feat: or-2521 prevent lidmaatschap referring to self #1163
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main | |
| on: | |
| push: | |
| branches: [ main ] | |
| workflow_dispatch: | |
| concurrency: CI | |
| jobs: | |
| analyze-code: | |
| name: Analyze Code | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| # needed for Sonar, default is 11 and is decprecated | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: 17 | |
| distribution: oracle | |
| - name: Cache Paket | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-paket | |
| with: | |
| path: packages | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('paket.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ vars.VBR_DOTNET_VERSION_8 }} | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Restore dotnet tools | |
| shell: bash | |
| run: | | |
| dotnet tool restore | |
| - name: Cache SonarCloud scanner | |
| id: cache-sonar-scanner | |
| uses: actions/cache@v4 | |
| with: | |
| path: ./.sonar/scanner | |
| key: ${{ runner.os }}-sonar-scanner | |
| restore-keys: ${{ runner.os }}-sonar-scanner | |
| - name: Install SonarCloud scanner | |
| if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' | |
| shell: bash | |
| run: | | |
| mkdir .sonar | |
| mkdir .sonar/scanner | |
| dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner | |
| - name: Start sonar scanner | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| shell: bash | |
| run: | | |
| ./.sonar/scanner/dotnet-sonarscanner begin /k:"Informatievlaanderen_association-registry" /o:"informatievlaanderen" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.dotcover.reportsPaths=dotCover.Output.html | |
| - name: Paket install | |
| shell: bash | |
| run: dotnet paket install | |
| - name: Paket restore | |
| shell: bash | |
| run: dotnet paket restore | |
| - name: Dotnet restore | |
| shell: bash | |
| run: dotnet restore --runtime linux-x64 | |
| - name: Dotnet build | |
| shell: bash | |
| run: dotnet build --no-restore | |
| - name: Analyze with sonar scanner | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| shell: bash | |
| run: | | |
| ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}" | |
| set-release-version: | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| name: Decide next version | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.set-version.outputs.version }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| - name: Node version | |
| shell: bash | |
| run: node --version | |
| - name: Install NPM dependencies | |
| shell: bash | |
| run: npm install --legacy-peer-deps | |
| - name: Run Semantic Release dry-run | |
| shell: bash | |
| run: npx semantic-release --dry-run | |
| env: | |
| NPM_TOKEN: ${{ secrets.VBR_WEBCOMP_NPM_TOKEN }} | |
| BUILD_DOCKER_REGISTRY: ${{ secrets.BUILD_DOCKER_REGISTRY_IK4 }} | |
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} | |
| GIT_COMMIT: ${{ github.sha }} | |
| GIT_USERNAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_AUTHOR_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_COMMITTER_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_AUTHOR_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_COMMITTER_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| - name: Set Release Version | |
| id: set-version | |
| run: | | |
| [ ! -f semver ] && echo none > semver | |
| echo $(cat semver) | |
| echo ::set-output name=version::$(cat semver) | |
| echo RELEASE_VERSION=$(cat semver) >> $GITHUB_ENV | |
| shell: bash | |
| build-acm-api: | |
| name: Build ACM Api | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-acm-api-image.tar | |
| image-name: verenigingsregister-acmapi | |
| test-project: AssociationRegistry.Test.Acm.Api | |
| build-project: AssociationRegistry.Acm.Api/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: true | |
| run-docker-wiremock: false | |
| run-docker-db: true | |
| run-docker-elasticsearch: false | |
| run-docker-localstack: false | |
| run-docker-otelcollector: false | |
| pre-gen-marten: true | |
| secrets: inherit | |
| build-public-api: | |
| name: Build Public Api | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-public-api-image.tar | |
| image-name: verenigingsregister-publicapi | |
| test-project: AssociationRegistry.Test.Public.Api | |
| build-project: AssociationRegistry.Public.Api/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: false | |
| run-docker-wiremock: false | |
