Skip to content
Build and deploy backend to SKIP

Revert "Chore/remove env file" #97

Sign in to view logs

Revert "Chore/remove env file"

Revert "Chore/remove env file" #97

Workflow file for this run

.github/workflows/build-deploy.yml at 357f936
name: Build and deploy backend to SKIP
on:
workflow_dispatch:
pull_request:
branches:
- main
paths-ignore:
- docker-compose.yaml
- README**
push:
paths-ignore:
- docker-compose.yaml
- README**
branches:
- main
permissions:
id-token: write
contents: write
env:
REGISTRY: ghcr.io
ARGO_VERSION_FILE: image-url-crypto-service
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
name: Build and push docker image
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
outputs:
image_url: ${{ steps.setOutput.outputs.image_url }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
architecture: 'x64'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Generate and submit dependency graph
uses: gradle/actions/dependency-submission@v3
- name: Execute Gradle build
run: ./gradlew build
- name: Set tag
id: set-tag
env:
BRANCH: ${{ github.ref_name }}
run: |
if [[ "$BRANCH" == "main" || "$BRANCH" == "master" ]]; then
echo "image_tag=latest" >> $GITHUB_OUTPUT
else
echo "image_tag=prebuild-temp" >> $GITHUB_OUTPUT
fi
- name: Login to Github Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=sha,format=long
type=raw,value=${{ steps.set-tag.outputs.image_tag }}
- name: Build docker and push
id: build-docker
uses: docker/build-push-action@v5
with:
context: .
push: ${{ !github.event.pull_request.draft }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Set output with build values
id: setOutput
run: |
echo "image_url=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-docker.outputs.digest }}" >> $GITHUB_OUTPUT
pharos:
name: Run Pharos on docker image
needs: build
permissions:
actions: read
packages: read
contents: read
security-events: write
runs-on: ubuntu-latest
steps:
- name: "Run Pharos"
uses: kartverket/pharos@v0.1.5
with:
image_url: ${{ needs.build.outputs.image_url }}
sandbox-deploy-argo:
name: Deploy to sandbox
if: github.ref == 'refs/heads/main'
needs: build
runs-on: ubuntu-latest
environment:
name: sandbox
permissions:
id-token: write
steps:
- uses: octo-sts/action@6177b4481c00308b3839969c3eca88c96a91775f # v1.0.0
id: octo-sts
with:
scope: kartverket/skvis-apps
identity: crypto-service
- name: Checkout skvis-apps
uses: actions/checkout@v4
with:
repository: kartverket/skvis-apps
ref: main
token: ${{ steps.octo-sts.outputs.token }}
- name: Update version
run: |
echo "\"${{ needs.build.outputs.image_url }}\"" > "env/atgcp1-sandbox/ros-plugin-main/${{ env.ARGO_VERSION_FILE }}"
git config --global user.email "noreply@kartverket.no"
git config --global user.name "Backstage Plugin Risk Scorecard Backend CI"
git commit -am "Update ros-backend ${{ env.ARGO_VERSION_FILE }}"
git push
prod-deploy-argo:
name: Deploy to prod
if: github.ref == 'refs/heads/main'
needs: [build, sandbox-deploy-argo]
runs-on: ubuntu-latest
environment:
name: prod
permissions:
id-token: write
steps:
- uses: octo-sts/action@6177b4481c00308b3839969c3eca88c96a91775f # v1.0.0
id: octo-sts
with:
scope: kartverket/skvis-apps
identity: crypto-service
- name: Checkout skvis-apps
uses: actions/checkout@v4
with:
repository: kartverket/skvis-apps
ref: main
token: ${{ steps.octo-sts.outputs.token }}
- name: Update version
run: |
echo "\"${{ needs.build.outputs.image_url }}\"" > "env/atgcp1-prod/ros-plugin-main/${{ env.ARGO_VERSION_FILE }}"
git config --global user.email "noreply@kartverket.no"
git config --global user.name "Backstage Plugin Risk Scorecard Backend CI"
git commit -am "Update ros-backend ${{ env.ARGO_VERSION_FILE }}"
git push