From 5ef3fa7ea1621779439f9d4d706281526c985fed Mon Sep 17 00:00:00 2001 From: Thomas Johansen Date: Wed, 14 Aug 2024 14:44:21 +0200 Subject: [PATCH] Tweaket alle github workflows --- ...i-start-stopp.yml => api-start-stopp.yaml} | 76 ++++++++++++------- .github/workflows/hendelselogg-backup.yaml | 48 ++++++++---- .github/workflows/hendelseprosessor.yaml | 51 +++++++++---- .github/workflows/kafka-key-generator.yaml | 31 ++++---- .../utgang-formidlingsgruppe-deploy.yaml | 45 +++++++---- .github/workflows/utgang-pdl-deploy.yaml | 47 ++++++++---- 6 files changed, 198 insertions(+), 100 deletions(-) rename .github/workflows/{api-start-stopp.yml => api-start-stopp.yaml} (57%) diff --git a/.github/workflows/api-start-stopp.yml b/.github/workflows/api-start-stopp.yaml similarity index 57% rename from .github/workflows/api-start-stopp.yml rename to .github/workflows/api-start-stopp.yaml index 9e1dc2b6..88a23cee 100644 --- a/.github/workflows/api-start-stopp.yml +++ b/.github/workflows/api-start-stopp.yaml @@ -1,34 +1,44 @@ name: Api Start stopp + on: - push: - paths: - - 'apps/api-start-stopp-perioder/**' - - 'domain/**' - - 'lib/**' - - '.github/workflows/api-start-stopp.yml' - - 'gradle/**' - - 'settings.gradle.kts' - - 'gradle.properties' - - 'gradlew' + push: + branches: + - main + - dev/* + paths: + - 'apps/api-start-stopp-perioder/**' + - 'lib/**' + - 'domain/**' + - '.github/workflows/api-start-stopp.yaml' + - 'gradle/**' + - 'settings.gradle.kts' + - 'gradle.properties' + - 'gradlew' + - 'gradlew.bat' env: IMAGE: europe-north1-docker.pkg.dev/${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}/paw/paw-arbeidssokerregisteret-api-inngang jobs: build: - name: Build - API Start Stopp - runs-on: ubuntu-latest + name: Build permissions: contents: read id-token: write + packages: write + runs-on: ubuntu-latest outputs: image: ${{ steps.docker-build-push.outputs.image }} steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Java + uses: actions/setup-java@v4 with: java-version: 21 distribution: temurin cache: gradle + - name: Set module + run: echo "MODULE=api-start-stopp-perioder" >> $GITHUB_ENV - name: Set version run: echo "VERSION=$(date +'%y.%m.%d').${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV - name: Login GAR @@ -42,40 +52,52 @@ jobs: working-directory: ./ run: | echo "image=${{ env.IMAGE }}:${{ env.VERSION }}" >> $GITHUB_OUTPUT - ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:api-start-stopp-perioder:test :apps:api-start-stopp-perioder:jib - echo "DIGEST=$(cat apps/api-start-stopp-perioder/build/jib-image.digest)" >> $GITHUB_ENV + echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + echo "DIGEST=$(cat apps/${{ env.MODULE }}/build/jib-image.digest)" >> $GITHUB_ENV env: ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} - - name: Attest and sign + - name: Attest and sign image uses: nais/attest-sign@v1.3.4 with: image_ref: ${{ env.IMAGE }}@${{ env.DIGEST }} + deploy-dev: - name: Deploy to dev-gcp - API Start Stopp - needs: build - runs-on: ubuntu-latest + if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/dev') + name: Deploy to dev-gcp + needs: + - build permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v4 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: CLUSTER: dev-gcp RESOURCE: apps/api-start-stopp-perioder/nais/nais-dev.yaml VAR: image=${{ needs.build.outputs.image }} + deploy-prod: if: github.ref == 'refs/heads/main' - name: Deploy to prod-gcp - API Start Stopp - needs: [build, deploy-dev] - runs-on: ubuntu-latest + name: Deploy to prod-gcp + needs: + - build + - deploy-dev permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v4 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: + TEAM: paw CLUSTER: prod-gcp RESOURCE: apps/api-start-stopp-perioder/nais/nais-prod.yaml VAR: image=${{ needs.build.outputs.image }} diff --git a/.github/workflows/hendelselogg-backup.yaml b/.github/workflows/hendelselogg-backup.yaml index 362f503a..b712fa21 100644 --- a/.github/workflows/hendelselogg-backup.yaml +++ b/.github/workflows/hendelselogg-backup.yaml @@ -2,6 +2,9 @@ name: Hendelselogg-backup on: push: + branches: + - main + - dev/* paths: - 'apps/hendelselogg-backup/**' - 'lib/**' @@ -11,25 +14,31 @@ on: - 'settings.gradle.kts' - 'gradle.properties' - 'gradlew' + - 'gradlew.bat' + env: IMAGE: europe-north1-docker.pkg.dev/${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}/paw/paw-arbeidssoekerregisteret-hendelselogg-backup jobs: build: - name: Build and push Docker container - runs-on: ubuntu-latest + name: Build permissions: contents: read id-token: write packages: write + runs-on: ubuntu-latest outputs: image: ${{ steps.docker-build-push.outputs.image }} steps: - - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Java + uses: actions/setup-java@v3 with: java-version: 21 distribution: temurin cache: gradle + - name: Set module + run: echo "MODULE=hendelselogg-backup" >> $GITHUB_ENV - name: Set version run: echo "VERSION=$(date +'%y.%m.%d').${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV - name: Login GAR @@ -43,25 +52,30 @@ jobs: working-directory: ./ run: | echo "image=${{ env.IMAGE }}:${{ env.VERSION }}" >> $GITHUB_OUTPUT - ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:hendelselogg-backup:build :apps:hendelselogg-backup:jib - echo "DIGEST=$(cat apps/hendelselogg-backup/build/jib-image.digest)" >> $GITHUB_ENV + echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + echo "DIGEST=$(cat apps/${{ env.MODULE }}/build/jib-image.digest)" >> $GITHUB_ENV env: ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} - - name: Attest and sign + - name: Attest and sign image uses: nais/attest-sign@v1.3.4 with: image_ref: ${{ env.IMAGE }}@${{ env.DIGEST }} deploy-dev: + if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/dev') name: Deploy to dev-gcp - needs: build - runs-on: ubuntu-latest + needs: + - build permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v3 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: CLUSTER: dev-gcp RESOURCE: apps/hendelselogg-backup/nais/nais-dev.yaml @@ -70,14 +84,18 @@ jobs: deploy-prod: if: github.ref == 'refs/heads/main' name: Deploy to prod-gcp - needs: [build, deploy-dev] - runs-on: ubuntu-latest + needs: + - build + - deploy-dev permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v3 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: TEAM: paw CLUSTER: prod-gcp diff --git a/.github/workflows/hendelseprosessor.yaml b/.github/workflows/hendelseprosessor.yaml index 922d1512..8e2fe329 100644 --- a/.github/workflows/hendelseprosessor.yaml +++ b/.github/workflows/hendelseprosessor.yaml @@ -2,6 +2,9 @@ name: Hendelseprosessor on: push: + branches: + - main + - dev/* paths: - 'apps/hendelseprosessor/**' - 'lib/**' @@ -11,25 +14,31 @@ on: - 'settings.gradle.kts' - 'gradle.properties' - 'gradlew' + - 'gradlew.bat' + env: IMAGE: europe-north1-docker.pkg.dev/${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}/paw/paw-arbeidssokerregisteret-event-prosessor jobs: build: - name: Build and push Docker container - runs-on: ubuntu-latest + name: Build permissions: contents: read id-token: write packages: write + runs-on: ubuntu-latest outputs: image: ${{ steps.docker-build-push.outputs.image }} steps: - - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Java + uses: actions/setup-java@v3 with: java-version: 21 distribution: temurin cache: gradle + - name: Set module + run: echo "MODULE=hendelseprosessor" >> $GITHUB_ENV - name: Set version run: echo "VERSION=$(date +'%y.%m.%d').${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV - name: Login GAR @@ -43,24 +52,30 @@ jobs: working-directory: ./ run: | echo "image=${{ env.IMAGE }}:${{ env.VERSION }}" >> $GITHUB_OUTPUT - ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:hendelseprosessor:build :apps:hendelseprosessor:jib - echo "DIGEST=$(cat apps/hendelseprosessor/build/jib-image.digest)" >> $GITHUB_ENV + echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + echo "DIGEST=$(cat apps/${{ env.MODULE }}/build/jib-image.digest)" >> $GITHUB_ENV env: ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} - - name: Attest and sign + - name: Attest and sign image uses: nais/attest-sign@v1.3.4 with: image_ref: ${{ env.IMAGE }}@${{ env.DIGEST }} + deploy-dev: + if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/dev') name: Deploy to dev-gcp - needs: build - runs-on: ubuntu-latest + needs: + - build permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v3 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: CLUSTER: dev-gcp RESOURCE: apps/hendelseprosessor/nais/nais-dev.yaml @@ -69,16 +84,20 @@ jobs: deploy-prod: if: github.ref == 'refs/heads/main' name: Deploy to prod-gcp - needs: [build, deploy-dev] - runs-on: ubuntu-latest + needs: + - build + - deploy-dev permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v3 