| run-docker-db: true | |
| run-docker-elasticsearch: true | |
| run-docker-localstack: true | |
| run-docker-otelcollector: true | |
| pre-gen-marten: false | |
| secrets: inherit | |
| build-public-projections: | |
| name: Build Public Projections | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-public-projections-image.tar | |
| image-name: verenigingsregister-publicprojections | |
| build-project: AssociationRegistry.Public.ProjectionHost/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: false | |
| run-docker-wiremock: false | |
| run-docker-db: true | |
| run-docker-elasticsearch: true | |
| run-docker-localstack: false | |
| run-docker-otelcollector: true | |
| pre-gen-marten: true | |
| secrets: inherit | |
| build-admin-api: | |
| name: Build Admin Api | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-admin-api-image.tar | |
| image-name: verenigingsregister-adminapi | |
| test-project: AssociationRegistry.Test.Admin.Api | |
| build-project: AssociationRegistry.Admin.Api/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: true | |
| run-docker-wiremock: true | |
| run-docker-db: true | |
| run-docker-elasticsearch: true | |
| run-docker-localstack: true | |
| run-docker-otelcollector: true | |
| pre-gen-marten: true | |
| secrets: inherit | |
| build-admin-projections: | |
| name: Build Admin Projections | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-admin-projections-image.tar | |
| image-name: verenigingsregister-adminprojections | |
| build-project: AssociationRegistry.Admin.ProjectionHost/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: true | |
| run-docker-wiremock: true | |
| run-docker-db: true | |
| run-docker-elasticsearch: true | |
| run-docker-localstack: true | |
| run-docker-otelcollector: true | |
| pre-gen-marten: true | |
| secrets: inherit | |
| build-admin-address-sync: | |
| name: Build Admin Address Sync Scheduled Task | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-admin-address-sync-image.tar | |
| image-name: verenigingsregister-adressensync | |
| test-project: AssociationRegistry.Test.Admin.AddressSync | |
| build-project: AssociationRegistry.Admin.AddressSync/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: false | |
| run-docker-wiremock: false | |
| run-docker-db: true | |
| run-docker-elasticsearch: false | |
| run-docker-localstack: false | |
| run-docker-otelcollector: true | |
| pre-gen-marten: false | |
| secrets: inherit | |
| build-powerbi-exporthost: | |
| name: Build PowerBI Export Scheduled Task | |
| uses: ./.github/workflows/build-image.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| image-file: ar-powerbiexport-image.tar | |
| image-name: verenigingsregister-powerbiexport | |
| test-project: AssociationRegistry.Test.PowerBi.ExportHost | |
| build-project: AssociationRegistry.PowerBi.ExportHost/ | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| run-docker-acm: false | |
| run-docker-wiremock: false | |
| run-docker-db: true | |
| run-docker-elasticsearch: false | |
| run-docker-localstack: false | |
| run-docker-otelcollector: true | |
| pre-gen-marten: false | |
| secrets: inherit | |
| run-e2e-tests: | |
| name: Run e2e tests | |
| uses: ./.github/workflows/run-tests.yml | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| needs: [ set-release-version ] | |
| with: | |
| test-project: AssociationRegistry.Test.E2E | |
| run-docker-acm: true | |
| run-docker-wiremock: true | |
| run-docker-db: true | |
| run-docker-elasticsearch: true | |
| run-docker-localstack: true | |
| run-docker-otelcollector: true | |
| secrets: inherit | |
| pack-association-registry: | |
| name: Pack Association Registry Domain | |
| uses: Informatievlaanderen/build-pipeline/.github/workflows/pack.yml@main | |
| needs: [ set-release-version ] | |
| if: ${{ (github.repository_owner == 'Informatievlaanderen') && (needs.set-release-version.outputs.version != 'none') }} | |
| with: | |
| pack-file: Be.Vlaanderen.Basisregisters.AssociationRegistry | |
| build-project: AssociationRegistry | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| secrets: inherit | |
| pack-association-registry-magda: | |
| name: Pack Association Registry Magda | |
| uses: Informatievlaanderen/build-pipeline/.github/workflows/pack.yml@main | |
| needs: [ set-release-version ] | |
| if: ${{ (github.repository_owner == 'Informatievlaanderen') && (needs.set-release-version.outputs.version != 'none') }} | |
| with: | |
