functionality for sbl bridge (#547) #248
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - "Test/**" # ignore changes to tests | |
| jobs: | |
| test: | |
| name: QA | |
| uses: ./.github/workflows/test-application.yml | |
| get-version: | |
| name: Get version | |
| runs-on: ubuntu-latest | |
| outputs: | |
| imageTag: ${{ steps.get-version.outputs.imageTag }} | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: "Get current version" | |
| uses: ./.github/actions/get-current-version | |
| id: get-version | |
| publish: | |
| name: Publish | |
| runs-on: ubuntu-latest | |
| needs: [get-version] | |
| permissions: | |
| packages: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: "Publish image" | |
| uses: ./.github/actions/publish-image | |
| with: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| dockerImageBaseName: ghcr.io/altinn/altinn-correspondence | |
| imageTag: ${{ needs.get-version.outputs.imageTag }} | |
| deploy-test: | |
| name: Internal test | |
| runs-on: ubuntu-latest | |
| environment: test | |
| if: always() && !failure() && !cancelled() | |
| needs: [get-version, publish, test] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Deploy to environment | |
| uses: ./.github/actions/deploy-to-environment | |
| with: | |
| environment: test | |
| imageTag: ${{ needs.get-version.outputs.imageTag }} | |
| ACCESS_MANAGEMENT_SUBSCRIPTION_KEY: ${{ secrets.ACCESS_MANAGEMENT_SUBSCRIPTION_KEY }} | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} | |
| AZURE_NAME_PREFIX: ${{ secrets.AZURE_NAME_PREFIX }} | |
| AZURE_STORAGE_ACCOUNT_NAME: ${{ secrets.AZURE_STORAGE_ACCOUNT_NAME }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_TEST_ACCESS_CLIENT_ID: ${{ secrets.AZURE_TEST_ACCESS_CLIENT_ID }} | |
| CORRESPONDENCE_BASE_URL: ${{ secrets.CORRESPONDENCE_BASE_URL }} | |
| CONTACT_RESERVATION_REGISTRY_BASE_URL: ${{ secrets.CONTACT_RESERVATION_REGISTRY_BASE_URL }} | |
| DIALOGPORTEN_ISSUER: ${{ secrets.DIALOGPORTEN_ISSUER }} | |
| IDPORTEN_CLIENT_ID: ${{ secrets.IDPORTEN_CLIENT_ID }} | |
| IDPORTEN_CLIENT_SECRET: ${{ secrets.IDPORTEN_CLIENT_SECRET }} | |
| IDPORTEN_ISSUER: ${{ secrets.IDPORTEN_ISSUER }} | |
| MASKINPORTEN_CLIENT_ID: ${{ secrets.MASKINPORTEN_CLIENT_ID }} | |
| MASKINPORTEN_JWK: ${{ secrets.MASKINPORTEN_JWK }} | |
| PLATFORM_BASE_URL: ${{ secrets.PLATFORM_BASE_URL }} | |
| PLATFORM_SUBSCRIPTION_KEY: ${{ secrets.PLATFORM_SUBSCRIPTION_KEY }} | |
| SLACK_URL: ${{ secrets.SLACK_URL }} | |
| SBL_BRIDGE_BASE_URL: ${{ secrets.SBL_BRIDGE_BASE_URL }} | |
| deploy-at22: | |
| name: deploy at22 | |
| runs-on: ubuntu-latest | |
| environment: test | |
| if: always() && !failure() && !cancelled() | |
| needs: [get-version, publish, test] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Deploy to environment | |
| uses: ./.github/actions/deploy-to-environment | |
| with: | |
| environment: at22 | |
| imageTag: ${{ needs.get-version.outputs.imageTag }} | |
| ACCESS_MANAGEMENT_SUBSCRIPTION_KEY: ${{ secrets.ACCESS_MANAGEMENT_SUBSCRIPTION_KEY }} | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} | |
| AZURE_NAME_PREFIX: ${{ secrets.AZURE_NAME_PREFIX }} | |
| AZURE_STORAGE_ACCOUNT_NAME: ${{ secrets.AZURE_STORAGE_ACCOUNT_NAME }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_TEST_ACCESS_CLIENT_ID: ${{ secrets.AZURE_TEST_ACCESS_CLIENT_ID }} | |
| CORRESPONDENCE_BASE_URL: ${{ secrets.CORRESPONDENCE_BASE_URL }} | |
| DIALOGPORTEN_ISSUER: ${{ secrets.DIALOGPORTEN_ISSUER }} | |
| IDPORTEN_CLIENT_ID: ${{ secrets.IDPORTEN_CLIENT_ID }} | |
| IDPORTEN_CLIENT_SECRET: ${{ secrets.IDPORTEN_CLIENT_SECRET }} | |
| IDPORTEN_ISSUER: ${{ secrets.IDPORTEN_ISSUER }} | |
| MASKINPORTEN_CLIENT_ID: ${{ secrets.MASKINPORTEN_CLIENT_ID }} | |
| MASKINPORTEN_JWK: ${{ secrets.MASKINPORTEN_JWK }} | |
| PLATFORM_BASE_URL: ${{ secrets.PLATFORM_BASE_URL }} | |
| PLATFORM_SUBSCRIPTION_KEY: ${{ secrets.PLATFORM_SUBSCRIPTION_KEY }} | |
| SLACK_URL: ${{ secrets.SLACK_URL }} | |
| SBL_BRIDGE_BASE_URL: ${{ secrets.SBL_BRIDGE_BASE_URL }} | |
