Skip to content

buildContentImage

buildContentImage #347

Workflow file for this run

name: buildContentImage
on:
workflow_dispatch:
env:
REGISTRY: ghcr.io
jobs:
get-content-file:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/cached-checkout-install
- run: npm run build:localContent
env:
STRAPI_API: "${{ secrets.STRAPI_API }}"
STRAPI_ACCESS_KEY: "${{ secrets.STRAPI_ACCESS_KEY }}"
- run: npm run verify:emails
- run: npm run verify:websites
- name: Calculate content checksum
id: checksum
run: echo "content_checksum=$(./docker.sh --contentHash)" >> $GITHUB_OUTPUT
- name: Upload content.json
uses: actions/upload-artifact@v4
with:
name: content-file
path: content.json
outputs:
content_checksum: ${{ steps.checksum.outputs.content_checksum }}
verify-local-e2e:
needs: [get-content-file]
uses: ./.github/workflows/e2e-test.yml
with:
require-published-app: true
e2e-target: local
secrets:
GERICHTSFINDER_ENCRYPTION_KEY: ${{ secrets.GERICHTSFINDER_ENCRYPTION_KEY }}
build-push-content-image:
runs-on: ubuntu-latest
needs: [verify-local-e2e]
steps:
- uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
- name: Download Content File
uses: actions/download-artifact@v4
with:
name: content-file
- run: ./docker.sh --build content
- run: ./docker.sh --push content
- run: ./docker.sh --build prod
- run: ./docker.sh --push prod
- id: prod_image_tag
run: echo "prod_image_tag=$(./docker.sh --prodImageTag)" >> $GITHUB_OUTPUT
outputs:
prod_image_tag: ${{ steps.prod_image_tag.outputs.prod_image_tag }}
deploy-preview:
needs: [build-push-content-image, get-content-file]
runs-on: ubuntu-latest
environment: preview
steps:
- name: Report Deployment
uses: digitalservicebund/track-deployment@5a2815e150e1268983aac5ca04c8c046ed1b614a # v1.0.0
with:
project: a2j-rechtsantragstelle
environment: preview
metrics_deployment_webhook_url: ${{ secrets.METRICS_DEPLOYMENT_WEBHOOK_URL }}
metrics_webhook_token: ${{ secrets.METRICS_WEBHOOK_TOKEN }}
- name: Deploy new preview image
uses: digitalservicebund/argocd-deploy@4fac1bb67c92ed168f6d9b22f8779ce241a9e412 # v1.0.0
with:
environment: preview
version: ${{ needs.build-push-content-image.outputs.prod_image_tag }}
deploying_repo: a2j-rechtsantragstelle
infra_repo: a2j-rechtsantragstelle-infra
deploy_key: ${{ secrets.DEPLOY_KEY }}
app: a2j-rast-preview
argocd_pipeline_password: ${{ secrets.ARGOCD_PIPELINE_PASSWORD }}
argocd_server: ${{ secrets.ARGOCD_SERVER }}
argocd_sync_timeout: 300
verify-preview-e2e:
needs: [deploy-preview]
uses: ./.github/workflows/e2e-test.yml
with:
require-published-app: true
use-existing-server: true
e2e-target: preview
deploy-production:
needs: [verify-preview-e2e, build-push-content-image]
runs-on: ubuntu-latest
environment: production
steps:
- name: Report Deployment
uses: digitalservicebund/track-deployment@5a2815e150e1268983aac5ca04c8c046ed1b614a # v1.0.0
with:
project: a2j-rechtsantragstelle
environment: production
metrics_deployment_webhook_url: ${{ secrets.METRICS_DEPLOYMENT_WEBHOOK_URL }}
metrics_webhook_token: ${{ secrets.METRICS_WEBHOOK_TOKEN }}
- name: Deploy new production image
uses: digitalservicebund/argocd-deploy@4fac1bb67c92ed168f6d9b22f8779ce241a9e412 # v1.0.0
with:
environment: production
version: ${{ needs.build-push-content-image.outputs.prod_image_tag }}
deploying_repo: a2j-rechtsantragstelle
infra_repo: a2j-rechtsantragstelle-infra
deploy_key: ${{ secrets.DEPLOY_KEY }}
app: a2j-rast-production
argocd_pipeline_password: ${{ secrets.ARGOCD_PIPELINE_PASSWORD }}
argocd_server: ${{ secrets.ARGOCD_SERVER }}
argocd_sync_timeout: 300
test-production-text:
needs: [deploy-production]
permissions:
packages: read
runs-on: ubuntu-latest
steps:
- run: curl -s "https://service.justiz.de" | grep -q "Justiz-Services"