| pack-file: Be.Vlaanderen.Basisregisters.AssociationRegistry.Magda | |
| build-project: AssociationRegistry.Magda | |
| semver: ${{ needs.set-release-version.outputs.version }} | |
| secrets: inherit | |
| release: | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| name: Semantic Release | |
| runs-on: ubuntu-latest | |
| needs: [ | |
| set-release-version, | |
| build-acm-api, | |
| build-public-api, | |
| build-public-projections, | |
| build-admin-api, | |
| build-admin-projections, | |
| build-admin-address-sync, | |
| build-powerbi-exporthost, | |
| pack-association-registry, | |
| pack-association-registry-magda | |
| ] | |
| outputs: | |
| version: ${{ steps.set-version.outputs.version }} | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Cache NPM | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-npm | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - name: Node version | |
| shell: bash | |
| run: node --version | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Python version | |
| shell: bash | |
| run: python --version | |
| - name: Install NPM dependencies | |
| shell: bash | |
| run: npm install --legacy-peer-deps | |
| - name: Install Python dependencies | |
| shell: bash | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install requests markdown argparse | |
| - name: Generate Token | |
| id: generate_token # Add an ID to this step for reference | |
| run: node .github/build-scripts/generate-token.js | |
| env: | |
| APP_ID: ${{ secrets.MYBOT_APP_ID }} | |
| PRIVATE_KEY: ${{ secrets.MYBOT_PRIVATE_KEY }} | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.generate_token.outputs.installationToken }} | |
| - name: Install NPM dependencies | |
| shell: bash | |
| run: npm install --legacy-peer-deps | |
| - name: Run Semantic Release | |
| shell: bash | |
| run: npx semantic-release | |
| env: | |
| NPM_TOKEN: ${{ secrets.VBR_WEBCOMP_NPM_TOKEN }} | |
| BUILD_DOCKER_REGISTRY: ${{ secrets.BUILD_DOCKER_REGISTRY_IK4 }} | |
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} | |
| GIT_COMMIT: ${{ github.sha }} | |
| GIT_USERNAME: ${{ secrets.VBR_ACTIONS_TOKEN }} | |
| GIT_AUTHOR_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_COMMITTER_NAME: ${{ secrets.VBR_GIT_USER }} | |
| GIT_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_AUTHOR_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| GIT_COMMITTER_EMAIL: ${{ secrets.VBR_GIT_EMAIL }} | |
| - name: Set Release Version | |
| id: set-version | |
| run: | | |
| [ ! -f semver ] && echo none > semver | |
| echo $(cat semver) | |
| echo ::set-output name=version::$(cat semver) | |
| echo RELEASE_VERSION=$(cat semver) >> $GITHUB_ENV | |
| shell: bash | |
| publish_to_nuget: | |
| needs: [ release ] | |
| if: ${{ (github.repository_owner == 'Informatievlaanderen') && (needs.release.outputs.version != 'none') }} | |
| name: Publish to NuGet | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ vars.VBR_DOTNET_VERSION_8 }} | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Download NuGet package 'association-registry' | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nuget-Be.Vlaanderen.Basisregisters.AssociationRegistry-${{ needs.release.outputs.version }} | |
| path: dist/nuget/ | |
| - name: Publish packages to NuGet 'association-registry' | |
| shell: bash | |
| run: | | |
| dotnet nuget push dist/nuget/Be.Vlaanderen.Basisregisters.AssociationRegistry.$SEMVER.nupkg --source nuget.org --api-key $NUGET_API_KEY | |
| env: | |
| SEMVER: ${{ needs.release.outputs.version }} | |
| WORKSPACE: ${{ github.workspace }} | |
| NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} | |
| - name: Download NuGet package 'association-registry-magda' | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nuget-Be.Vlaanderen.Basisregisters.AssociationRegistry.Magda-${{ needs.release.outputs.version }} | |
| path: dist/nuget | |
| - name: Publish packages to NuGet 'association-registry-magda' | |
| shell: bash | |
| run: | | |
| dotnet nuget push dist/nuget/Be.Vlaanderen.Basisregisters.AssociationRegistry.Magda.$SEMVER.nupkg --source nuget.org --api-key $NUGET_API_KEY | |
| env: | |
| SEMVER: ${{ needs.release.outputs.version }} | |
| WORKSPACE: ${{ github.workspace }} | |
| NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} | |
| publish_to_atlassian: | |
| if: needs.release.outputs.version != 'none' | |
| needs: [ release ] | |
