-
Notifications
You must be signed in to change notification settings - Fork 1
86 lines (79 loc) · 2.19 KB
/
products-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: Altinn Products
on:
push:
branches:
- main
paths:
- .github/workflows/products-deploy.yml
- actions/terraform/apply/**
- actions/terraform/plan/**
- infrastructure/products/**
- products.yaml
pull_request:
branches:
- main
paths:
- .github/workflows/products-deploy.yml
- actions/terraform/apply/**
- actions/terraform/plan/**
- infrastructure/products/**
- products.yaml
workflow_dispatch:
inputs:
log_level:
required: true
description: Terraform Log Level
default: INFO
type: choice
options:
- TRACE
- DEBUG
- INFO
- WARN
- ERROR
env:
ENVIRONMENT: prod
TF_STATE_NAME: products.tfstate
TF_PROJECT: ./infrastructure/products
ARM_CLIENT_ID: ${{ vars.TF_AZURE_CLIENT_ID }}
ARM_SUBSCRIPTION_ID: d43d5057-8389-40d5-88c4-04db9275cbf2
permissions:
id-token: write
contents: write
pull-requests: write
jobs:
plan:
name: Plan
environment: reader
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Terraform Initialize
uses: altinn/altinn-platform/actions/terraform/plan@main
with:
working_directory: ${{ env.TF_PROJECT }}
oidc_type: environment
oidc_value: ${{ env.ENVIRONMENT }}
arm_client_id: ${{ env.ARM_CLIENT_ID }}
arm_subscription_id: ${{ env.ARM_SUBSCRIPTION_ID }}
tf_state_name: ${{ env.TF_STATE_NAME }}
gh_token: ${{ secrets.GITHUB_TOKEN }}
deploy:
name: Deploy
environment: prod
if: github.ref == 'refs/heads/main'
needs: plan
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Terraform Apply
uses: altinn/altinn-platform/actions/terraform/apply@main
with:
working_directory: ${{ env.TF_PROJECT }}
oidc_type: environment
oidc_value: ${{ env.ENVIRONMENT }}
arm_client_id: ${{ env.ARM_CLIENT_ID }}
arm_subscription_id: ${{ env.ARM_SUBSCRIPTION_ID }}
tf_state_name: ${{ env.TF_STATE_NAME }}