digdir · arealmaas · Nov 1, 2024 · Oct 22, 2024 · Oct 24, 2024 · Oct 24, 2024
@@ -63,7 +63,7 @@ jobs:
   deploy-infra:
     name: Deploy infra to test
     needs: [get-current-version, check-for-changes, generate-git-short-sha]
-    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     uses: ./.github/workflows/workflow-deploy-infra.yml
     secrets:
       AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}

@@ -10,18 +10,29 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref_name }}
 
 jobs:
-  # Get changed files between previous tag and current tag: https://github.com/marketplace/actions/changed-files
+  get-versions-from-github:
+    name: Get Latest Deployed Version Info from GitHub
+    uses: ./.github/workflows/workflow-get-latest-deployed-version-info-from-github.yml
+    with:
+      environment: prod
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   check-for-changes:
     name: Check for changes
+    needs: [get-versions-from-github]
     uses: ./.github/workflows/workflow-check-for-changes.yml
+    with:
+      infra_base_sha: ${{ needs.get-versions-from-github.outputs.infra_version_sha }}
+      apps_base_sha: ${{ needs.get-versions-from-github.outputs.apps_version_sha }}
 
   get-current-version:
     name: Get current version
     uses: ./.github/workflows/workflow-get-current-version.yml
 
   dry-run-deploy-infra:
     name: Dry run deploy infra to prod
-    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     needs: [get-current-version, check-for-changes]
     uses: ./.github/workflows/workflow-deploy-infra.yml
     secrets:
@@ -40,7 +51,7 @@ jobs:
 
   deploy-infra:
     name: Deploy infra to prod
-    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     needs: [get-current-version, check-for-changes, dry-run-deploy-infra]
     uses: ./.github/workflows/workflow-deploy-infra.yml
     secrets:
@@ -56,6 +67,18 @@ jobs:
       region: norwayeast
       version: ${{ needs.get-current-version.outputs.version }}
 
+  store-infra-version:
+    name: Store Latest Deployed Infra Version as GitHub Variable
+    runs-on: ubuntu-latest
+    needs: [deploy-infra, get-current-version]
+    if: ${{ needs.deploy-infra.result == 'success' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Set GitHub variable for latest deployed infra version
+        run: |
+          gh variable set LATEST_DEPLOYED_INFRA_VERSION --body "${{ needs.get-current-version.outputs.version }}" --env prod --repo ${{ github.repository }}
+
   dry-run-deploy-apps:
     name: Dry run deploy apps to prod
     needs:
@@ -104,6 +127,18 @@ jobs:
       version: ${{ needs.get-current-version.outputs.version }}
       runMigration: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasMigrationChanges == 'true' }}
 
+  store-apps-version:
+    name: Store Latest Deployed Apps Version as GitHub Variable
+    runs-on: ubuntu-latest
+    needs: [deploy-apps, get-current-version]
+    if: ${{ needs.deploy-apps.result == 'success' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Set GitHub variable for latest deployed apps version
+        run: |
+          gh variable set LATEST_DEPLOYED_APPS_VERSION --body "${{ needs.get-current-version.outputs.version }}" --env prod --repo ${{ github.repository }}
+
   deploy-slack-notifier:
     name: Deploy slack notifier (prod)
     needs: [check-for-changes]

@@ -28,7 +28,7 @@ jobs:
   build-infrastructure:
     uses: ./.github/workflows/workflow-build-infrastructure.yml
     needs: [check-for-changes]
-    if: ${{ always() && needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ always() && needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     secrets:
       AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
       AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
@@ -46,7 +46,7 @@ jobs:
         get-current-version,
         build-infrastructure,
       ]
-    if: ${{ always() && needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ always() && needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     secrets:
       AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
       AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}

@@ -10,29 +10,29 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref_name }}
 
 jobs:
-  # Get changed files between previous tag and current tag: https://github.com/marketplace/actions/changed-files
+  get-versions-from-github:
+    name: Get Latest Deployed Version Info from GitHub
+    uses: ./.github/workflows/workflow-get-latest-deployed-version-info-from-github.yml
+    with:
+      environment: staging
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   check-for-changes:
     name: Check for changes
+    needs: [get-versions-from-github]
     uses: ./.github/workflows/workflow-check-for-changes.yml
+    with:
+      infra_base_sha: ${{ needs.get-versions-from-github.outputs.infra_version_sha }}
+      apps_base_sha: ${{ needs.get-versions-from-github.outputs.apps_version_sha }}
 
   get-current-version:
     name: Get current version
     uses: ./.github/workflows/workflow-get-current-version.yml
 
