Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gjennomgang og generelle forbedringer i Github workflows #325

Closed
8 tasks done
elsand opened this issue Jan 9, 2024 · 4 comments
Closed
8 tasks done

Gjennomgang og generelle forbedringer i Github workflows #325

elsand opened this issue Jan 9, 2024 · 4 comments
Assignees
@arealmaas
Milestone
Klar for ekstern ...

Comments

@elsand
Copy link
Member

elsand commented Jan 9, 2024
edited by arealmaas
Loading

Tasks
Preview Give feedback
  5. Bedre parametrisering i IaC, forskjellige SKUs per miljø digdir/dialogporten#303
    enhancement
    arealmaas

Notes for later:
@arealmaas
Copy link
Collaborator

arealmaas commented Jan 9, 2024
edited
Loading

Note for possible naming/structure:

Image

This was referenced Jan 9, 2024
Merged
Merged
@arealmaas arealmaas self-assigned this Jan 10, 2024
@arealmaas
Copy link
Collaborator

#327 og #328 skal fikse de to første taskene

arealmaas added a commit that referenced this issue Jan 10, 2024
@arealmaas
ci: refactor pull request workflow (#327)
89a3f08 
First refactor in the line of a few more. Refactored 

- [X] Refactor buildTestPublish to not trigger on pull requests
- [X] Create a new workflow for pull requests and trigger buildTestPublish without publishing artifacts

Related to #325
@arealmaas
Copy link
Collaborator

For at denne tasken ikke skal bli veldig bloated, så tenker jeg at vi fullfører den checklisten og så kan vi evt. lage noen flere tasks basert på notatene

@elsand elsand added needs refinement needs consideration Requires additional consideration and removed needs refinement labels Jan 16, 2024
@elsand elsand added this to the Klar for ekstern testing milestone Jan 16, 2024
@arealmaas arealmaas mentioned this issue Jan 16, 2024
Merged
arealmaas added a commit that referenced this issue Jan 17, 2024
@arealmaas @oskogstad
ci: refactor deployment of infrastructure and add PR validation (#346)
79e71a6 
Issue: #325 

**What's done:**
- **Using .bicepparam instead of the json parameters file**: No default
values are set for most of the parameters now, so will be empty if
environment variables are not set
- **Split the deployment script**: Split the deployBicep.ps1 into
several actions that produces values sent as either pure parameters or
secrets to the bicep file. Also using the `arm-deploy` github action
instead of command line `az`. See `Deploy.yml`
- **Flattened object parameters**: Flattened the keyvault and secrets
parameters for easier visibility and validation
- **Triggers a dry-run from pull requests**: The `Deploy.yml` action
takes an optional parameter `dry-run` to

**Potential future tasks & discussions:** 
- **Output the result of the `what-if` to the pull request as a
comment.**: The way to get this working seems to be using --pretty-print
and parsing the value. Haven't found any solution that can do this in a
smooth way for us.. 🤔 Maybe this can inspire us:
https://dev.to/omiossec/arm-template-deployment-the-what-if-option-for-your-azure-deployments-17f7
- **consider using --rollback-on-error**: When deploying using the
arm-deploy, we could supply the --rollback-on-error flag if we find it
necessary
- **Potentially use kv.getSecret in bicepparam**: Instead of using
environment variables we might consider fetching the secrets for the
environment in the bicepparam files (or whether that just pollutes the
bicepparam file..)
https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/key-vault-parameter?tabs=azure-cli#use-getsecret-function
- **Use version instead of git_sha**: To follow IAC principles more
closely we could put the version of the deployed image in the source
code. (through a new action that commits the resolved version number
maybe), or we could split the deployment of container apps and the rest
of the infrastructure

---------

Co-authored-by: Ole Jørgen Skogstad <skogstad@softis.net>
@arealmaas arealmaas mentioned this issue Jan 18, 2024
Merged
arealmaas added a commit that referenced this issue Jan 18, 2024
@arealmaas
chore(Dockerfiles): avoid busting cache on each build (#360)
6eab4e8 
Issue: #325 

- Mistenker at det er dette som forårsaker at vi må restore for hvert
bygg. Tror ikke string interpolation er så godt støttet. Med denne er vi
mer verbose, men også mer eksplisitt på hva vi drar inn i Dockerfilen.
Kan også optimaliseres med å kun kopiere inn relevante prosjekter
istedenfor hele `src`-mappen.
- Satte også `sha` til hvert image slik at vi vet at vi bruker samme
versjon av `8.0` inntil vi velger å oppgradere det på et tidspunkt
@arealmaas
Copy link
Collaborator

Nå tror jeg vi godt kan sette den her til done! Skulle gjerne sett på å få opp et staging-miljø, men det tar vi nok i en annen task

@elsand elsand removed the needs consideration Requires additional consideration label Jan 23, 2024
@arealmaas arealmaas mentioned this issue Mar 4, 2024
Merged
arealmaas added a commit that referenced this issue Mar 5, 2024
@arealmaas @oskogstad
docs: Document the deployment process (#516)
10de670 
Closing #325

---------

Co-authored-by: Ole Jørgen Skogstad <skogstad@softis.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@arealmaas arealmaas

Labels
None yet
Projects
None yet
Milestone
Klar for ekstern testing
Development

No branches or pull requests
2 participants
@elsand @arealmaas