-
Notifications
You must be signed in to change notification settings - Fork 1
130 lines (118 loc) · 5.67 KB
/
ci.yml
File metadata and controls
130 lines (118 loc) · 5.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: merge to main workflow
on:
push:
branches: [main]
env:
BRANCH_NAME: ${{ github.ref_name }}
jobs:
get_commit_id:
runs-on: ubuntu-22.04
outputs:
commit_id: ${{ steps.commit_id.outputs.commit_id }}
sha_short: ${{ steps.commit_id.outputs.sha_short }}
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
with:
ref: ${{ env.BRANCH_NAME }}
- name: Get Commit ID
id: commit_id
run: |
# echo "commit_id=${{ github.sha }}" >> "$GITHUB_ENV"
echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
echo "sha_short=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
get_config_values:
runs-on: ubuntu-22.04
outputs:
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
devcontainer_image: ${{ steps.load-config.outputs.DEVCONTAINER_IMAGE }}
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
- name: Load config value
id: load-config
run: |
TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
DEVCONTAINER_IMAGE=$(jq -r '.build.args.IMAGE_NAME' .devcontainer/devcontainer.json)
DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
{
echo "TAG_FORMAT=$TAG_FORMAT"
echo "DEVCONTAINER_IMAGE=$DEVCONTAINER_IMAGE"
echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION"
} >> "$GITHUB_OUTPUT"
quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@36677e1d6bfaa010d7b78942a1ade12fbefecb80
needs: [get_config_values, get_commit_id]
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
run_docker_scan: true
docker_images: "eps-cdk-utils"
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
tag_release:
needs: [quality_checks, get_commit_id, get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@36677e1d6bfaa010d7b78942a1ade12fbefecb80
with:
dry_run: true
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
branch_name: main
publish_packages: packages/cdkConstructs,packages/deploymentUtils
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
verify_published_from_main_image: true
secrets: inherit
package_code:
needs: [tag_release, quality_checks, get_commit_id, get_config_values]
uses: ./.github/workflows/docker_image_build.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
VERSION_NUMBER: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }}
release_dev:
needs: [tag_release, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/docker_image_upload.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
AWS_ENVIRONMENT: dev
VERSION_NUMBER: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }}
TAG_LATEST: false
DOCKER_IMAGE_TAG: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
secrets:
CDK_PUSH_IMAGE_ROLE: ${{ secrets.DEV_CDK_PUSH_IMAGE_ROLE }}
release_qa:
needs:
[tag_release, release_dev, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/docker_image_upload.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
AWS_ENVIRONMENT: qa
VERSION_NUMBER: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }}
TAG_LATEST: false
DOCKER_IMAGE_TAG: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
secrets:
CDK_PUSH_IMAGE_ROLE: ${{ secrets.QA_CDK_PUSH_IMAGE_ROLE }}
release_ref:
needs:
[tag_release, release_dev, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/docker_image_upload.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
AWS_ENVIRONMENT: ref
VERSION_NUMBER: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }}
TAG_LATEST: false
DOCKER_IMAGE_TAG: pre-release-${{ needs.get_commit_id.outputs.sha_short }}
secrets:
CDK_PUSH_IMAGE_ROLE: ${{ secrets.REF_CDK_PUSH_IMAGE_ROLE }}
package_npm_code:
needs: [quality_checks, get_commit_id, get_config_values]
uses: ./.github/workflows/package_npm_code.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true