| MASKINPORTEN_TOKEN_EXCHANGE_ENVIRONMENT: ${{ secrets.MASKINPORTEN_TOKEN_EXCHANGE_ENVIRONMENT }} | |
| CONTACT_RESERVATION_REGISTRY_BASE_URL: ${{ secrets.CONTACT_RESERVATION_REGISTRY_BASE_URL }} | |
| deploy-staging: | |
| name: Internal staging | |
| runs-on: ubuntu-latest | |
| environment: staging | |
| if: always() && !failure() && !cancelled() | |
| needs: [ | |
| get-version, | |
| deploy-test, | |
| ] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Deploy to environment | |
| uses: ./.github/actions/deploy-to-environment | |
| with: | |
| environment: staging | |
| imageTag: ${{ needs.get-version.outputs.imageTag }} | |
| ACCESS_MANAGEMENT_SUBSCRIPTION_KEY: ${{ secrets.ACCESS_MANAGEMENT_SUBSCRIPTION_KEY }} | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} | |
| AZURE_NAME_PREFIX: ${{ secrets.AZURE_NAME_PREFIX }} | |
| AZURE_STORAGE_ACCOUNT_NAME: ${{ secrets.AZURE_STORAGE_ACCOUNT_NAME }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_TEST_ACCESS_CLIENT_ID: ${{ secrets.AZURE_TEST_ACCESS_CLIENT_ID }} | |
| CORRESPONDENCE_BASE_URL: ${{ secrets.CORRESPONDENCE_BASE_URL }} | |
| CONTACT_RESERVATION_REGISTRY_BASE_URL: ${{ secrets.CONTACT_RESERVATION_REGISTRY_BASE_URL }} | |
| DIALOGPORTEN_ISSUER: ${{ secrets.DIALOGPORTEN_ISSUER }} | |
| IDPORTEN_CLIENT_ID: ${{ secrets.IDPORTEN_CLIENT_ID }} | |
| IDPORTEN_CLIENT_SECRET: ${{ secrets.IDPORTEN_CLIENT_SECRET }} | |
| IDPORTEN_ISSUER: ${{ secrets.IDPORTEN_ISSUER }} | |
| MASKINPORTEN_CLIENT_ID: ${{ secrets.MASKINPORTEN_CLIENT_ID }} | |
| MASKINPORTEN_JWK: ${{ secrets.MASKINPORTEN_JWK }} | |
| PLATFORM_BASE_URL: ${{ secrets.PLATFORM_BASE_URL }} | |
| PLATFORM_SUBSCRIPTION_KEY: ${{ secrets.PLATFORM_SUBSCRIPTION_KEY }} | |
| SLACK_URL: ${{ secrets.SLACK_URL }} | |
| SBL_BRIDGE_BASE_URL: ${{ secrets.SBL_BRIDGE_BASE_URL }} | |
| MASKINPORTEN_TOKEN_EXCHANGE_ENVIRONMENT: ${{ secrets.MASKINPORTEN_TOKEN_EXCHANGE_ENVIRONMENT }} | |
| deploy-production: | |
| name: Production | |
| runs-on: ubuntu-latest | |
| environment: production | |
| if: (!failure() && !cancelled()) | |
| needs: [ | |
| get-version, | |
| deploy-staging, | |
| ] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Deploy to environment | |
| uses: ./.github/actions/deploy-to-environment | |
| with: | |
| environment: production | |
| imageTag: ${{ needs.get-version.outputs.imageTag }} | |
| ACCESS_MANAGEMENT_SUBSCRIPTION_KEY: ${{ secrets.ACCESS_MANAGEMENT_SUBSCRIPTION_KEY }} | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} | |
| AZURE_NAME_PREFIX: ${{ secrets.AZURE_NAME_PREFIX }} | |
| AZURE_STORAGE_ACCOUNT_NAME: ${{ secrets.AZURE_STORAGE_ACCOUNT_NAME }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_TEST_ACCESS_CLIENT_ID: ${{ secrets.AZURE_TEST_ACCESS_CLIENT_ID }} | |
| CORRESPONDENCE_BASE_URL: ${{ secrets.CORRESPONDENCE_BASE_URL }} | |
| CONTACT_RESERVATION_REGISTRY_BASE_URL: ${{ secrets.CONTACT_RESERVATION_REGISTRY_BASE_URL }} | |
| DIALOGPORTEN_ISSUER: ${{ secrets.DIALOGPORTEN_ISSUER }} | |
| IDPORTEN_CLIENT_ID: ${{ secrets.IDPORTEN_CLIENT_ID }} | |
| IDPORTEN_CLIENT_SECRET: ${{ secrets.IDPORTEN_CLIENT_SECRET }} | |
| IDPORTEN_ISSUER: ${{ secrets.IDPORTEN_ISSUER }} | |
| MASKINPORTEN_CLIENT_ID: ${{ secrets.MASKINPORTEN_CLIENT_ID }} | |
| MASKINPORTEN_JWK: ${{ secrets.MASKINPORTEN_JWK }} | |
| PLATFORM_BASE_URL: ${{ secrets.PLATFORM_BASE_URL }} | |
| PLATFORM_SUBSCRIPTION_KEY: ${{ secrets.PLATFORM_SUBSCRIPTION_KEY }} | |
| SLACK_URL: ${{ secrets.SLACK_URL }} | |
| SBL_BRIDGE_BASE_URL: ${{ secrets.SBL_BRIDGE_BASE_URL }} | |
| MASKINPORTEN_TOKEN_EXCHANGE_ENVIRONMENT: ${{ secrets.MASKINPORTEN_TOKEN_EXCHANGE_ENVIRONMENT }} | |
| release-to-git: | |
| name: Release to git | |
| runs-on: ubuntu-latest | |
| needs: [deploy-production] | |
| if: ${{ !failure() && !cancelled()}} | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Release | |
| if: (!failure() && !cancelled()) | |
| uses: ./.github/actions/release-to-git | |
| with: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |