test push container #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD Apps | |
| on: | |
| push: | |
| permissions: | |
| id-token: write | |
| env: | |
| IMAGE_NAME: altinn-authorization | |
| APP_NAME: Altinn.AccessManagement | |
| TEAM_NAME: team-authorization | |
| DOCKER_LOGIN_SERVER: ${{ vars.ARM_ACR }}.azurecr.io | |
| jobs: | |
| # bundle: | |
| # name: Bundle Apps | |
| # uses: ./.github/workflows/template-bundle.yml | |
| # with: | |
| # dir: apps | |
| cd_containerize: | |
| name: Containerize | |
| # needs: bundle | |
| runs-on: ubuntu-latest | |
| environment: at21 | |
| # strategy: | |
| # matrix: | |
| # name: ${{ fromJson(needs.bundle.outputs.dirs) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set short SHA | |
| id: set_short_sha | |
| run: | | |
| SHORT_SHA=$(git rev-parse --short HEAD) | |
| echo "IMAGE=${{ env.DOCKER_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:$SHORT_SHA" >> $GITHUB_ENV | |
| echo "image=${{ env.DOCKER_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:$SHORT_SHA" >> $GITHUB_OUTPUT | |
| echo "SHORT_SHA=$SHORT_SHA" >> $GITHUB_ENV | |
| echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT | |
| - name: Azure login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ vars.ARM_CLIENT_ID }} | |
| tenant-id: ${{ vars.ARM_TENANT_ID }} | |
| subscription-id: ${{ vars.ARM_ACR_SUBSCRIPTION_ID }} | |
| - name: Log in to Container registry | |
| run: | | |
| az acr login --name ${{ vars.ARM_ACR }} --expose-token --output tsv --query accessToken --subscription ${{ vars.ARM_ACR_SUBSCRIPTION_ID }} --only-show-errors | docker login ${{ env.DOCKER_LOGIN_SERVER }} --username 00000000-0000-0000-0000-000000000000 --password-stdin | |
| - name: Docker build | |
| run: | | |
| docker build --build-arg APP_NAME=${{ env.APP_NAME }} . -t ${{ env.IMAGE }} | |
| - name: Docker push | |
| run: | | |
| docker push ${{ env.IMAGE }} | |
| app-config-artifact-push: | |
| name: App config push | |
| runs-on: ubuntu-latest | |
| needs: cd_containerize | |
| environment: at21 | |
| env: | |
| SHORT_SHA: ${{ needs.cd_containerize.outputs.short_sha }} | |
| DEPLOY_DIR: src/apps/Altinn.Authorization/deploy | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set short SHA | |
| id: set_short_sha | |
| run: | | |
| SHORT_SHA=$(git rev-parse --short HEAD) | |
| echo "IMAGE=${{ env.DOCKER_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:$SHORT_SHA" >> $GITHUB_ENV | |
| echo "image=${{ env.DOCKER_LOGIN_SERVER }}/${{ env.IMAGE_NAME }}:$SHORT_SHA" >> $GITHUB_OUTPUT | |
| echo "SHORT_SHA=$SHORT_SHA" >> $GITHUB_ENV | |
| echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT | |
| - name: Azure login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ vars.ARM_CLIENT_ID }} | |
| tenant-id: ${{ vars.ARM_TENANT_ID }} | |
| subscription-id: ${{ vars.ARM_ACR_SUBSCRIPTION_ID }} | |
| - name: Log in to Container registry | |
| run: | | |
| az acr login --name ${{ vars.ARM_ACR }} --expose-token --output tsv --query accessToken --subscription ${{ vars.ARM_ACR_SUBSCRIPTION_ID }} --only-show-errors | docker login ${{ env.DOCKER_LOGIN_SERVER }} --username 00000000-0000-0000-0000-000000000000 --password-stdin | |
| - name: Setup Flux CLI | |
| uses: fluxcd/flux2/action@v2.3.0 | |
| - name: Replace TAG in app.yaml | |
| run: sed -i 's/\$SHA/${{ env.SHORT_SHA }}/g' ${{ env.DEPLOY_DIR }}/app.yaml | |
| - name: Push config artifact | |
| run: | | |
| flux push artifact oci://${{ env.DOCKER_LOGIN_SERVER }}/configs/${{ env.IMAGE_NAME }}-at21:${{ env.SHORT_SHA }} \ | |
| --path="${{ env.DEPLOY_DIR }}" \ | |
| --source="$(git config --get remote.origin.url)" \ | |
| --revision="$(git branch --show-current)/$(git rev-parse HEAD)" \ | |
| --annotations "org.opencontainers.image.description=${{ env.IMAGE_NAME }}" \ | |
| --annotations "org.opencontainers.image.authors=${{ env.TEAM_NAME }}" | |
| - name: Tag artifact as latest | |
| run: | | |
| flux tag artifact oci://${{ env.DOCKER_LOGIN_SERVER }}/configs/${{ env.IMAGE_NAME }}-at21:${{ env.SHORT_SHA }} --tag latest |