Test, bygg, deploy #887
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test, bygg, deploy | |
on: | |
push: | |
workflow_dispatch: | |
schedule: | |
- cron: '0 6 * * 1' | |
jobs: | |
bygg: | |
name: Bygg | |
runs-on: ubuntu-latest | |
permissions: | |
contents: "read" | |
id-token: "write" | |
services: | |
postgres: | |
image: postgres:16.3 | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- 2345:5432 | |
mock-oauth2-server: | |
image: ghcr.io/navikt/mock-oauth2-server:2.0.1 | |
env: | |
JSON_CONFIG: > | |
{ | |
"interactiveLogin": true, | |
"httpServer": "NettyWrapper", | |
"tokenCallbacks": [ | |
{ | |
"issuerId": "faketokenx", | |
"tokenExpiry": 600000, | |
"requestMappings": [ | |
{ | |
"requestParam": "acr", | |
"match": "Level4", | |
"claims": { | |
"sub": "42", | |
"aud": "someaudience", | |
"pid": "42", | |
"acr": "Level4" | |
} | |
}, | |
{ | |
"requestParam": "acr", | |
"match": "idporten-loa-high", | |
"claims": { | |
"sub": "42", | |
"aud": "someaudience", | |
"pid": "42", | |
"acr": "idporten-loa-high" | |
} | |
} | |
] | |
} | |
] | |
} | |
ports: | |
- 8118:8080 | |
steps: | |
- uses: actions/checkout@v4 | |
- run: PGPASSWORD=postgres psql -U postgres -h localhost -p 2345 -f ./local-db-init.sql | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: 21 | |
cache: maven | |
- run: mvn -B package | |
- uses: nais/docker-build-push@v0 | |
id: gar-push | |
with: | |
team: fager | |
tag: ${{ github.sha }} | |
project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} | |
identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} | |
deploy-dev-gcp: | |
permissions: | |
contents: "read" | |
id-token: "write" | |
name: Deploy dev (dev-gcp) | |
needs: bygg | |
runs-on: ubuntu-latest | |
if: github.ref == 'refs/heads/main' | |
continue-on-error: true | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: nais/login@v0 | |
id: login | |
with: | |
project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} | |
identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} | |
team: fager | |
- uses: nais/deploy/actions/deploy@v2 | |
env: | |
VAR: image=${{ steps.login.outputs.registry }}/min-side-arbeidsgiver-api:${{ github.sha }} | |
RESOURCE: nais/dev-env.yaml | |
CLUSTER: dev-gcp | |
deploy-prod-gcp: | |
permissions: | |
contents: "read" | |
id-token: "write" | |
name: Deploy prod (prod-gcp) | |
needs: deploy-dev-gcp | |
if: github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: nais/login@v0 | |
id: login | |
with: | |
project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }} | |
identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }} | |
team: fager | |
- uses: nais/deploy/actions/deploy@v2 | |
env: | |
VAR: image=${{ steps.login.outputs.registry }}/min-side-arbeidsgiver-api:${{ github.sha }} | |
RESOURCE: nais/prod-env.yaml | |
CLUSTER: prod-gcp | |