Skip to content

buildContentImage

buildContentImage #254

Workflow file for this run

name: buildContentImage
on:
workflow_dispatch:
env:
REGISTRY: ghcr.io
jobs:
get-content-file:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/cached-checkout-install
- run: npm run build:localContent
env:
STRAPI_API: "${{ secrets.STRAPI_API }}"
STRAPI_ACCESS_KEY: "${{ secrets.STRAPI_ACCESS_KEY }}"
- run: npm run verify:emails
- run: npm run verify:websites
- name: Calculate content checksum
id: checksum
run: echo "content_checksum=$(./docker.sh --contentHash)" >> $GITHUB_OUTPUT
- name: Upload content.json
uses: actions/upload-artifact@v4
with:
name: content-file
path: content.json
outputs:
content_checksum: ${{ steps.checksum.outputs.content_checksum }}
verify-local-e2e:
needs: [get-content-file]
uses: ./.github/workflows/e2e-test.yml
with:
require-published-app: true
e2e-target: local
secrets:
GERICHTSFINDER_ENCRYPTION_KEY: ${{ secrets.GERICHTSFINDER_ENCRYPTION_KEY }}
build-push-content-image:
runs-on: ubuntu-latest
needs: [verify-local-e2e]
steps:
- uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
- name: Download Content File
uses: actions/download-artifact@v4
with:
name: content-file
- run: ./docker.sh --build content
- run: ./docker.sh --push content
- run: ./docker.sh --build prod
- run: ./docker.sh --push prod
- id: prod_image_tag
run: echo "prod_image_tag=$(./docker.sh --prodImageTag)" >> $GITHUB_OUTPUT
outputs:
prod_image_tag: ${{ steps.prod_image_tag.outputs.prod_image_tag }}
# deploy-preview:
# needs: [build-push-content-image, get-content-file]
# runs-on: ubuntu-latest
# environment: preview
# steps:
# - name: Report Deployment
# uses: digitalservicebund/track-deployment@5a2815e150e1268983aac5ca04c8c046ed1b614a # v1.0.0
# with:
# project: a2j-rechtsantragstelle
# environment: preview
# metrics_deployment_webhook_url: ${{ secrets.METRICS_DEPLOYMENT_WEBHOOK_URL }}
# metrics_webhook_token: ${{ secrets.METRICS_WEBHOOK_TOKEN }}
#
# - name: Deploy new preview image
# uses: digitalservicebund/argocd-deploy@4fac1bb67c92ed168f6d9b22f8779ce241a9e412 # v1.0.0
# with:
# environment: preview
# version: ${{ needs.build-push-content-image.outputs.prod_image_tag }}
# deploying_repo: a2j-rechtsantragstelle
# infra_repo: a2j-rechtsantragstelle-infra
# deploy_key: ${{ secrets.DEPLOY_KEY }}
# app: a2j-rast-preview
# argocd_pipeline_password: ${{ secrets.ARGOCD_PIPELINE_PASSWORD }}
# argocd_server: ${{ secrets.ARGOCD_SERVER }}
# argocd_sync_timeout: 300
#
# verify-preview-e2e:
# needs: [deploy-preview]
# uses: ./.github/workflows/e2e-test.yml
# secrets:
# BASE_URL: https://a2j-test.dev.ds4g.net
# with:
# require-published-app: true
# use-existing-server: true
# e2e-target: preview
deploy-production:
# needs: [verify-preview-e2e, build-push-content-image]
needs: [build-push-content-image]
runs-on: ubuntu-latest
environment: production
steps:
- name: Report Deployment
uses: digitalservicebund/track-deployment@5a2815e150e1268983aac5ca04c8c046ed1b614a # v1.0.0
with:
project: a2j-rechtsantragstelle
environment: production
metrics_deployment_webhook_url: ${{ secrets.METRICS_DEPLOYMENT_WEBHOOK_URL }}
metrics_webhook_token: ${{ secrets.METRICS_WEBHOOK_TOKEN }}
- name: Deploy new production image
uses: digitalservicebund/argocd-deploy@4fac1bb67c92ed168f6d9b22f8779ce241a9e412 # v1.0.0
with:
environment: production
version: ${{ needs.build-push-content-image.outputs.prod_image_tag }}
deploying_repo: a2j-rechtsantragstelle
infra_repo: a2j-rechtsantragstelle-infra
deploy_key: ${{ secrets.DEPLOY_KEY }}
app: a2j-rast-production
argocd_pipeline_password: ${{ secrets.ARGOCD_PIPELINE_PASSWORD }}
argocd_server: ${{ secrets.ARGOCD_SERVER }}
argocd_sync_timeout: 300
test-production-text:
needs: [deploy-production]
permissions:
packages: read
runs-on: ubuntu-latest
steps:
- run: curl -s "https://service.justiz.de" | grep -q "Justiz-Services"