Setter skrivetilgang på packages i workflow for bygg og deploy (#891) #462
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy PROD | |
on: | |
push: | |
branches: | |
- 'master' | |
env: | |
IMAGE: ghcr.io/navikt/familie-ef-soknad-api:${{ github.sha }} | |
jobs: | |
build: | |
name: Build, push and deploy to prod-gcp | |
runs-on: ubuntu-latest | |
permissions: | |
packages: "write" | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Read/save maven cache | |
uses: actions/cache@v3 | |
with: | |
path: ~/.github/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Set up JDK 1.11 | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
- name: Bygg med maven | |
env: | |
GITHUB_USERNAME: x-access-token | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: mvn -B --no-transfer-progress package --settings .m2/maven-settings.xml --file pom.xml | |
- name: Build and publish Docker image | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
docker build --tag ${IMAGE} . | |
echo ${GITHUB_TOKEN} | docker login ghcr.io --username ${GITHUB_REPOSITORY} --password-stdin | |
docker push ${IMAGE} | |
- name: Post build failures to Slack | |
if: failure() | |
run: | | |
curl -X POST --data "{\"text\": \"Build av $GITHUB_REPOSITORY feilet - $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID\"}" $WEBHOOK_URL | |
env: | |
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
deploy: | |
name: Deploy to NAIS | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Deploy til dev-gcp | |
uses: nais/deploy/actions/deploy@v1 | |
env: | |
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} | |
CLUSTER: dev-gcp | |
RESOURCE: nais-dev.yaml | |
- name: Deploy til prod-gcp | |
uses: nais/deploy/actions/deploy@v1 | |
env: | |
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} | |
CLUSTER: prod-gcp | |
RESOURCE: nais-prod.yaml | |
- name: Post deploy failures to Slack | |
if: failure() | |
run: | | |
curl -X POST --data "{\"text\": \"Deploy av $GITHUB_REPOSITORY feilet - $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID\"}" $WEBHOOK_URL | |
env: | |
MESSAGE: "Deploy av feilet" | |
WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} |