Test al-go setup on 1st party apps #546
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ' CI/CD' | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths-ignore: | |
| - '**.md' | |
| - '.github/workflows/*.yaml' | |
| - '!.github/workflows/CICD.yaml' | |
| branches: [ 'main' ] | |
| defaults: | |
| run: | |
| shell: powershell | |
| permissions: | |
| contents: read | |
| actions: read | |
| env: | |
| workflowDepth: 2 | |
| ALGoOrgSettings: ${{ vars.ALGoOrgSettings }} | |
| ALGoRepoSettings: ${{ vars.ALGoRepoSettings }} | |
| jobs: | |
| Initialization: | |
| runs-on: [ windows-latest ] | |
| outputs: | |
| telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} | |
| environments: ${{ steps.ReadSettings.outputs.EnvironmentsJson }} | |
| environmentCount: ${{ steps.ReadSettings.outputs.EnvironmentCount }} | |
| deliveryTargets: ${{ steps.DetermineDeliveryTargets.outputs.DeliveryTargetsJson }} | |
| deliveryTargetCount: ${{ steps.DetermineDeliveryTargets.outputs.DeliveryTargetCount }} | |
| githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} | |
| githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} | |
| checkRunId: ${{ steps.CreateCheckRun.outputs.checkRunId }} | |
| projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }} | |
| projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }} | |
| buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }} | |
| workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| lfs: true | |
| - name: Initialize the workflow | |
| id: init | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| eventId: "DO0091" | |
| - name: Read settings | |
| id: ReadSettings | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} | |
| getEnvironments: '*' | |
| get: type | |
| - name: Determine Workflow Depth | |
| id: DetermineWorkflowDepth | |
| run: | | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "WorkflowDepth=$($env:workflowDepth)" | |
| - name: Determine Projects To Build | |
| id: determineProjectsToBuild | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| maxBuildDepth: ${{ env.workflowDepth }} | |
| - name: Determine Delivery Target Secrets | |
| id: DetermineDeliveryTargetSecrets | |
| run: | | |
| $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
| $deliveryTargetSecrets = @('GitHubPackagesContext','NuGetContext','StorageContext','AppSourceContext') | |
| $namePrefix = 'DeliverTo' | |
| Get-Item -Path (Join-Path $ENV:GITHUB_WORKSPACE ".github/$($namePrefix)*.ps1") | ForEach-Object { | |
| $deliveryTarget = [System.IO.Path]::GetFileNameWithoutExtension($_.Name.SubString($namePrefix.Length)) | |
| $deliveryTargetSecrets += @("$($deliveryTarget)Context") | |
| } | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "Secrets=$($deliveryTargetSecrets -join ',')" | |
| - name: Read secrets | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| gitHubSecrets: ${{ toJson(secrets) }} | |
| getSecrets: ${{ steps.DetermineDeliveryTargetSecrets.outputs.Secrets }} | |
| - name: Determine Delivery Targets | |
| id: DetermineDeliveryTargets | |
| run: | | |
| $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
| $deliveryTargets = @('GitHubPackages','NuGet','Storage') | |
| if ($env:type -eq "AppSource App") { | |
| $continuousDelivery = $false | |
| # For multi-project repositories, we will add deliveryTarget AppSource if any project has AppSourceContinuousDelivery set to true | |
| ('${{ steps.determineProjectsToBuild.outputs.ProjectsJson }}' | ConvertFrom-Json) | where-Object { $_ } | ForEach-Object { | |
| $projectSettings = Get-Content (Join-Path $_ '.AL-Go/settings.json') -encoding UTF8 -raw | ConvertFrom-Json | |
| if ($projectSettings.PSObject.Properties.Name -eq 'AppSourceContinuousDelivery' -and $projectSettings.AppSourceContinuousDelivery) { | |
| Write-Host "Project $_ is setup for Continuous Delivery" | |
| $continuousDelivery = $true | |
| } | |
| } | |
| if ($continuousDelivery) { | |
| $deliveryTargets += @("AppSource") | |