| name: Publish to Atlassian | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Cache Paket | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-paket | |
| with: | |
| path: packages | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('paket.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| - name: Cache Python | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-pip | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-build-${{ env.cache-name }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - name: Install Python dependencies | |
| shell: bash | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install requests markdown argparse | |
| - name: Publish to Confluence | |
| if: needs.release.outputs.version != 'none' | |
| shell: bash | |
| run: ./packages/Be.Vlaanderen.Basisregisters.Build.Pipeline/Content/ci-confluence.sh | |
| env: | |
| CONFLUENCE_TITLE: ${{ env.REPOSITORY_NAME }} | |
| CONFLUENCE_USERNAME: ${{ secrets.VBR_CONFLUENCE_USER }} | |
| CONFLUENCE_PASSWORD: ${{ secrets.VBR_CONFLUENCE_PASSWORD }} | |
| - name: Create Jira Release | |
| if: needs.release.outputs.version != 'none' | |
| shell: bash | |
| run: ./packages/Be.Vlaanderen.Basisregisters.Build.Pipeline/Content/ci-jira.sh | |
| env: | |
| CONFLUENCE_TITLE: ${{ env.REPOSITORY_NAME }} | |
| CONFLUENCE_USERNAME: ${{ secrets.VBR_CONFLUENCE_USER }} | |
| CONFLUENCE_PASSWORD: ${{ secrets.VBR_CONFLUENCE_PASSWORD }} | |
| JIRA_PREFIX: Association | |
| JIRA_PROJECT: OR | |
| JIRA_VERSION: ${{ needs.release.outputs.version }} | |
| push_images_to_ik4_devops: | |
| if: needs.release.outputs.version != 'none' | |
| needs: [ release ] | |
| name: Push images IK4 (DevOps) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Configure AWS credentials (Test) | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.VBR_AWS_BUILD_USER_ACCESS_KEY_ID_IK4 }} | |
| aws-secret-access-key: ${{ secrets.VBR_AWS_BUILD_USER_SECRET_ACCESS_KEY_IK4 }} | |
| aws-region: ${{ secrets.VBR_AWS_REGION_PRD }} | |
| - name: Login to Amazon ECR (Test) | |
| if: needs.release.outputs.version != 'none' | |
| uses: aws-actions/amazon-ecr-login@v2.0.1 | |
| - name: Download Acm Api artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-acmapi | |
| path: ~/ | |
| - name: Load Acm Api image | |
| shell: bash | |
| run: docker image load -i ~/ar-acm-api-image.tar | |
| - name: Download Public Api artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-publicapi | |
| path: ~/ | |
| - name: Load Public Api image | |
| shell: bash | |
| run: docker image load -i ~/ar-public-api-image.tar | |
| - name: Download Public Projections artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-publicprojections | |
| path: ~/ | |
| - name: Load Public Projections image | |
| shell: bash | |
| run: docker image load -i ~/ar-public-projections-image.tar | |
| - name: Download Admin Api artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-adminapi | |
| path: ~/ | |
| - name: Load Admin Api image | |
| shell: bash | |
| run: docker image load -i ~/ar-admin-api-image.tar | |
| - name: Download Admin Projections artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-adminprojections | |
| path: ~/ | |
| - name: Load Admin Projections image | |
| shell: bash | |
| run: docker image load -i ~/ar-admin-projections-image.tar | |
| - name: Download Admin Address Sync Scheduled Task artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-adressensync | |
| path: ~/ | |
| - name: Load Admin Address Sync Scheduled Task image | |
| shell: bash | |
| run: docker image load -i ~/ar-admin-address-sync-image.tar | |
| - name: Download PowerBI Export Scheduled Task artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: verenigingsregister-powerbiexport | |
| path: ~/ | |
| - name: Load PowerBI Export Scheduled Task image | |
| shell: bash | |
| run: docker image load -i ~/ar-powerbiexport-image.tar | |
| - name: Push docker images to ECR Test | |
| if: needs.release.outputs.version != 'none' | |
| shell: bash | |
| run: | | |
| echo $SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-acmapi:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-adminapi:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-adminprojections:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-publicapi:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-publicprojections:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-adressensync:$SEMVER | |
| docker push $BUILD_DOCKER_REGISTRY_IK4/verenigingsregister-powerbiexport:$SEMVER | |
| env: | |
| BUILD_DOCKER_REGISTRY_IK4: ${{ secrets.BUILD_DOCKER_REGISTRY_IK4 }} | |
| SEMVER: ${{ needs.release.outputs.version }} | |
| WORKSPACE: ${{ github.workspace }} | |
| deploy_test_ik4: | |
| if: needs.release.outputs.version != 'none' | |
| needs: [ set-release-version, push_images_to_ik4_devops, release ] | |
| name: Deploy to Test (IK4) | |
| environment: test_ik4 | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| services: | |
| [ | |
| 'acmapi', | |
| 'publicapi', | |
| 'publicprojections', | |
| 'adminapi', | |
| 'adminprojections', | |
| ] | |
| steps: | |
| - name: debug_output | |
| shell: bash | |
| run: | | |
| echo ${{ needs.release.outputs.version }} | |
| - name: CD | |
| id: awscurl-polling-action | |
| if: needs.release.outputs.version != 'none' | |
| env: | |
| BUILD_URL: ${{ secrets.VBR_AWS_BUILD_API }}/${{matrix.services}}/test/deploy/v4 | |
| STATUS_URL: ${{ secrets.VBR_AWS_BUILD_STATUS_API }}/${{matrix.services}}/test/deploy/v4/status | |
| uses: informatievlaanderen/awscurl-polling-action/polling-action@deploy-v4 | |
| with: | |
| environment: test | |
| version: ${{ needs.release.outputs.version }} | |
| status-url: $STATUS_URL | |
| deploy-url: $BUILD_URL | |
| access-key: ${{ secrets.VBR_AWS_BUILD_USER_ACCESS_KEY_ID_IK4 }} | |
| secret-key: ${{ secrets.VBR_AWS_BUILD_USER_SECRET_ACCESS_KEY_IK4 }} | |
| region: eu-west-1 | |
| deploy-target: 'ecs' | |
| domain: 'verenigingsregister' | |
| project: 'verenigingsregister' | |
| application: ${{matrix.services}} | |
| interval: 2 | |
| - name: output | |
| shell: bash | |
| if: always() | |
| run: | | |
| echo build-uuid: ${{ steps.awscurl-polling-action.outputs.build-uuid }} | |
| echo Status: ${{ steps.awscurl-polling-action.outputs.status }} | |
| echo ${{ steps.awscurl-polling-action.outputs.final-message }} | |
| deploy_test_scheduledtasks_ik4: | |
| if: needs.release.outputs.version != 'none' | |
| needs: [ set-release-version, push_images_to_ik4_devops, release ] | |
| name: Deploy scheduled tasks to Test (IK4) | |
| environment: test_ik4 | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| services: | |
| [ | |
| 'adressensync', | |
| 'powerbiexport' | |
| ] | |
| steps: | |
| - name: debug_output | |
| shell: bash | |
| run: | | |
| echo ${{ needs.release.outputs.version }} | |
| - name: CD | |
| id: awscurl-polling-action | |
| if: needs.release.outputs.version != 'none' | |
| env: | |
| BUILD_URL: ${{ secrets.VBR_AWS_BUILD_API }}/${{matrix.services}}/test/deploy/v4 | |
| STATUS_URL: ${{ secrets.VBR_AWS_BUILD_STATUS_API }}/${{matrix.services}}/test/deploy/v4/status | |
| uses: informatievlaanderen/awscurl-polling-action/polling-action@deploy-v4 | |
| with: | |
| environment: test | |
| version: ${{ needs.release.outputs.version }} | |
| status-url: $STATUS_URL | |
| deploy-url: $BUILD_URL | |
| access-key: ${{ secrets.VBR_AWS_BUILD_USER_ACCESS_KEY_ID_IK4 }} | |
| secret-key: ${{ secrets.VBR_AWS_BUILD_USER_SECRET_ACCESS_KEY_IK4 }} | |
| region: eu-west-1 | |
| deploy-target: 'ecs' | |
| domain: 'verenigingsregister' | |
| project: 'verenigingsregister' | |
| application: ${{matrix.services}} | |
| interval: 2 | |
| - name: output | |
| shell: bash | |
| if: always() | |
| run: | | |
| echo build-uuid: ${{ steps.awscurl-polling-action.outputs.build-uuid }} | |
| echo Status: ${{ steps.awscurl-polling-action.outputs.status }} | |
| echo ${{ steps.awscurl-polling-action.outputs.final-message }} | |
| notify: | |
| if: failure() | |
| name: Notify slack | |
| runs-on: ubuntu-latest | |
| needs: [ deploy_test_ik4, deploy_test_scheduledtasks_ik4 ] | |
| steps: | |
| - name: Construct Slack message | |
| id: construct_message | |
| run: | | |
| USER_IDS="${{ secrets.SLACK_USER_IDS }}" | |
| IFS=',' read -r -a array <<< "$USER_IDS" | |
| MENTIONS="" | |
| for user_id in "${array[@]}" | |
| do | |
| MENTIONS+="<@$user_id> " | |
| done | |
| echo "::set-output name=mentions::$MENTIONS" | |
| - name: Post to a Slack channel | |
| id: slack | |
| uses: slackapi/slack-github-action@v1.23.0 | |
| with: | |
| channel-id: ${{ secrets.SLACK_CHANNEL_ID }} | |
| slack-message: | | |
| GitHub build result: ${{ job.status }} | |
| ${{ github.event.pull_request.html_url || github.event.head_commit.url }} | |
| ${{ steps.construct_message.outputs.mentions }} Please check the build failure. | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |