Gitt at et journalpost ble journalført før vi lagret json, så må man … #598
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy-Prod | |
on: | |
push: | |
branches: | |
- 'main' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref_name }} | |
cancel-in-progress: true | |
permissions: | |
contents: "read" | |
id-token: "write" | |
jobs: | |
build: | |
name: Bygg og test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Sjekk at tag ligger på main | |
run: | | |
commit=$(git rev-parse --short HEAD) | |
if ! [[ $(git branch -r --contains "$commit" | grep -E '(^|\s)origin/main') ]]; then exit 1; fi | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: 'temurin' | |
cache: 'maven' | |
- name: Bygg med maven | |
env: | |
GITHUB_USERNAME: x-access-token | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: mvn -B --no-transfer-progress package --settings .m2/maven-settings.xml --file pom.xml | |
- uses: nais/docker-build-push@v0 | |
id: docker-push | |
with: | |
team: teamfamilie | |
tag: latest | |
project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} | |
identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} | |
byosbom: target/classes/META-INF/sbom/application.cdx.json | |
- name: Skriv ut docker-taggen | |
run: echo 'Docker-tag er ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} ' >> $GITHUB_STEP_SUMMARY | |
outputs: | |
image: ${{ steps.docker-push.outputs.image }} | |
deploy-prod: | |
name: Deploy til prod-fss | |
needs: build | |
runs-on: ubuntu-latest | |
permissions: | |
contents: "read" | |
id-token: "write" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Deploy til prod-fss team namespace | |
uses: nais/deploy/actions/deploy@v2 | |
env: | |
APIKEY: ${{ secrets.DEPLOY_APIKEY }} | |
CLUSTER: prod-fss | |
RESOURCE: app-prod.teamfamilie.yaml | |
VAR: image=${{ needs.build.outputs.image }} | |
deploy-preprod: | |
name: Deploy til prod-fss | |
needs: build | |
runs-on: ubuntu-latest | |
permissions: | |
contents: "read" | |
id-token: "write" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Deploy til dev-fss team namespace | |
uses: nais/deploy/actions/deploy@v2 | |
env: | |
APIKEY: ${{ secrets.DEPLOY_APIKEY }} | |
CLUSTER: dev-fss | |
RESOURCE: app-preprod.teamfamilie.yaml | |
VAR: image=${{ needs.build.outputs.image }} | |
loggfeil: | |
name: Send logg til slack ved feil | |
runs-on: ubuntu-latest | |
needs: [ deploy-prod ] | |
if: failure() | |
steps: | |
- name: Send logg til slack ved feil | |
run: | | |
curl -X POST --data "{\"text\": \"Deploy av $GITHUB_REPOSITORY feilet - $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID\"}" $WEBHOOK_URL | |
env: | |
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} |