feat: Secure Sourcing related backend APIs (#22) #23

Workflow file for this run

	name: Deploy
	permissions: write-all
	on:
	push:
	branches: [main]
	release:
	types: [published]

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: false

	defaults:
	run:
	shell: bash -el {0}

	env:
	TF_VAR_GITHUB_TOKEN: ${{ secrets.MINING_GITHUB_TOKEN }}
	TF_VAR_ANALYTICS_BASE_URL: ${{ github.event_name == 'release' && vars.PROD_ANALYTICS_BASE_URL \|\| vars.STAGING_ANALYTICS_BASE_URL}}

	# Analytics and Sourcing Auth Flow
	TF_VAR_PARMA_SHARED_SECRET_KEY: ${{ github.event_name == 'release' && secrets.PROD_PARMA_SHARED_SECRET_KEY \|\| secrets.STAGING_PARMA_SHARED_SECRET_KEY}}

	jobs:
	deploy:
	name: Deploy - ${{ matrix.DEPLOYMENT_ENV }}
	runs-on: ubuntu-latest
	timeout-minutes: 40
	strategy:
	matrix:
	DEPLOYMENT_ENV:
	["${{ github.event_name == 'release' && 'prod' \|\| 'staging' }}"]
	defaults:
	run:
	working-directory: ./terraform/${{ matrix.DEPLOYMENT_ENV }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- name: Configure gcloud CLI
	uses: google-github-actions/setup-gcloud@5a5f7b85fca43e76e53463acaa9d408a03c98d3a
	with:
	version: "416.0.0"
	service_account_email: ${{ secrets.GCP_SA_EMAIL }}
	service_account_key: ${{ secrets.GCP_SA_KEY }}
	export_default_credentials: true
	- name: Test gcloud cli
	run: gcloud auth list --filter=status:ACTIVE --format="value(account)"
	- name: Terraform setup
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.5.3
	- name: Store credentials file
	run: \|
	mkdir -p ./../.secrets/
	echo -n "$KEYSTORE" > ./../.secrets/la-famiglia-parma-ai.json
	env:
	KEYSTORE: ${{ secrets.GCP_SA_KEY }}
	- name: Activate service account
	run: gcloud auth activate-service-account --key-file=./../.secrets/la-famiglia-parma-ai.json
	- name: Authenticate with GCR
	run: gcloud auth configure-docker europe-west1-docker.pkg.dev
	- name: Terraform init
	run: terraform init
	- name: Terraform plan
	run: terraform plan
	- name: Terraform apply
	run: terraform apply -auto-approve

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Secure Sourcing related backend APIs (#22) #23

Workflow file

feat: Secure Sourcing related backend APIs (#22) #23

Jobs

Run details

Workflow file for this run