oppdater til ny kontrakt for altinntilganger #868

Workflow file for this run

	name: Test, bygg, deploy
	on:
	push:
	workflow_dispatch:
	schedule:
	- cron: '0 6 * * 1' # bygg nytt image hver mandag morgen


	jobs:
	build:
	name: Bygg
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write
	packages: write

	steps:
	- uses: actions/checkout@v4

	- uses: actions/setup-node@v4
	with:
	node-version: '22'
	registry-url: https://npm.pkg.github.com/
	cache: 'npm'

	- run: npm ci --omit=dev --omit=optional
	env:
	NODE_AUTH_TOKEN: ${{ secrets.READER_TOKEN }}
	working-directory: ./server

	- run: npm ci
	env:
	NODE_AUTH_TOKEN: ${{ secrets.READER_TOKEN }}
	- run: npm run test
	- run: npm run lint
	- run: npm run build

	- run: npx @cyclonedx/cyclonedx-npm --package-lock-only --ignore-npm-errors --output-file sbom1.json
	- run: npx @cyclonedx/cyclonedx-npm --package-lock-only --omit dev --ignore-npm-errors --output-file sbom2.json server/package.json
	- run: jq -s '.[0] * .[1]' sbom1.json sbom2.json > sbom.merged.json

	- uses: actions/upload-artifact@v4
	with:
	name: ${{ github.sha }}.bom.json
	path: sbom.merged.json

	- uses: nais/docker-build-push@v0
	id: gar-push
	with:
	team: fager
	salsa: false
	tag: ${{ github.sha }}
	project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}
	identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}

	- id: upload
	uses: nais/deploy/actions/cdn-upload/v2@master
	with:
	team: fager
	source: ./build/
	destination: '/min-side-arbeidsgiver'
	identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
	project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}

	outputs:
	image: ${{ steps.gar-push.outputs.image }}
	digest: ${{ steps.gar-push.outputs.digest }}

	salsa:
	name: attest and sign image
	needs: [ build ]
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	steps:
	- uses: nais/login@v0
	id: login
	with:
	project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}
	identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
	team: fager

	- uses: actions/download-artifact@v4
	with:
	name: ${{ github.sha }}.bom.json
	path: ./

	- uses: nais/attest-sign@v1
	with:
	image_ref: ${{ needs.build.outputs.image }}@${{ needs.build.outputs.digest }}
	sbom: sbom.merged.json

	deploy-dev-gcp:
	needs: [ build ]
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@v4
	- name: Deploy til dev-gcp
	uses: nais/deploy/actions/deploy@v2
	env:
	CLUSTER: dev-gcp
	RESOURCE: nais/dev-gcp.yaml
	PRINT_PAYLOAD: true
	VAR: commit=${{ github.sha }},image=${{ needs.build.outputs.image }}

	deploy-prod-gcp:
	needs: [ build ]
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@v4
	- name: Deploy til prod-gcp
	uses: nais/deploy/actions/deploy@v2
	env:
	CLUSTER: prod-gcp
	RESOURCE: nais/prod-gcp.yaml
	PRINT_PAYLOAD: true
	VAR: commit=${{ github.sha }},image=${{ needs.build.outputs.image }}

	deploy-prodlik-demo-gcp:
	needs: [ build ]
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@v4
	- name: Deploy prodlik demo til dev-gcp
	uses: nais/deploy/actions/deploy@v2
	env:
	CLUSTER: dev-gcp
	RESOURCE: nais/demo-prodlik.yaml
	PRINT_PAYLOAD: true
	VAR: commit=${{ github.sha }},image=${{ needs.build.outputs.image }}

	deploy-devlik-demo-gcp:
	needs: [ build ]
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	permissions:
	id-token: write
	steps:
	- uses: actions/checkout@v4
	- name: Deploy dev-lik demo til dev-gcp
	uses: nais/deploy/actions/deploy@v2
	env:
	CLUSTER: dev-gcp
	RESOURCE: nais/demo-devlik.yaml
	PRINT_PAYLOAD: true
	VAR: commit=${{ github.sha }},image=${{ needs.build.outputs.image }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

oppdater til ny kontrakt for altinntilganger #868

Workflow file

oppdater til ny kontrakt for altinntilganger #868

Jobs

Run details

Workflow file for this run