-  publish:
-    name: Build and publish docker images
-    uses: ./.github/workflows/workflow-publish.yml
-    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasBackendChanges == 'true' }}
-    needs: [get-current-version, check-for-changes]
-    secrets:
-      GCR_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
-    with:
-      dockerImageBaseName: ghcr.io/digdir/dialogporten-
-      version: ${{ needs.get-current-version.outputs.version }}
-
   deploy-infra:
     name: Deploy infra to staging
-    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     needs: [get-current-version, check-for-changes]
     uses: ./.github/workflows/workflow-deploy-infra.yml
     secrets:
@@ -48,18 +48,39 @@ jobs:
       region: norwayeast
       version: ${{ needs.get-current-version.outputs.version }}
 
+  store-infra-version:
+    name: Store Latest Deployed Infra Version as GitHub Variable
+    runs-on: ubuntu-latest
+    needs: [deploy-infra, get-current-version]
+    if: ${{ needs.deploy-infra.result == 'success' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Set GitHub variable for latest deployed infra version
+        run: |
+          gh variable set LATEST_DEPLOYED_INFRA_VERSION --body "${{ needs.get-current-version.outputs.version }}" --env staging --repo ${{ github.repository }}
+
+  publish:
+    name: Build and publish docker images
+    uses: ./.github/workflows/workflow-publish.yml
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasBackendChanges == 'true' }}
+    needs: [get-current-version, check-for-changes]
+    secrets:
+      GCR_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+    with:
+      dockerImageBaseName: ghcr.io/digdir/dialogporten-
+      version: ${{ needs.get-current-version.outputs.version }}
+
   deploy-apps:
     name: Deploy apps to staging
     needs:
       [get-current-version, check-for-changes, deploy-infra, publish]
-    # we want deployment of apps to be dependent on deployment of infrastructure, but if infrastructure is skipped, we still want to deploy the apps
     if: ${{ always() && !failure() && !cancelled() && (github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasBackendChanges == 'true') }}
     uses: ./.github/workflows/workflow-deploy-apps.yml
     secrets:
       AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
       AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
       AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      # todo: consider resolving these in another way since they are created in the infra-step
       AZURE_RESOURCE_GROUP_NAME: ${{ secrets.AZURE_RESOURCE_GROUP_NAME }}
       AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }}
       AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }}
@@ -72,6 +93,18 @@ jobs:
       version: ${{ needs.get-current-version.outputs.version }}
       runMigration: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasMigrationChanges == 'true' }}
 
+  store-apps-version:
+    name: Store Latest Deployed Apps Version as GitHub Variable
+    runs-on: ubuntu-latest
+    needs: [deploy-apps, get-current-version]
+    if: ${{ needs.deploy-apps.result == 'success' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Set GitHub variable for latest deployed apps version
+        run: |
+          gh variable set LATEST_DEPLOYED_APPS_VERSION --body "${{ needs.get-current-version.outputs.version }}" --env staging
+
   deploy-slack-notifier:
     name: Deploy slack notifier (staging)
     needs: [check-for-changes]

@@ -10,10 +10,21 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref_name }}
 
 jobs:
-  # Get changed files between previous tag and current tag: https://github.com/marketplace/actions/changed-files
+  get-versions-from-github:
+    name: Get Latest Deployed Version Info from GitHub
+    uses: ./.github/workflows/workflow-get-latest-deployed-version-info-from-github.yml
+    with:
+      environment: yt01
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   check-for-changes:
     name: Check for changes
+    needs: [get-versions-from-github]
     uses: ./.github/workflows/workflow-check-for-changes.yml
+    with:
+      infra_base_sha: ${{ needs.get-versions-from-github.outputs.infra_version_sha }}
+      apps_base_sha: ${{ needs.get-versions-from-github.outputs.apps_version_sha }}
 
   get-current-version:
     name: Get current version
@@ -32,7 +43,7 @@ jobs:
 
   deploy-infra:
     name: Deploy infra to yt01
-    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasAzureChanges == 'true' }}
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasInfraChanges == 'true' }}
     needs: [get-current-version, check-for-changes]
     uses: ./.github/workflows/workflow-deploy-infra.yml
     secrets:
@@ -48,6 +59,18 @@ jobs:
       region: norwayeast
       version: ${{ needs.get-current-version.outputs.version }}
 
+  store-infra-version:
+    name: Store Latest Deployed Infra Version as GitHub Variable
+    runs-on: ubuntu-latest
+    needs: [deploy-infra, get-current-version]
+    if: ${{ needs.deploy-infra.result == 'success' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Set GitHub variable for latest deployed infra version
+        run: |
+          gh variable set LATEST_DEPLOYED_INFRA_VERSION --body "${{ needs.get-current-version.outputs.version }}" --env yt01 --repo ${{ github.repository }}
+
   deploy-apps:
     name: Deploy apps to yt01
     needs:
@@ -72,6 +95,18 @@ jobs:
       version: ${{ needs.get-current-version.outputs.version }}
       runMigration: ${{ github.event_name == 'workflow_dispatch' || needs.check-for-changes.outputs.hasMigrationChanges == 'true' }}
 
