Puttet knapp for virksomhetsinfo i en faktisk knapp, så skjermleser f… #1838
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy lydia-radgiver-frontend | |
| on: [push] | |
| jobs: | |
| build: | |
| permissions: | |
| id-token: write | |
| name: Build, lint, test and push docker image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| registry-url: https://npm.pkg.github.com | |
| - name: Install deps server | |
| working-directory: server | |
| run: npm ci | |
| - name: Run server tests | |
| working-directory: server | |
| run: npm run test | |
| - name: Install deps client | |
| working-directory: client | |
| run: npm ci --ignore-scripts | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.READER_TOKEN }} | |
| - name: Run client tests | |
| working-directory: client | |
| run: npm run test | |
| - name: Lint and build frontend | |
| working-directory: client | |
| run: npm run build | |
| - name: Build frackend | |
| working-directory: server | |
| run: npm run build | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Build and push docker image | |
| if: ${{ github.actor != 'dependabot[bot]' }} | |
| uses: nais/docker-build-push@v0 | |
| id: docker-push | |
| with: | |
| team: pia | |
| tag: ${{ github.ref == 'refs/heads/main' && 'latest' || 'branch_latest' }} | |
| project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} | |
| identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} | |
| outputs: | |
| image: ${{ steps.docker-push.outputs.image }} | |
| deploy: | |
| permissions: | |
| id-token: write | |
| strategy: | |
| matrix: | |
| cluster: [dev, prod] | |
| name: Deploy app to ${{ matrix.cluster }} | |
| needs: build | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Deploy to ${{ matrix.cluster }} | |
| uses: nais/deploy/actions/deploy@v2 | |
| env: | |
| CLUSTER: ${{ matrix.cluster }}-gcp | |
| RESOURCE: .nais/nais.yaml | |
| VARS: .nais/${{ matrix.cluster }}.yaml | |
| VAR: image=${{ needs.build.outputs.image }} | |
| deploy-branch-to-dev: | |
| permissions: | |
| id-token: write | |
| name: Deploy app to dev | |
| needs: build | |
| if: github.ref == 'refs/heads/vis-sporreundersokelse-med-innhold' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Deploy to dev | |
| uses: nais/deploy/actions/deploy@v2 | |
| env: | |
| CLUSTER: dev-gcp | |
| RESOURCE: .nais/nais.yaml | |
| VARS: .nais/dev.yaml | |
| VAR: image=${{ needs.build.outputs.image }} | |
| trivy-scan: | |
| if: ${{ github.ref == 'refs/heads/main' && github.actor != 'dependabot[bot]' }} | |
| env: | |
| TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db | |
| name: Scanner docker image med Trivy | |
| needs: build | |
| permissions: | |
| contents: read # to write sarif | |
| security-events: write # push sarif to github security | |
| id-token: write # for nais/login | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: navikt/pia-actions/trivy-scan@v1 # https://github.com/navikt/pia-actions/tree/main/trivy-scan | |
| with: | |
| image: ${{ needs.build.outputs.image }} | |
| team: pia | |
| project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} | |
| identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} |