-
Notifications
You must be signed in to change notification settings - Fork 94
115 lines (100 loc) · 4.29 KB
/
deploy-runner-org-sync.yaml
File metadata and controls
115 lines (100 loc) · 4.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
name: Deploy Runner Org Sync
on:
push:
branches: [main, feat/runners-autoscaling]
paths:
- 'src/runner-org-sync/**'
- '.github/workflows/deploy-runner-org-sync.yaml'
workflow_dispatch:
inputs:
environments:
description: 'Environments to deploy to. Multiple environments can be specified by separating them with a comma.'
required: false
default: 'dev'
permissions:
id-token: write
contents: read
jobs:
construct-environments-array:
uses: ./.github/workflows/template-studio-construct-environments.yaml
with:
# Push to the autoscaling feature branch deploys to staging only.
# Push to main and manual dispatches fall through to github.event.inputs
# (which is empty on push to main → template applies its own defaults,
# and on dispatch → the value the user typed in the form).
inputs: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/feat/runners-autoscaling') && '{"environments":"staging"}' || toJSON(github.event.inputs) }}
push-artifact:
name: Push runner-org-sync as OCI artifact
runs-on: ubuntu-latest
environment: dev
env:
REGISTRY_NAME: altinntjenestercontainerregistry
outputs:
CONFIG_REPO: ${{ steps.vars.outputs.config-repo }}
defaults:
run:
working-directory: src/runner-org-sync
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Set vars
id: vars
run: |
SHA="${GITHUB_SHA::10}"
echo "short-sha=$SHA" >> "$GITHUB_OUTPUT"
echo "image-repo=altinntjenestercontainerregistry.azurecr.io/altinn-studio/runner-org-sync:${SHA}" >> "$GITHUB_OUTPUT"
echo "config-repo=altinntjenestercontainerregistry.azurecr.io/altinn-studio/configs/runner-org-sync-repo:${SHA}" >> "$GITHUB_OUTPUT"
- name: az login
uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID_FC }}
tenant-id: ${{ secrets.AZURE_TENANT_ID_FC }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_FC }}
- name: az acr login
run: az acr login --name ${{ env.REGISTRY_NAME }}
- name: flux install
uses: fluxcd/flux2/action@bfa461ed2153ae5e0cca6bce08e0845268fb3088 # v2.8.2
- name: docker build
run: docker build -t ${{ steps.vars.outputs.image-repo }} -f Dockerfile .
- name: push image
run: docker push ${{ steps.vars.outputs.image-repo }}
- name: patch base with image tag
working-directory: src/runner-org-sync/infra/kustomize/base
run: |
export IMAGE="${{ steps.vars.outputs.image-repo }}"
export IMAGE_TAG="${{ steps.vars.outputs.short-sha }}"
yq -i '.metadata.annotations["altinn.studio/image"] = env(IMAGE)' cronjob.yaml
yq -i '.metadata.annotations["altinn.studio/image-tag"] = env(IMAGE_TAG)' cronjob.yaml
- name: push artifact
working-directory: src/runner-org-sync/infra/kustomize
run: |
flux push artifact oci://${{ steps.vars.outputs.config-repo }} \
--provider=azure \
--reproducible \
--path="." \
--source="$(git config --get remote.origin.url)" \
--revision="$(git branch --show-current)/$(git rev-parse HEAD)"
tag:
name: Tag artifact
needs: [push-artifact, construct-environments-array]
runs-on: ubuntu-latest
environment: ${{ matrix.environment }}
env:
REGISTRY_NAME: altinntjenestercontainerregistry
strategy:
matrix:
include: ${{ fromJSON(needs.construct-environments-array.outputs.result) }}
steps:
- name: az login
uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID_FC }}
tenant-id: ${{ secrets.AZURE_TENANT_ID_FC }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_FC }}
- name: az acr login
run: az acr login --name ${{ env.REGISTRY_NAME }}
- name: flux install
uses: fluxcd/flux2/action@bfa461ed2153ae5e0cca6bce08e0845268fb3088 # v2.8.2
- name: tag artifact
run: |
flux tag artifact oci://${{ needs.push-artifact.outputs.CONFIG_REPO }} \
--tag ${{ matrix.environment }}