+  store-apps-version:
+    name: Store Latest Deployed Apps Version as GitHub Variable
+    runs-on: ubuntu-latest
+    needs: [deploy-apps, get-current-version]
+    if: ${{ needs.deploy-apps.result == 'success' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Set GitHub variable for latest deployed apps version
+        run: |
+          gh variable set LATEST_DEPLOYED_APPS_VERSION --body "${{ needs.get-current-version.outputs.version }}" --env yt01 --repo ${{ github.repository }}
+
   deploy-slack-notifier:
     name: Deploy slack notifier (yt01)
     needs: [check-for-changes]

@@ -27,6 +27,7 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref_name }}-${{ inputs.environment }}
 
 jobs:
+
   generate-git-short-sha:
     name: Generate git short sha
     uses: ./.github/workflows/workflow-generate-git-short-sha.yml
@@ -35,16 +36,11 @@ jobs:
     name: Get current version
     uses: ./.github/workflows/workflow-get-current-version.yml
 
-  check-for-changes:
-    name: Check for changes
-    uses: ./.github/workflows/workflow-check-for-changes.yml
-
   deploy-apps:
     name: Deploy apps to ${{ inputs.environment }}
     needs:
       - generate-git-short-sha
       - get-current-version
-      - check-for-changes
     uses: ./.github/workflows/workflow-deploy-apps.yml
     secrets:
       AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}

@@ -2,10 +2,21 @@ name: "Check for file changes"
 
 on:
   workflow_call:
+    inputs:
+      infra_base_sha:
+        description: "Base SHA for infrastructure changes"
+        required: false
+        default: ''
+        type: string
+      apps_base_sha:
+        description: "Base SHA for application changes"
+        required: false
+        default: ''
+        type: string
     outputs:
-      hasAzureChanges:
-        description: "Azure related files changed"
-        value: ${{ jobs.check-for-changes.outputs.hasAzureChanges }}
+      hasInfraChanges:
+        description: "Infrastructure related files changed"
+        value: ${{ jobs.check-for-changes.outputs.hasInfraChanges }}
       hasBackendChanges:
         description: "Backend related files changed"
         value: ${{ jobs.check-for-changes.outputs.hasBackendChanges }}
@@ -21,42 +32,49 @@ on:
       hasMigrationChanges:
         description: "Migration related files changed"
         value: ${{ jobs.check-for-changes.outputs.hasMigrationChanges }}
+
 jobs:
   check-for-changes:
     name: Filter
     runs-on: ubuntu-latest
     outputs:
-      hasBackendChanges: ${{ steps.filter.outputs.backend_any_modified == 'true' }}
-      hasTestChanges: ${{ steps.filter.outputs.tests_any_modified == 'true' }}
-      hasAzureChanges: ${{ steps.filter.outputs.azure_any_modified == 'true' }}
+      hasInfraChanges: ${{ steps.filter.outputs.azure_any_modified == 'true' }}
       hasSlackNotifierChanges: ${{ steps.filter.outputs.slackNotifier_any_modified == 'true'}}
-      hasSchemaChanges: ${{ steps.filter.outputs.schema_any_modified == 'true'}}
-      hasMigrationChanges: ${{ steps.filter.outputs.migration_any_modified == 'true'}}
+      hasBackendChanges: ${{ steps.filter-backend.outputs.backend_any_modified == 'true' }}
+      hasTestChanges: ${{ steps.filter-backend.outputs.tests_any_modified == 'true' }}
+      hasSchemaChanges: ${{ steps.filter-backend.outputs.schema_any_modified == 'true'}}
+      hasMigrationChanges: ${{ steps.filter-backend.outputs.migration_any_modified == 'true'}}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          # fetch-depth needs to be 0 in cases where we want to fetch changes since previous tag for example
           fetch-depth: 0
 
       - uses: tj-actions/changed-files@v45
         id: filter
         with:
+          base_sha: ${{ inputs.infra_base_sha }}
           files_yaml: |
-            backend:
-              - '.github/**/*'
-              - 'src/**/*'
-              - '.azure/applications/**/*'
-              - '.azure/modules/containerApp/**/*'
-            tests:
-              - 'tests/**/*'
             azure:
               - '.github/**/*'
               - '.azure/infrastructure/**/*'
               - '.azure/modules/**/*'
             slackNotifier:
               - '.github/**/*'
               - 'src/Digdir.Tool.Dialogporten.SlackNotifier/**/*'
+
+      - uses: tj-actions/changed-files@v45
+        id: filter-backend
+        with:
+          base_sha: ${{ inputs.apps_base_sha }}
+          files_yaml: |
+            backend:
+              - '.github/**/*'
+              - 'src/**/*'
+              - '.azure/applications/**/*'
+              - '.azure/modules/containerApp/**/*'
+            tests:
+              - 'tests/**/*'
             schema:
               - 'docs/schema/V1/**/*'
             migration: