fix: or-2282 optimized github workflow #797
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD | ||
| on: | ||
| push: | ||
| branches: [ main ] | ||
| workflow_dispatch: | ||
| concurrency: CI | ||
| jobs: | ||
| set-release-version: | ||
| if: github.repository_owner == 'Informatievlaanderen' | ||
| name: Decide next version | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| version: ${{ steps.set-version.outputs.version }} | ||
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v3 | ||
| - name: Setup Node.js | ||
| uses: ./.github/actions/setup-nodejs | ||
| - name: Run Semantic Release dry-run | ||
| shell: bash | ||
| run: npx semantic-release --dry-run | ||
| env: | ||
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY }} | ||
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} | ||
| GIT_COMMIT: ${{ github.sha }} | ||
| GIT_USERNAME: ${{ secrets.VBR_GIT_USER }} | ||
| GIT_AUTHOR_NAME: ${{ secrets.VBR_GIT_USER }} | ||
| GIT_COMMITTER_NAME: ${{ secrets.VBR_GIT_USER }} | ||
| GIT_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | ||
| GIT_AUTHOR_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | ||
| GIT_COMMITTER_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | ||
| - name: Set Release Version | ||
| id: set-version | ||
| run: | | ||
| [ ! -f semver ] && echo none > semver | ||
| echo $(cat semver) | ||
| echo ::set-output name=version::$(cat semver) | ||
| echo RELEASE_VERSION=$(cat semver) >> $GITHUB_ENV | ||
| shell: bash | ||
| test: | ||
| if: github.repository_owner == 'Informatievlaanderen' | ||
| name: Test | ||
| runs-on: ubuntu-latest | ||
| needs: [ set-release-version ] | ||
| services: | ||
| sqlserver: | ||
| image: mcr.microsoft.com/mssql/server:latest | ||
| env: | ||
| ACCEPT_EULA: Y | ||
| SA_PASSWORD: E@syP@ssw0rd | ||
| MSSQL_TCP_PORT: 21433 | ||
| ports: | ||
| - 21433:21433 | ||
| acm: | ||
| image: ghcr.io/informatievlaanderen/acmidm:1.253.0 | ||
| ports: | ||
| - 5050:80 | ||
| wiremock: | ||
| image: ghcr.io/informatievlaanderen/wiremock:main | ||
| ports: | ||
| - 8080:8080 | ||
| opensearch: | ||
| image: opensearchproject/opensearch:1.1.0 | ||
| env: | ||
| discovery.type: single-node | ||
| DISABLE_SECURITY_PLUGIN: true | ||
| ports: | ||
| - 9200:9200 | ||
| - 9600:9600 | ||
| outputs: | ||
| version: ${{ steps.set-version.outputs.version }} | ||
| test: "test" | ||
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v3 | ||
| - name: Setup .NET Core | ||
| uses: ./.github/actions/setup-dotnet | ||
| - name: Parse repository name | ||
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | ||
| shell: bash | ||
| - name: Test Solution | ||
| shell: bash | ||
| run: ./build.sh Test_Solution | ||
| build-api: | ||
| name: Build api | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_Api | ||
| build-project: OrganisationRegistry.Api | ||
| image-file: api.tar | ||
| image-name: api | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-agentschapzorgengezondheidftpdump: | ||
| name: Build batch-agentschapzorgengezondheidftpdump | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_AgentschapZorgEnGezondheid | ||
| build-project: OrganisationRegistry.AgentschapZorgEnGezondheid.FtpDump | ||
| image-file: batch-agentschapzorgengezondheidftpdump.tar | ||
| image-name: batch-agentschapzorgengezondheidftpdump | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-vlaanderenbe: | ||
| name: Build batch-vlaanderenbe | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_VlaanderenBeNotifier | ||
| build-project: OrganisationRegistry.VlaanderenBeNotifier | ||
| image-file: batch-vlaanderenbe.tar | ||
| image-name: batch-vlaanderenbe | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-projections-elasticsearch: | ||
| name: Build elasticsearch projections | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_ElasticSearch | ||
