTPUT # to prevent error because matrix is empty | |
echo "is_matrix_empty=true" >> $GITHUB_OUTPUT | |
else | |
echo Setting matrix to $MATRIX | |
echo "matrix=$MATRIX" >> $GITHUB_OUTPUT | |
echo "is_matrix_empty=false" >> $GITHUB_OUTPUT | |
fi | |
if [ "$DEPLOY_MATRIX_SIZE" == '0' ]; then | |
echo "Empty deploy matrix" | |
echo "deploy_matrix=[]" >> $GITHUB_OUTPUT # to prevent error because matrix is empty | |
echo "is_deploy_matrix_empty=true" >> $GITHUB_OUTPUT | |
else | |
echo Setting deploy matrix to $DEPLOY_MATRIX | |
echo "deploy_matrix=$DEPLOY_MATRIX" >> $GITHUB_OUTPUT | |
echo "is_deploy_matrix_empty=false" >> $GITHUB_OUTPUT | |
fi | |
build: | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write | |
needs: generate_vars | |
if: needs.generate_vars.outputs.is_matrix_empty == 'false' | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJSON(needs.generate_vars.outputs.matrix) }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: temurin | |
cache: gradle | |
- name: Cache gradle wrapper | |
uses: actions/cache@v4 | |
with: | |
path: ~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-wrapper-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }} | |
- name: Cache gradle caches | |
uses: actions/cache@v4 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-caches-${{ hashFiles('**/build.gradle.kts') }} | |
restore-keys: | | |
${{ runner.os }}-gradle-caches- | |
- name: Test and build | |
run: ./gradlew ${{ matrix.project }}:test ${{ matrix.project }}:build | |
- name: Check app.jar existence | |
id: app_jar | |
uses: andstor/file-existence-action@v3 | |
with: | |
files: "${{ matrix.project }}/build/libs/app.jar" | |
- name: Create docker tag | |
if: steps.app_jar.outputs.files_exists == 'true' | |
run: | | |
echo "IMAGE=$DOCKER_REGISTRY/${DOCKER_IMAGE_PREFIX}${{ matrix.project }}:${{ needs.generate_vars.outputs.short_sha }}" >> $GITHUB_ENV | |
- name: Build docker image | |
if: steps.app_jar.outputs.files_exists == 'true' | |
run: docker build ${{ matrix.project }} --pull -t $IMAGE -f Dockerfile | |
- name: Push docker image | |
if: steps.app_jar.outputs.files_exists == 'true' | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login --username $GITHUB_REPOSITORY --password-stdin https://$DOCKER_REGISTRY | |
docker push $IMAGE | |
deploy: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
needs: [generate_vars, build] | |
if: needs.generate_vars.outputs.is_deploy_matrix_empty == 'false' | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJSON(needs.generate_vars.outputs.deploy_matrix) }} | |
concurrency: | |
group: deploy-prod-${{ matrix.project }} | |
steps: | |
- name: Check if docker image exists | |
run: | | |
LAYERS=$(curl -X GET https://$DOCKER_REGISTRY/${DOCKER_IMAGE_PREFIX}${{ matrix.project }}/manifests/${{ needs.generate_vars.outputs.short_sha }} -u $GITHUB_ACTOR:${{ secrets.GITHUB_TOKEN }} | jq '.layers') | |
if [ "$LAYERS" == 'null' ]; then | |
echo "IMAGE_EXISTS=false" >> $GITHUB_ENV | |
else | |
echo "IMAGE_EXISTS=true" >> $GITHUB_ENV | |
fi | |
- name: Fetch sources | |
if: env.IMAGE_EXISTS == 'true' | |
uses: actions/checkout@v4 | |
- name: Determine app configuration file | |
if: env.IMAGE_EXISTS == 'true' | |
run: | | |
CONFIG_FILE="config/${{ matrix.project }}/${{ matrix.cluster }}.yml" | |
echo "VARS=$CONFIG_FILE" >> $GITHUB_ENV # VARS-variable is used by nais/deploy/actions/deploy | |
- name: Confirm app configuration file existence | |
id: confirm_config_file | |
if: env.IMAGE_EXISTS == 'true' | |
uses: andstor/file-existence-action@v3 | |
with: | |
files: "${{ env.VARS }}" | |
- name: Deploy | |
if: env.IMAGE_EXISTS == 'true' && steps.confirm_config_file.outputs.files_exists == 'true' | |
uses: nais/deploy/actions/deploy@v2 | |
env: | |
CLUSTER: ${{ matrix.cluster }} | |
IMAGE: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_PREFIX }}${{ matrix.project }}:${{ needs.generate_vars.outputs.short_sha }} | |
RESOURCE: config/nais.yml | |
VAR: app=${{ matrix.project }} |