| } | |
| } | |
| $namePrefix = 'DeliverTo' | |
| Get-Item -Path (Join-Path $ENV:GITHUB_WORKSPACE ".github/$($namePrefix)*.ps1") | ForEach-Object { | |
| $deliveryTarget = [System.IO.Path]::GetFileNameWithoutExtension($_.Name.SubString($namePrefix.Length)) | |
| $deliveryTargets += @($deliveryTarget) | |
| } | |
| $settings = $env:Settings | ConvertFrom-Json | |
| $secrets = $env:Secrets | ConvertFrom-Json | |
| $deliveryTargets = @($deliveryTargets | Select-Object -unique | Where-Object { | |
| $include = $false | |
| Write-Host "Check DeliveryTarget $_" | |
| $contextName = "$($_)Context" | |
| if ($secrets."$contextName") { | |
| $settingName = "DeliverTo$_" | |
| if (($settings.PSObject.Properties.Name -eq $settingName) -and ($settings."$settingName".PSObject.Properties.Name -eq "Branches")) { | |
| Write-Host "Branches:" | |
| $settings."$settingName".Branches | ForEach-Object { | |
| Write-Host "- $_" | |
| if ($ENV:GITHUB_REF_NAME -like $_) { | |
| $include = $true | |
| } | |
| } | |
| } | |
| else { | |
| $include = ($ENV:GITHUB_REF_NAME -eq 'main') | |
| } | |
| } | |
| if ($include) { | |
| Write-Host "DeliveryTarget $_ included" | |
| } | |
| $include | |
| }) | |
| $deliveryTargetsJson = $deliveryTargets | ConvertTo-Json -Depth 99 -compress | |
| if ($deliveryTargets.Count -lt 2) { $deliveryTargetsJson = "[$($deliveryTargetsJson)]" } | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "DeliveryTargetsJson=$deliveryTargetsJson" | |
| Write-Host "DeliveryTargetsJson=$deliveryTargetsJson" | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "DeliveryTargetCount=$($deliveryTargets.Count)" | |
| Write-Host "DeliveryTargetCount=$($deliveryTargets.Count)" | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_ENV -Value "DeliveryTargets=$deliveryTargetsJson" | |
| CheckForUpdates: | |
| runs-on: [ windows-latest ] | |
| needs: [ Initialization ] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Read settings | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
| get: templateUrl | |
| - name: Check for updates to AL-Go system files | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
| templateUrl: ${{ env.templateUrl }} | |
| Build1: | |
| needs: [ Initialization ] | |
| if: (!failure()) && (!cancelled()) && fromJson(needs.Initialization.outputs.buildOrderJson)[0].projectsCount > 0 | |
| strategy: | |
| matrix: | |
| include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[0].buildDimensions }} | |
| fail-fast: false | |
| name: Build ${{ matrix.project }} - ${{ matrix.buildMode }} | |
| uses: ./.github/workflows/_BuildALGoProject.yaml | |
| secrets: inherit | |
| with: | |
| shell: ${{ needs.Initialization.outputs.githubRunnerShell }} | |
| runsOn: ${{ needs.Initialization.outputs.githubRunner }} | |
| parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
| project: ${{ matrix.project }} | |
| buildMode: ${{ matrix.buildMode }} | |
| projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }} | |
| secrets: 'licenseFileUrl,insiderSasToken,codeSignCertificateUrl,codeSignCertificatePassword,keyVaultCertificateUrl,keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString' | |
| publishThisBuildArtifacts: ${{ needs.Initialization.outputs.workflowDepth > 1 }} | |
| publishArtifacts: ${{ github.ref_name == 'main' || startswith(github.ref_name, 'release/') || needs.Initialization.outputs.deliveryTargetCount > 0 || needs.Initialization.outputs.environmentCount > 0 }} | |
| signArtifacts: true | |
| useArtifactCache: true | |
| Build: | |
| needs: [ Initialization, Build1 ] | |
| if: (!failure()) && (!cancelled()) && (needs.Build1.result == 'success' || needs.Build1.result == 'skipped') && fromJson(needs.Initialization.outputs.buildOrderJson)[1].projectsCount > 0 | |
| strategy: | |
| matrix: | |
| include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[1].buildDimensions }} | |
| fail-fast: false | |
| name: Build ${{ matrix.project }} - ${{ matrix.buildMode }} | |
