From 62303705cd74d83d3db797f972b990b0f69d3db6 Mon Sep 17 00:00:00 2001 From: Mirko Sekulic Date: Wed, 4 Sep 2024 09:01:46 +0200 Subject: [PATCH 1/5] try production login --- .../test-production-environment.yaml | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/test-production-environment.yaml diff --git a/.github/workflows/test-production-environment.yaml b/.github/workflows/test-production-environment.yaml new file mode 100644 index 00000000000..8c84e7e2499 --- /dev/null +++ b/.github/workflows/test-production-environment.yaml @@ -0,0 +1,23 @@ +name: Test production environment +on: + pull_request: + branches: [ main ] + types: [opened, synchronize, reopened] + + workflow_dispatch: + +permissions: + id-token: write + contents: read + +jobs: + login-to-production: + runs-on: ubuntu-latest + environment: production + steps: + - name: 'Azure login' + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID_FC }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_FC }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_FC }} From 8e1650eab2c9a1842177be537ee585da1d3132a2 Mon Sep 17 00:00:00 2001 From: Mirko Sekulic Date: Tue, 10 Sep 2024 09:53:28 +0200 Subject: [PATCH 2/5] test preapproved prod login --- .github/workflows/test-production-environment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-production-environment.yaml b/.github/workflows/test-production-environment.yaml index 8c84e7e2499..29b68b81ea0 100644 --- a/.github/workflows/test-production-environment.yaml +++ b/.github/workflows/test-production-environment.yaml @@ -13,7 +13,7 @@ permissions: jobs: login-to-production: runs-on: ubuntu-latest - environment: production + environment: preapproved-prod steps: - name: 'Azure login' uses: azure/login@v2 From e82f8e264a6f9effc4e7411e5cdd8acc81d62bae Mon Sep 17 00:00:00 2001 From: Mirko Sekulic Date: Tue, 10 Sep 2024 10:40:13 +0200 Subject: [PATCH 3/5] use preapproved-prod for desigenr pipeline --- .github/workflows/deploy-designer.yaml | 5 +++-- .github/workflows/template-flux-config-push.yaml | 9 +++++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/deploy-designer.yaml b/.github/workflows/deploy-designer.yaml index 2f607044540..847c835e909 100644 --- a/.github/workflows/deploy-designer.yaml +++ b/.github/workflows/deploy-designer.yaml @@ -33,7 +33,7 @@ jobs: construct-environments-array: uses: ./.github/workflows/template-construct-environments.yaml with: - environments: ${{ github.event.inputs.environments || 'staging,prod' }} + environments: ${{ github.event.inputs.environments || 'staging,preapproved-prod' }} determine-tag: needs: get-short-sha @@ -103,9 +103,10 @@ jobs: tag: ${{ needs.determine-tag.outputs.tag }} registry-name: altinntjenestercontainerregistry.azurecr.io environment: ${{ matrix.environment }} + artifact-environment: ${{ matrix.environment == 'preapproved-prod' && 'prod || matrix.environment }} config-chart-name: altinn-designer-config artifact-name: altinn-designer - helm-set-arguments: environmentName=${{ matrix.environment }},chartVersion=0.1.0+${{ needs.determine-tag.outputs.tag }},imageTag=${{ needs.determine-tag.outputs.tag }},dbMigrationsTag=${{ needs.determine-tag.outputs.tag }} + helm-set-arguments: environmentName=${{ matrix.environment == 'preapproved-prod' && 'prod || matrix.environment }},chartVersion=0.1.0+${{ needs.determine-tag.outputs.tag }},imageTag=${{ needs.determine-tag.outputs.tag }},dbMigrationsTag=${{ needs.determine-tag.outputs.tag }} secrets: client-id: ${{ secrets.AZURE_CLIENT_ID_FC }} tenant-id: ${{ secrets.AZURE_TENANT_ID_FC }} diff --git a/.github/workflows/template-flux-config-push.yaml b/.github/workflows/template-flux-config-push.yaml index 5df617622c4..78c75c505aa 100644 --- a/.github/workflows/template-flux-config-push.yaml +++ b/.github/workflows/template-flux-config-push.yaml @@ -12,6 +12,9 @@ on: environment: required: true type: string + artifact-environment: + required: false + type: string config-chart-name: required: true type: string @@ -72,12 +75,14 @@ jobs: - name: Push config artifact run: | - flux push artifact oci://${{ inputs.registry-name }}/configs/${{ inputs.artifact-name }}-${{ inputs.environment }}:${{ inputs.tag }} \ + artifact_env=${{ inputs.artifact-environment || inputs.environment }} + flux push artifact oci://${{ inputs.registry-name }}/configs/${{ inputs.artifact-name }}-${artifact_env}:${{ inputs.tag }} \ --path="./${{ inputs.config-chart-name }}-rendered" \ --source="$(git config --get remote.origin.url)" \ --revision="$(git branch --show-current)/$(git rev-parse HEAD)" - name: Tag artifact as latest run: | - flux tag artifact oci://${{ inputs.registry-name }}/configs/${{ inputs.artifact-name }}-${{ inputs.environment }}:${{ inputs.tag }} --tag latest + artifact_env=${{ inputs.artifact-environment || inputs.environment }} + flux tag artifact oci://${{ inputs.registry-name }}/configs/${{ inputs.artifact-name }}-${artifact_env}:${{ inputs.tag }} --tag latest From 8246b06e3a9a5119526b3e201e62ea70834eb414 Mon Sep 17 00:00:00 2001 From: Mirko Sekulic Date: Tue, 10 Sep 2024 10:40:46 +0200 Subject: [PATCH 4/5] remove test login pipeline --- .../test-production-environment.yaml | 23 ------------------- 1 file changed, 23 deletions(-) delete mode 100644 .github/workflows/test-production-environment.yaml diff --git a/.github/workflows/test-production-environment.yaml b/.github/workflows/test-production-environment.yaml deleted file mode 100644 index 29b68b81ea0..00000000000 --- a/.github/workflows/test-production-environment.yaml +++ /dev/null @@ -1,23 +0,0 @@ -name: Test production environment -on: - pull_request: - branches: [ main ] - types: [opened, synchronize, reopened] - - workflow_dispatch: - -permissions: - id-token: write - contents: read - -jobs: - login-to-production: - runs-on: ubuntu-latest - environment: preapproved-prod - steps: - - name: 'Azure login' - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID_FC }} - tenant-id: ${{ secrets.AZURE_TENANT_ID_FC }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_FC }} From 26a1f357232a8323f3959c84721d225e0c154ffd Mon Sep 17 00:00:00 2001 From: Mirko Sekulic Date: Tue, 10 Sep 2024 10:57:34 +0200 Subject: [PATCH 5/5] fix syntax --- .github/workflows/deploy-designer.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-designer.yaml b/.github/workflows/deploy-designer.yaml index 847c835e909..db5805914ad 100644 --- a/.github/workflows/deploy-designer.yaml +++ b/.github/workflows/deploy-designer.yaml @@ -103,10 +103,10 @@ jobs: tag: ${{ needs.determine-tag.outputs.tag }} registry-name: altinntjenestercontainerregistry.azurecr.io environment: ${{ matrix.environment }} - artifact-environment: ${{ matrix.environment == 'preapproved-prod' && 'prod || matrix.environment }} + artifact-environment: ${{ matrix.environment == 'preapproved-prod' && 'prod' || matrix.environment }} config-chart-name: altinn-designer-config artifact-name: altinn-designer - helm-set-arguments: environmentName=${{ matrix.environment == 'preapproved-prod' && 'prod || matrix.environment }},chartVersion=0.1.0+${{ needs.determine-tag.outputs.tag }},imageTag=${{ needs.determine-tag.outputs.tag }},dbMigrationsTag=${{ needs.determine-tag.outputs.tag }} + helm-set-arguments: environmentName=${{ matrix.environment == 'preapproved-prod' && 'prod' || matrix.environment }},chartVersion=0.1.0+${{ needs.determine-tag.outputs.tag }},imageTag=${{ needs.determine-tag.outputs.tag }},dbMigrationsTag=${{ needs.determine-tag.outputs.tag }} secrets: client-id: ${{ secrets.AZURE_CLIENT_ID_FC }} tenant-id: ${{ secrets.AZURE_TENANT_ID_FC }}