feat: context & container - C4-diagram (#113) #184
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: π Push | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| force: | |
| description: "Force deploy to prod" | |
| type: boolean | |
| default: false | |
| required: true | |
| jobs: | |
| build: | |
| secrets: inherit | |
| name: Build | |
| uses: equinor/spinedatasheetapi/.github/workflows/build.yml@main | |
| release_please: | |
| name: π Release Please | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create Release | |
| id: release | |
| uses: google-github-actions/release-please-action@v3 | |
| with: | |
| release-type: simple | |
| package-name: spinedatasheet | |
| changelog-types: > | |
| [{"type":"feat","section":"Features","hidden":false}, | |
| {"type":"fix","section":"Bug Fixes","hidden":false}, | |
| {"type":"style", "section":"Cosmetic changes","hidden":false}, | |
| {"type":"docs","section":"For developers","hidden":false}, | |
| {"type":"refactor","section":"For developers","hidden":false}, | |
| {"type":"ci", "section":"For developers","hidden":false}, | |
| {"type":"chore", "section":"For developers","hidden":false}, | |
| {"type":"perf", "section":"Optimalization","hidden":false}] | |
| outputs: | |
| release_created: ${{ steps.release.outputs.release_created }} | |
| deploy-ci: | |
| name: 'π CI' | |
| runs-on: ubuntu-latest | |
| needs: build | |
| environment: CI | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Tag Image with Env" | |
| uses: equinor/iaf-actions/add-container-tags@main | |
| with: | |
| build-id: ${{ github.sha }} | |
| environment-shortname: 'ci' | |
| registry: ${{ secrets.ACR_ENDPOINT }} | |
| registry-repository: 'datasheetapi' | |
| tag: 'ci-release' | |
| client-id: ${{ secrets.ACR_USERNAME }} | |
| client-secret: ${{ secrets.ACR_PASSWORD }} | |
| - name: "Login to Azure" | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ vars.AZURE_SERVICE_PRINCIPAL_CLIENT_ID }} | |
| tenant-id: ${{ vars.AZURE_TENANT_ID }} | |
| allow-no-subscriptions: true | |
| - name: "Obtain token for upload" | |
| shell: bash | |
| run: echo FUSION_TOKEN=$(az account get-access-token --resource '${{ vars.RADIX_SERVICE_ID }}' | jq '.accessToken') >> $GITHUB_ENV | |
| - name: "Trigger Radix Deploy" | |
| shell: bash | |
| run: | | |
| curl -X POST \ | |
| -i \ | |
| -f \ | |
| -H "Content-Type: application/json" \ | |
| -H "Authorization: Bearer ${{ env.FUSION_TOKEN }}" \ | |
| -d '{"branch":"main", "triggeredBy":"${{ github.workflow_ref }}"}' \ | |
| "https://api.radix.equinor.com/api/v1/applications/datasheet/pipelines/build-deploy" | |
| deploy_qa: | |
| name: 'π QA' | |
| runs-on: ubuntu-latest | |
| needs: [release_please, deploy-ci] | |
| if: ${{ needs.release_please.outputs.release_created || inputs.force }} | |
| environment: QA | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Log into registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ secrets.ACR_ENDPOINT }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - run: | | |
| docker image pull ${{ secrets.REGISTRY }}/datasheetapi:${{ github.sha }} | |
| docker tag ${{ secrets.REGISTRY }}/datasheetapi:${{ github.sha }} ${{ secrets.REGISTRY }}/datasheetapi:qa-release | |
| docker push ${{ secrets.REGISTRY }}/datasheetapi:qa-release | |
| - name: "Login to Azure" | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ vars.AZURE_SERVICE_PRINCIPAL_CLIENT_ID }} | |
| tenant-id: ${{ vars.AZURE_TENANT_ID }} | |
| allow-no-subscriptions: true | |
| - name: "Obtain token for upload" | |
| shell: bash | |
| run: echo FUSION_TOKEN=$(az account get-access-token --resource '${{ vars.RADIX_SERVICE_ID }}' | jq '.accessToken') >> $GITHUB_ENV | |
| - name: "Trigger Radix Deploy" | |
| shell: bash | |
| run: | | |
| curl -X POST \ | |
| -i \ | |
| -f \ | |
| -H "Content-Type: application/json" \ | |
| -H "Authorization: Bearer ${{ env.FUSION_TOKEN }}" \ | |
| -d '{"branch":"main", "triggeredBy":"${{ github.workflow_ref }}"}' \ | |
| "https://api.radix.equinor.com/api/v1/applications/datasheet/pipelines/build-deploy" | |
| deploy_prod: | |
| name: 'π Prod' | |
| runs-on: ubuntu-latest | |
| needs: [deploy_qa] | |
| environment: PROD | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Log into registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ secrets.ACR_ENDPOINT }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - run: | | |
| docker image pull ${{ secrets.REGISTRY }}/datasheetapi:${{ github.sha }} | |
| docker tag ${{ secrets.REGISTRY }}/datasheetapi:${{ github.sha }} ${{ secrets.REGISTRY }}/datasheetapi:prod-release | |
| docker push ${{ secrets.REGISTRY }}/datasheetapi:prod-release | |
| - name: "Login to Azure" | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ vars.AZURE_SERVICE_PRINCIPAL_CLIENT_ID }} | |
| tenant-id: ${{ vars.AZURE_TENANT_ID }} | |
| allow-no-subscriptions: true | |
| - name: "Obtain token for upload" | |
| shell: bash | |
| run: echo FUSION_TOKEN=$(az account get-access-token --resource '${{ vars.RADIX_SERVICE_ID }}' | jq '.accessToken') >> $GITHUB_ENV | |
| - name: "Trigger Radix Deploy" | |
| shell: bash | |
| run: | | |
| curl -X POST \ | |
| -i \ | |
| -f \ | |
| -H "Content-Type: application/json" \ | |
| -H "Authorization: Bearer ${{ env.FUSION_TOKEN }}" \ | |
| -d '{"branch":"main", "triggeredBy":"${{ github.workflow_ref }}"}' \ | |
| "https://api.radix.equinor.com/api/v1/applications/datasheet/pipelines/build-deploy" | |