| uses: ./.github/workflows/_BuildALGoProject.yaml | |
| secrets: inherit | |
| with: | |
| shell: ${{ needs.Initialization.outputs.githubRunnerShell }} | |
| runsOn: ${{ needs.Initialization.outputs.githubRunner }} | |
| parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
| project: ${{ matrix.project }} | |
| buildMode: ${{ matrix.buildMode }} | |
| projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }} | |
| secrets: 'licenseFileUrl,insiderSasToken,codeSignCertificateUrl,codeSignCertificatePassword,keyVaultCertificateUrl,keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString' | |
| publishThisBuildArtifacts: ${{ needs.Initialization.outputs.workflowDepth > 1 }} | |
| publishArtifacts: ${{ github.ref_name == 'main' || startswith(github.ref_name, 'release/') || needs.Initialization.outputs.deliveryTargetCount > 0 || needs.Initialization.outputs.environmentCount > 0 }} | |
| signArtifacts: true | |
| useArtifactCache: true | |
| Deploy: | |
| needs: [ Initialization, Build ] | |
| if: always() && needs.Build.result == 'Success' && needs.Initialization.outputs.environmentCount > 0 | |
| strategy: ${{ fromJson(needs.Initialization.outputs.environments) }} | |
| runs-on: ${{ fromJson(matrix.os) }} | |
| name: Deploy to ${{ matrix.environment }} | |
| environment: | |
| name: ${{ matrix.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| path: '.artifacts' | |
| - name: EnvName | |
| id: envName | |
| run: | | |
| $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
| $envName = '${{ matrix.environment }}'.split(' ')[0] | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "envName=$envName" | |
| - name: Read settings | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| - name: Read secrets | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| gitHubSecrets: ${{ toJson(secrets) }} | |
| getSecrets: '${{ steps.envName.outputs.envName }}-AuthContext,${{ steps.envName.outputs.envName }}_AuthContext,AuthContext,${{ steps.envName.outputs.envName }}-EnvironmentName,${{ steps.envName.outputs.envName }}_EnvironmentName,EnvironmentName,projects' | |
| - name: AuthContext | |
| id: authContext | |
| run: | | |
| $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
| $settings = $env:Settings | ConvertFrom-Json | |
| $envName = '${{ steps.envName.outputs.envName }}' | |
| $settingsName = "DeployTo$envName" | |
| if ($settings.PSObject.Properties.name -eq $settingsName) { | |
| $deployToSetting = $settings."$settingsName" | ConvertFrom-Json | |
| } | |
| else { | |
| $deployToSetting = [PSCustomObject]@{} | |
| } | |
| $secrets = $env:Secrets | ConvertFrom-Json | |
| $authContext = $null | |
| "$($envName)-AuthContext", "$($envName)_AuthContext", "AuthContext" | ForEach-Object { | |
| if (!($authContext)) { | |
| if ($secrets."$_") { | |
| Write-Host "Using $_ secret as AuthContext" | |
| $authContext = $secrets."$_" | |
| } | |
| } | |
| } | |
| if (!($authContext)) { | |
| Write-Host "::Error::No AuthContext provided" | |
| exit 1 | |
| } | |
| if (("$deployToSetting" -ne "") -and $deployToSetting.PSObject.Properties.name -eq "EnvironmentName") { | |
| $environmentName = $deployToSetting.EnvironmentName | |
| } | |
| else { | |
| $environmentName = $null | |
| "$($envName)-EnvironmentName", "$($envName)_EnvironmentName", "EnvironmentName" | ForEach-Object { | |
| if (!($EnvironmentName)) { | |
| if ($secrets."$_") { | |
| Write-Host "Using $_ secret as EnvironmentName" | |
| Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the EnvironmentName in a Secret." | |
| $EnvironmentName = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($secrets."$_")) | |
| } | |
| } | |
| } | |
| } | |
| if (!($environmentName)) { | |
| $environmentName = '${{ steps.envName.outputs.envName }}' | |
| } | |
| $environmentName = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(($environmentName + '${{ matrix.environment }}'.SubString($envName.Length)).ToUpperInvariant())) | |