| build-project: OrganisationRegistry.ElasticSearch.Projections | ||
| image-file: projections-elasticsearch.tar | ||
| image-name: projections-elasticsearch | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-projections-delegations: | ||
| name: Build delegations | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_Delegations | ||
| build-project: OrganisationRegistry.Projections.Delegations | ||
| image-file: projections-delegations.tar | ||
| image-name: projections-delegations | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-projections-reporting: | ||
| name: Build reporting | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_Reporting | ||
| build-project: OrganisationRegistry.Projections.Reporting | ||
| image-file: projections-reporting.tar | ||
| image-name: projections-reporting | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-kbo-mutations: | ||
| name: Build kbo-mutations | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_KboMutations | ||
| build-project: OrganisationRegistry.KboMutations | ||
| image-file: kbo-mutations.tar | ||
| image-name: kbo-mutations | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-rebuilder: | ||
| name: Build rebuilder | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ test, set-release-version ] | ||
| with: | ||
| build-target: Containerize_Rebuilder | ||
| build-project: OrganisationRegistry.Rebuilder | ||
| image-file: rebuilder.tar | ||
| image-name: rebuilder | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-ui: | ||
| name: Build site | ||
| uses: ./.github/workflows/build-site-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ set-release-version ] | ||
| with: | ||
| build-target: Containerize_Site | ||
| image-file: ui.tar | ||
| image-name: ui | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| build-acm-idm: | ||
| name: Build acm idm | ||
| uses: ./.github/workflows/build-image.yml | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| needs: [ set-release-version ] | ||
| with: | ||
| build-target: Containerize_AcmIdm | ||
| build-project: IdentityServer | ||
| image-file: acmidm.tar | ||
| image-name: acmidm | ||
| semver: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| release: | ||
| if: github.repository_owner == 'Informatievlaanderen' && needs.set-release-version.outputs.version != 'none' | ||
| name: Release | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build-api | ||
| - build-agentschapzorgengezondheidftpdump | ||
| - build-vlaanderenbe | ||
| - build-projections-elasticsearch | ||
| - build-projections-delegations | ||
| - build-projections-reporting | ||
| - build-kbo-mutations | ||
| - build-rebuilder | ||
| - build-ui | ||
| - set-release-version | ||
| outputs: | ||
| version: ${{ steps.set-version.outputs.version }} | ||
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v4 | ||
| - name: Setup nodejs | ||
| uses: ./.github/actions/setup-nodejs | ||
| - name: Generate Token | ||
| id: generate-token # Add an ID to this step for reference | ||
| run: node .github/generate-token.js | ||
| env: | ||
| APP_ID: ${{ secrets.MYBOT_APP_ID }} | ||
| PRIVATE_KEY: ${{ secrets.MYBOT_PRIVATE_KEY }} | ||
| - name: Delete huge unnecessary tools folder | ||
| run: rm -rf /opt/hostedtoolcache | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| token: ${{ env.installationToken }} | ||
| - name: Parse repository name | ||
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | ||
| shell: bash | ||
| - name: Install NPM dependencies | ||
| shell: bash | ||
| run: npm install --legacy-peer-deps | ||
| - name: Run Semantic Release | ||
| shell: bash | ||
| run: npx semantic-release | ||
| env: | ||
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY }} | ||
| GITHUB_TOKEN: ${{ env.installationToken }} | ||
| GIT_COMMIT: ${{ github.sha }} | ||
| GIT_USERNAME: ${{ env.installationToken }} | ||
| GIT_AUTHOR_NAME: ${{ secrets.VBR_GIT_USER }} | ||
