-
Notifications
You must be signed in to change notification settings - Fork 2
118 lines (108 loc) · 4.19 KB
/
build-content.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
name: buildContentImage
on:
workflow_dispatch:
env:
REGISTRY: ghcr.io
jobs:
get-content-file:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/cached-checkout-install
- run: npm run dumpCmsToFile
env:
STRAPI_API: "${{ secrets.STRAPI_API }}"
STRAPI_ACCESS_KEY: "${{ secrets.STRAPI_ACCESS_KEY }}"
- name: Calculate content checksum
id: checksum
run: echo "content_checksum=$(./docker.sh --contentHashFromImage)" >> $GITHUB_OUTPUT
- name: Upload content.json
uses: actions/upload-artifact@v4
with:
name: content-file
path: content.json
outputs:
content_checksum: ${{ steps.checksum.outputs.content_checksum }}
verify-local-e2e:
needs: [get-content-file]
uses: ./.github/workflows/e2e-test.yml
secrets:
GERICHTSFINDER_ENCRYPTION_KEY: ${{ secrets.GERICHTSFINDER_ENCRYPTION_KEY }}
build-push-content-image:
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
needs: [verify-local-e2e]
steps:
- uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
- uses: ./.github/actions/cached-checkout-install
- run: ./docker.sh --build content
- run: ./docker.sh --push content
deploy-preview:
needs: [build-push-content-image, get-content-file]
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: preview
steps:
- name: Report Deployment
uses: digitalservicebund/github-actions/track-deployment@34a48d29a9c4cc2fd6710b8eb37e13618a08fa88
with:
project: a2j-rechtsantragstelle
environment: preview
metrics_deployment_webhook_url: ${{ secrets.METRICS_DEPLOYMENT_WEBHOOK_URL }}
metrics_webhook_token: ${{ secrets.METRICS_WEBHOOK_TOKEN }}
- name: Deploy new preview image
uses: digitalservicebund/github-actions/argocd-deploy@a223a68bc5982e5175beb73c708d99d8f9ba7858
with:
environment: preview
version: ${{ env.IMAGE_VERSION }}-${{ needs.get-content-file.outputs.content_checksum }}
deploying_repo: a2j-rechtsantragstelle
infra_repo: a2j-rechtsantragstelle-infra
deploy_key: ${{ secrets.DEPLOY_KEY }}
app: a2j-rast-preview
argocd_pipeline_password: ${{ secrets.ARGOCD_PIPELINE_PASSWORD }}
argocd_server: ${{ secrets.ARGOCD_SERVER }}
argocd_sync_timeout: 300
verify-preview-e2e:
needs: [deploy-preview]
uses: ./.github/workflows/e2e-test.yml
secrets:
BASE_URL: a2j-preview.dev.ds4g.net
with:
USE_EXISTING_SERVER: true
deploy-production:
needs: [verify-preview-e2e, get-content-file]
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
environment: production
steps:
- name: Report Deployment
uses: digitalservicebund/github-actions/track-deployment@34a48d29a9c4cc2fd6710b8eb37e13618a08fa88
with:
project: a2j-rechtsantragstelle
environment: production
metrics_deployment_webhook_url: ${{ secrets.METRICS_DEPLOYMENT_WEBHOOK_URL }}
metrics_webhook_token: ${{ secrets.METRICS_WEBHOOK_TOKEN }}
- name: Deploy new production image
uses: digitalservicebund/github-actions/argocd-deploy@a223a68bc5982e5175beb73c708d99d8f9ba7858
with:
environment: production
version: ${{ env.IMAGE_VERSION }}-${{ needs.get-content-file.outputs.content_checksum }}
deploying_repo: a2j-rechtsantragstelle
infra_repo: a2j-rechtsantragstelle-infra
deploy_key: ${{ secrets.DEPLOY_KEY }}
app: a2j-rast-production
argocd_pipeline_password: ${{ secrets.ARGOCD_PIPELINE_PASSWORD }}
argocd_server: ${{ secrets.ARGOCD_SERVER }}
argocd_sync_timeout: 300
test-production-text:
needs: [deploy-production]
permissions:
packages: read
runs-on: ubuntu-latest
steps:
- run: curl -s "https://service.justiz.de" | grep -q "Justiz-Services"