| $projects = '' | |
| if (("$deployToSetting" -ne "") -and $deployToSetting.PSObject.Properties.name -eq "projects") { | |
| $projects = $deployToSetting.projects | |
| } | |
| elseif ($settings.PSObject.Properties.name -eq "$($envName)-projects") { | |
| $projects = $settings."$($envName)-projects" | |
| Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the Projects in Setting '$($envName)-projects'" | |
| } | |
| elseif ($settings.PSObject.Properties.name -eq "$($envName)_projects") { | |
| $projects = $settings."$($envName)_projects" | |
| Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the Projects in Setting '$($envName)_projects'" | |
| } | |
| elseif ($secrets.projects) { | |
| $projects = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($secrets.projects)) | |
| Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the Projects in the secret 'project'" | |
| } | |
| if ($projects -eq '' -or $projects -eq '*') { | |
| $projects = '*' | |
| } | |
| else { | |
| $buildProjects = '${{ needs.Initialization.outputs.projects }}' | ConvertFrom-Json | |
| $projects = ($projects.Split(',') | Where-Object { $buildProjects -contains $_ }) -join ',' | |
| } | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "authContext=$authContext" | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "environmentName=$environmentName" | |
| Write-Host "environmentName=$([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($environmentName)))" | |
| Write-Host "environmentName (as Base64)=$environmentName" | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "projects=$projects" | |
| Write-Host "projects=$projects" | |
| - name: Deploy | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| env: | |
| AuthContext: ${{ steps.authContext.outputs.authContext }} | |
| with: | |
| shell: powershell | |
| type: 'CD' | |
| projects: ${{ steps.authContext.outputs.projects }} | |
| environmentName: ${{ steps.authContext.outputs.environmentName }} | |
| artifacts: '.artifacts' | |
| Deliver: | |
| needs: [ Initialization, Build ] | |
| if: always() && needs.Build.result == 'Success' && needs.Initialization.outputs.deliveryTargetCount > 0 | |
| strategy: | |
| matrix: | |
| deliveryTarget: ${{ fromJson(needs.Initialization.outputs.deliveryTargets) }} | |
| fail-fast: false | |
| runs-on: [ windows-latest ] | |
| name: Deliver to ${{ matrix.deliveryTarget }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| path: '.artifacts' | |
| - name: Read settings | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| - name: Read secrets | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| gitHubSecrets: ${{ toJson(secrets) }} | |
| getSecrets: '${{ matrix.deliveryTarget }}Context' | |
| - name: DeliveryContext | |
| id: deliveryContext | |
| run: | | |
| $errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
| $secrets = $env:Secrets | ConvertFrom-Json | |
| $contextName = '${{ matrix.deliveryTarget }}Context' | |
| $deliveryContext = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($secrets."$contextName")) | |
| Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "deliveryContext=$deliveryContext" | |
| Write-Host "deliveryContext=$deliveryContext" | |
| - name: Deliver | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| env: | |
| deliveryContext: ${{ steps.deliveryContext.outputs.deliveryContext }} | |
| with: | |
| shell: powershell | |
| type: 'CD' | |
| projects: ${{ needs.Initialization.outputs.projects }} | |
| deliveryTarget: ${{ matrix.deliveryTarget }} | |
| artifacts: '.artifacts' | |
| PostProcess: | |
| if: (!cancelled()) | |
| runs-on: [ windows-latest ] | |
| needs: [ Initialization, Build, Deploy, Deliver ] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Finalize the workflow | |
| id: PostProcess | |
| uses: microsoft/AL-Go-Actions/[email protected] | |
| with: | |
| shell: powershell | |
| eventId: "DO0091" | |
| telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} |