| GIT_COMMITTER_NAME: ${{ secrets.VBR_GIT_USER }} | ||
| GIT_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | ||
| GIT_AUTHOR_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | ||
| GIT_COMMITTER_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | ||
| IGNORE_ES_TESTS: FALSE | ||
| - name: Set Release Version | ||
| id: set-version | ||
| run: | | ||
| [ ! -f semver ] && echo none > semver | ||
| echo $(cat semver) | ||
| echo ::set-output name=version::$(cat semver) | ||
| echo RELEASE_VERSION=$(cat semver) >> $GITHUB_ENV | ||
| shell: bash | ||
| - name: Debug Output | ||
| shell: bash | ||
| run: | | ||
| echo 'BEGIN VERSION' | ||
| echo ${{ steps.set-version.outputs.version }} | ||
| echo 'END VERSION' | ||
| publish_to_atlassian: | ||
| if: needs.release.outputs.version != 'none' | ||
| needs: [ release ] | ||
| name: Publish to Atlassian | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v3 | ||
| - name: Parse repository name | ||
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | ||
| shell: bash | ||
| - name: Setup Python | ||
| uses: ./.github/actions/setup-python | ||
| - name: Cache Paket | ||
| uses: ./.github/actions/cache-paket | ||
| - name: Publish to Confluence | ||
| if: needs.release.outputs.version != 'none' | ||
| shell: bash | ||
| run: ./packages/Be.Vlaanderen.Basisregisters.Build.Pipeline/Content/ci-confluence.sh | ||
| env: | ||
| CONFLUENCE_TITLE: ${{ env.REPOSITORY_NAME }} | ||
| CONFLUENCE_USERNAME: ${{ secrets.VBR_CONFLUENCE_USER }} | ||
| CONFLUENCE_PASSWORD: ${{ secrets.VBR_CONFLUENCE_PASSWORD }} | ||
| - name: Create Jira Release | ||
| if: needs.release.outputs.version != 'none' | ||
| shell: bash | ||
| run: ./packages/Be.Vlaanderen.Basisregisters.Build.Pipeline/Content/ci-jira.sh | ||
| env: | ||
| CONFLUENCE_TITLE: ${{ env.REPOSITORY_NAME }} | ||
| CONFLUENCE_USERNAME: ${{ secrets.VBR_CONFLUENCE_USER }} | ||
| CONFLUENCE_PASSWORD: ${{ secrets.VBR_CONFLUENCE_PASSWORD }} | ||
| JIRA_PREFIX: Association | ||
| JIRA_PROJECT: OR | ||
| JIRA_VERSION: ${{ needs.release.outputs.version }} | ||
| push_images_to_staging: | ||
| if: needs.release.outputs.version != 'none' | ||
| needs: [ release ] | ||
| name: Push images | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| image: [ | ||
| 'api' | ||
| 'batch-agentschapzorgengezondheidftpdump' | ||
| 'batch-vlaanderenbe' | ||
| 'projections-elasticsearch' | ||
| 'projections-delegations' | ||
| 'projections-reporting' | ||
| 'kbo-mutations' | ||
| 'ui' | ||
| ] | ||
| steps: | ||
| - name: Configure AWS credentials (Staging) | ||
| if: needs.release.outputs.version != 'none' | ||
| uses: aws-actions/configure-aws-credentials@v4.0.2 | ||
| with: | ||
| aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID }} | ||
| aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY }} | ||
| aws-region: ${{ secrets.VBR_AWS_REGION }} | ||
| - name: Login to Amazon ECR | ||
| uses: aws-actions/amazon-ecr-login@v2 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v4 | ||
| continue-on-error: false | ||
| with: | ||
| name: ${{ matrix.image }} | ||
| path: ~/ | ||
| - name: Load artifact | ||
| shell: bash | ||
| run: | | ||
| docker image load -i ~/$IMAGE.tar | ||
| env: | ||
| IMAGE: ${{ matrix.image }} | ||
| - name: Push artifacts to ECR | ||
| shell: bash | ||
| run: | | ||
| echo $IMAGE:$SEMVER | ||
| docker push $BUILD_DOCKER_REGISTRY/organisation-registry/$IMAGE:$SEMVER | ||
| env: | ||
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY }} | ||
| IMAGE: ${{ matrix.image }} | ||
| SEMVER: ${{ needs.release.outputs.version }} | ||
| WORKSPACE: ${{ github.workspace }} | ||
| push_images_to_production: | ||
| if: needs.release.outputs.version != 'none' | ||
| needs: [ release ] | ||
| name: Push images | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| image: [ | ||
| 'api' | ||
| 'batch-agentschapzorgengezondheidftpdump' | ||
| 'batch-vlaanderenbe' | ||
| 'projections-elasticsearch' | ||
| 'projections-delegations' | ||
| 'projections-reporting' | ||
| 'kbo-mutations' | ||
| 'ui' | ||
| ] | ||
| steps: | ||
| - name: Configure AWS credentials (Production) | ||
| if: needs.release.outputs.version != 'none' | ||
| uses: aws-actions/configure-aws-credentials@v4.0.2 | ||
| with: | ||
| aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_PRD }} | ||
| aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_PRD }} | ||
| aws-region: ${{ secrets.VBR_AWS_REGION_PRD }} | ||
| - name: Login to Amazon ECR | ||
| uses: aws-actions/amazon-ecr-login@v2 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v4 | ||
| continue-on-error: false | ||
| with: | ||
| name: ${{ matrix.image }} | ||
| path: ~/ | ||
| - name: Load artifact | ||
| shell: bash | ||
| run: | | ||
| docker image load -i ~/$IMAGE.tar | ||
| env: | ||
| IMAGE: ${{ matrix.image }} | ||
| - name: Push artifacts to ECR | ||
| shell: bash | ||
| run: | | ||
| echo $IMAGE:$SEMVER | ||
| docker push $BUILD_DOCKER_REGISTRY/organisation-registry/$IMAGE:$SEMVER | ||
| env: | ||
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY_PRD }} | ||
| IMAGE: ${{ matrix.image }} | ||
| SEMVER: ${{ needs.release.outputs.version }} | ||
| WORKSPACE: ${{ github.workspace }} | ||
| push_images_to_devops: | ||
| if: needs.release.outputs.version != 'none' | ||
| needs: [ release ] | ||
| name: Push images | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| image: [ | ||
| 'api' | ||
| 'batch-agentschapzorgengezondheidftpdump' | ||
| 'batch-vlaanderenbe' | ||
| 'projections-elasticsearch' | ||
| 'projections-delegations' | ||
| 'projections-reporting' | ||
| 'kbo-mutations' | ||
| 'ui' | ||
| ] | ||
| steps: | ||
| - name: Configure AWS credentials (DevOps) | ||
| uses: aws-actions/configure-aws-credentials@v4.0.2 | ||
| with: | ||
| aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_DEVOPS }} | ||
| aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_DEVOPS }} | ||
| aws-region: ${{ secrets.VBR_AWS_REGION_PRD }} | ||
| - name: Login to Amazon ECR | ||
| uses: aws-actions/amazon-ecr-login@v2 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v4 | ||
| continue-on-error: false | ||
| with: | ||
| name: ${{ matrix.image }} | ||
| path: ~/ | ||
| - name: Load artifact | ||
| shell: bash | ||
| run: | | ||
| docker image load -i ~/$IMAGE.tar | ||
| env: | ||
| IMAGE: ${{ matrix.image }} | ||
| - name: Push artifacts to ECR | ||
| shell: bash | ||
| run: | | ||
| echo $IMAGE:$SEMVER | ||
| docker push $BUILD_DOCKER_REGISTRY/organisation-registry/$IMAGE:$SEMVER | ||
| env: | ||
| BUILD_DOCKER_REGISTRY: ${{ secrets.VBR_DEVOPS_DOCKER_REGISTRY }} | ||
| IMAGE: ${{ matrix.image }} | ||
| SEMVER: ${{ needs.release.outputs.version }} | ||
| WORKSPACE: ${{ github.workspace }} | ||
| deploy_staging: | ||
| name: Deploy to Staging | ||
| uses: ./.github/workflows/staging-manual.yml | ||
| needs: | ||
| - set-release-version | ||
| - release | ||
| - push_images_to_staging | ||
| with: | ||
| version: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| deploy_staging_new: | ||
| name: Deploy to Staging NEW | ||
| uses: ./.github/workflows/staging-new-manual.yml | ||
| needs: | ||
| - set-release-version | ||
| - release | ||
| - push_images_to_devops | ||
| with: | ||
| version: ${{ needs.set-release-version.outputs.version }} | ||
| secrets: inherit | ||
| # - name: Publish to NuGet | ||
| # shell: bash | ||
| # run: | | ||
| # node packages/Be.Vlaanderen.Basisregisters.Build.Pipeline/Content/ci-nuget.js dist/nuget/$LIBNAME.Api.$SEMVER.nupkg | ||
| # env: | ||
| # LIBNAME: Be.Vlaanderen.Basisregisters.OrganisationRegistry | ||
| # SEMVER: ${{ needs.release.outputs.version }} | ||
| # NUGET_HOST: ${{ secrets.NUGET_HOST }} | ||
| # NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} | ||