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: TEAM: paw CLUSTER: prod-gcp RESOURCE: apps/hendelseprosessor/nais/nais-prod.yaml - VAR: image=${{ needs.build.outputs.image }},kafka=nav-prod \ No newline at end of file + VAR: image=${{ needs.build.outputs.image }},kafka=nav-prod diff --git a/.github/workflows/kafka-key-generator.yaml b/.github/workflows/kafka-key-generator.yaml index 68f5dad9..6e35fdf7 100644 --- a/.github/workflows/kafka-key-generator.yaml +++ b/.github/workflows/kafka-key-generator.yaml @@ -1,7 +1,10 @@ -name: PAW Kafka Key Generator +name: Kafka Key Generator on: push: + branches: + - main + - dev/* paths: - 'apps/kafka-key-generator/**' - 'lib/**' @@ -17,11 +20,12 @@ env: IMAGE: europe-north1-docker.pkg.dev/${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}/paw/paw-kafka-key-generator jobs: build: - name: Build and push Docker container - runs-on: ubuntu-latest + name: Build permissions: contents: read id-token: write + packages: write + runs-on: ubuntu-latest outputs: image: ${{ steps.docker-build-push.outputs.image }} steps: @@ -33,9 +37,9 @@ jobs: java-version: 21 distribution: temurin cache: gradle - - name: Specify module - run: echo "MODULE=:apps:kafka-key-generator" >> $GITHUB_ENV - - name: Specify version + - name: Set module + run: echo "MODULE=kafka-key-generator" >> $GITHUB_ENV + - name: Set version run: echo "VERSION=$(date +'%y.%m.%d').${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV - name: Login GAR uses: nais/login@v0 @@ -48,9 +52,9 @@ jobs: working-directory: ./ run: | echo "image=${{ env.IMAGE }}:${{ env.VERSION }}" >> $GITHUB_OUTPUT - echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} ${{ env.MODULE }}:build ${{ env.MODULE }}:test ${{ env.MODULE }}:jib - ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} ${{ env.MODULE }}:build ${{ env.MODULE }}:test ${{ env.MODULE }}:jib - echo "DIGEST=$(cat app/build/jib-image.digest)" >> $GITHUB_ENV + echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + echo "DIGEST=$(cat apps/${{ env.MODULE }}/build/jib-image.digest)" >> $GITHUB_ENV env: ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} - name: Attest and sign image @@ -63,10 +67,10 @@ jobs: name: Deploy to dev-gcp needs: - build - runs-on: ubuntu-latest permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 @@ -74,7 +78,7 @@ jobs: uses: nais/deploy/actions/deploy@v2 env: CLUSTER: dev-gcp - RESOURCE: nais/nais-dev.yaml + RESOURCE: apps/kafka-key-generator/nais/nais-dev.yaml VAR: image=${{ needs.build.outputs.image }} deploy-prod: @@ -83,16 +87,17 @@ jobs: needs: - build - deploy-dev - runs-on: ubuntu-latest permissions: contents: read id-token: write + runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - name: Deploy to GCP uses: nais/deploy/actions/deploy@v2 env: + TEAM: paw CLUSTER: prod-gcp - RESOURCE: nais/nais-prod.yaml + RESOURCE: apps/kafka-key-generator/nais/nais-prod.yaml VAR: image=${{ needs.build.outputs.image }} diff --git a/.github/workflows/utgang-formidlingsgruppe-deploy.yaml b/.github/workflows/utgang-formidlingsgruppe-deploy.yaml index 5156f901..845b0e1c 100644 --- a/.github/workflows/utgang-formidlingsgruppe-deploy.yaml +++ b/.github/workflows/utgang-formidlingsgruppe-deploy.yaml @@ -2,6 +2,9 @@ name: Formidlingsgruppe - Utgang on: push: + branches: + - main + - dev/* paths: - 'apps/utgang-formidlingsgruppe/**' - 'lib/**' @@ -11,27 +14,30 @@ on: - 'settings.gradle.kts' - 'gradle.properties' - 'gradlew' + - 'gradlew.bat' env: IMAGE: europe-north1-docker.pkg.dev/${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}/paw/paw-arbeidssoekerregisteret-utgang-formidlingsgruppe jobs: build: - name: Build and push Docker container - runs-on: ubuntu-latest + name: Build permissions: contents: read id-token: write packages: write + runs-on: ubuntu-latest outputs: image: ${{ steps.docker-build-push.outputs.image }} steps: - - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 + - name: Checkout + uses: actions/checkout@v3 + - name: Setup Java + uses: actions/setup-java@v3 with: java-version: 21 distribution: temurin cache: gradle - - name: set module to build + - name: Set module run: echo "MODULE=utgang-formidlingsgruppe" >> $GITHUB_ENV - name: Set version run: echo "VERSION=$(date +'%y.%m.%d').${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV @@ -46,41 +52,52 @@ jobs: working-directory: ./ run: | echo "image=${{ env.IMAGE }}:${{ env.VERSION }}" >> $GITHUB_OUTPUT - echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:test :apps:${{ env.MODULE }}:jib - ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:test :apps:${{ env.MODULE }}:jib + echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib echo "DIGEST=$(cat apps/${{ env.MODULE }}/build/jib-image.digest)" >> $GITHUB_ENV env: ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} - - name: Attest and sign + - name: Attest and sign image uses: nais/attest-sign@v1.3.4 with: image_ref: ${{ env.IMAGE }}@${{ env.DIGEST }} + deploy-dev: + if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/dev') name: Deploy to dev-gcp + needs: + - build permissions: contents: read id-token: write - needs: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v3 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: CLUSTER: dev-gcp RESOURCE: apps/utgang-formidlingsgruppe/nais/nais-dev.yaml VAR: image=${{ needs.build.outputs.image }},kafka=nav-dev + deploy-prod: if: github.ref == 'refs/heads/main' name: Deploy to prod-gcp + needs: + - build + - deploy-dev permissions: contents: read id-token: write - needs: [deploy-dev,build] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v3 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: + TEAM: paw CLUSTER: prod-gcp RESOURCE: apps/utgang-formidlingsgruppe/nais/nais-prod.yaml VAR: image=${{ needs.build.outputs.image }},kafka=nav-prod diff --git a/.github/workflows/utgang-pdl-deploy.yaml b/.github/workflows/utgang-pdl-deploy.yaml index bbb245da..190ab06b 100644 --- a/.github/workflows/utgang-pdl-deploy.yaml +++ b/.github/workflows/utgang-pdl-deploy.yaml @@ -2,6 +2,9 @@ name: PDL - Utgang on: push: + branches: + - main + - dev/* paths: - 'apps/utgang-pdl/**' - '.github/workflows/utgang-pdl-deploy.yaml' @@ -11,27 +14,30 @@ on: - 'settings.gradle.kts' - 'gradle.properties' - 'gradlew' + - 'gradlew.bat' env: IMAGE: europe-north1-docker.pkg.dev/${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}/paw/paw-arbeidssoekerregisteret-utgang-pdl jobs: build: - name: Build and push Docker container - runs-on: ubuntu-latest + name: Build permissions: contents: read id-token: write packages: write + runs-on: ubuntu-latest outputs: image: ${{ steps.docker-build-push.outputs.image }} steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Java + uses: actions/setup-java@v4 with: java-version: 21 distribution: temurin cache: gradle - - name: set module to build + - name: Set module run: echo "MODULE=utgang-pdl" >> $GITHUB_ENV - name: Set version run: echo "VERSION=$(date +'%y.%m.%d').${{ github.run_number }}-${{ github.run_attempt }}" >> $GITHUB_ENV @@ -46,41 +52,52 @@ jobs: working-directory: ./ run: | echo "image=${{ env.IMAGE }}:${{ env.VERSION }}" >> $GITHUB_OUTPUT - echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:test :apps:${{ env.MODULE }}:jib - ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:test :apps:${{ env.MODULE }}:jib + echo -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib + ./gradlew -Pversion=${{ env.VERSION }} -Pimage=${{ env.IMAGE }} :apps:${{ env.MODULE }}:build :apps:${{ env.MODULE }}:jib echo "DIGEST=$(cat apps/${{ env.MODULE }}/build/jib-image.digest)" >> $GITHUB_ENV env: ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.GITHUB_TOKEN }} - - name: Attest and sign + - name: Attest and sign image uses: nais/attest-sign@v1.3.4 with: image_ref: ${{ env.IMAGE }}@${{ env.DIGEST }} + deploy-dev: + if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/dev') name: Deploy to dev-gcp + needs: + - build permissions: contents: read id-token: write - needs: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v4 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: CLUSTER: dev-gcp RESOURCE: apps/utgang-pdl/nais/nais-dev.yaml VAR: image=${{ needs.build.outputs.image }},kafka=nav-dev + deploy-prod: if: github.ref == 'refs/heads/main' name: Deploy to prod-gcp + needs: + - build + - deploy-dev permissions: contents: read id-token: write - needs: [ deploy-dev, build ] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: nais/deploy/actions/deploy@v2 + - name: Checkout + uses: actions/checkout@v4 + - name: Deploy to GCP + uses: nais/deploy/actions/deploy@v2 env: + TEAM: paw CLUSTER: prod-gcp RESOURCE: apps/utgang-pdl/nais/nais-prod.yaml - VAR: image=${{ needs.build.outputs.image }},kafka=nav-prod \ No newline at end of file + VAR: image=${{ needs.build.outputs.image }},kafka=nav-prod