-
Notifications
You must be signed in to change notification settings - Fork 3
189 lines (189 loc) · 7.56 KB
/
for-dependabot-to-check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
# Generated using halfpipe cli version 0.0.0-DEV from file dependabot.halfpipe.io for team halfpipe-team
name: for-dependabot-to-check
"on":
workflow_dispatch: {}
env:
ARTIFACTORY_PASSWORD: ${{ secrets.EE_ARTIFACTORY_PASSWORD }}
ARTIFACTORY_URL: ${{ secrets.EE_ARTIFACTORY_URL }}
ARTIFACTORY_USERNAME: ${{ secrets.EE_ARTIFACTORY_USERNAME }}
BUILD_VERSION: 2.${{ github.run_number }}.0
GIT_REVISION: ${{ github.sha }}
RUNNING_IN_CI: "true"
VAULT_ROLE_ID: ${{ secrets.VAULT_ROLE_ID }}
VAULT_SECRET_ID: ${{ secrets.VAULT_SECRET_ID }}
concurrency: ${{ github.workflow }}
jobs:
run__exit_1:
name: run \exit 1
runs-on: ee-runner
timeout-minutes: 60
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
lfs: true
show-progress: false
ssh-key: ${{ secrets.EE_GITHUB_PRIVATE_KEY }}
submodules: recursive
- name: run \exit 1
uses: docker://eu.gcr.io/halfpipe-io/halfpipe-team/blah:nonexistent
with:
args: -c "cd .; \exit 1"
entrypoint: /bin/sh
- name: 'Notify slack #halfpipe-dev (failure)'
if: failure()
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0
with:
channel-id: '#halfpipe-dev'
slack-message: '${{ job.status }} for pipeline ${{ github.workflow }} - link to the pipeline: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
SLACK_BOT_TOKEN: ${{ secrets.EE_SLACK_TOKEN }}
deploy-cf:
name: deploy-cf
needs:
- run__exit_1
runs-on: ee-runner
timeout-minutes: 60
steps:
- name: Vault secrets
id: secrets
uses: hashicorp/vault-action@d1720f055e0635fd932a1d2a48f87a666a57906c
with:
exportEnv: false
method: approle
roleId: ${{ env.VAULT_ROLE_ID }}
secretId: ${{ env.VAULT_SECRET_ID }}
secrets: |
/springernature/data/halfpipe-team/cloudfoundry api-snpaas | springernature_data_halfpipe-team_cloudfoundry_api-snpaas ;
/springernature/data/halfpipe-team/cloudfoundry org-snpaas | springernature_data_halfpipe-team_cloudfoundry_org-snpaas ;
/springernature/data/halfpipe-team/cloudfoundry password-snpaas | springernature_data_halfpipe-team_cloudfoundry_password-snpaas ;
/springernature/data/halfpipe-team/cloudfoundry username-snpaas | springernature_data_halfpipe-team_cloudfoundry_username-snpaas ;
url: https://vault.halfpipe.io
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
lfs: true
show-progress: false
ssh-key: ${{ secrets.EE_GITHUB_PRIVATE_KEY }}
submodules: recursive
- name: Deploy
uses: springernature/ee-action-deploy-cf@v1
with:
api: ${{ steps.secrets.outputs.springernature_data_halfpipe-team_cloudfoundry_api-snpaas }}
appPath: .
cliVersion: cf7
command: halfpipe-all
gitUri: [email protected]:springernature/halfpipe.git
manifestPath: e2e/actions/deploy-cf/manifest.yml
org: ${{ steps.secrets.outputs.springernature_data_halfpipe-team_cloudfoundry_org-snpaas }}
password: ${{ steps.secrets.outputs.springernature_data_halfpipe-team_cloudfoundry_password-snpaas }}
space: cf-space
team: halfpipe-team
testDomain: springernature.app
username: ${{ steps.secrets.outputs.springernature_data_halfpipe-team_cloudfoundry_username-snpaas }}
env:
CF_ENV_VAR_BUILD_URL: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}
- name: Summary
run: |-
echo ":rocket: **Deployment Successful**" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "[SNPaaS Mission Control](https://mission-control.snpaas.eu/)" >> $GITHUB_STEP_SUMMARY
- name: 'Notify slack #halfpipe-dev (failure)'
if: failure()
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0
with:
channel-id: '#halfpipe-dev'
slack-message: '${{ job.status }} for pipeline ${{ github.workflow }} - link to the pipeline: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
SLACK_BOT_TOKEN: ${{ secrets.EE_SLACK_TOKEN }}
docker-push:
name: docker-push
needs:
- deploy-cf
runs-on: ee-runner
timeout-minutes: 60
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
lfs: true
show-progress: false
ssh-key: ${{ secrets.EE_GITHUB_PRIVATE_KEY }}
submodules: recursive
- name: Build and Push
uses: springernature/ee-action-docker-push@v1
with:
buildArgs: |
"ARTIFACTORY_PASSWORD"
"ARTIFACTORY_URL"
"ARTIFACTORY_USERNAME"
"BUILD_VERSION"
"GIT_REVISION"
"RUNNING_IN_CI"
context: .
dockerfile: e2e/actions/docker-push/Dockerfile
image: eu.gcr.io/halfpipe-io/halfpipe-team/blah
platforms: linux/amd64
secrets: |
"ARTIFACTORY_PASSWORD=${{ secrets.EE_ARTIFACTORY_PASSWORD }}"
"ARTIFACTORY_URL=${{ secrets.EE_ARTIFACTORY_URL }}"
"ARTIFACTORY_USERNAME=${{ secrets.EE_ARTIFACTORY_USERNAME }}"
tags: |
latest
${{ env.BUILD_VERSION }}
${{ env.GIT_REVISION }}
- name: Repository dispatch
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0
with:
event-type: docker-push:eu.gcr.io/halfpipe-io/halfpipe-team/blah
token: ${{ secrets.EE_REPOSITORY_DISPATCH_TOKEN }}
- name: 'Notify slack #halfpipe-dev (failure)'
if: failure()
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0
with:
channel-id: '#halfpipe-dev'
slack-message: '${{ job.status }} for pipeline ${{ github.workflow }} - link to the pipeline: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
SLACK_BOT_TOKEN: ${{ secrets.EE_SLACK_TOKEN }}
docker-compose:
name: docker-compose
needs:
- docker-push
runs-on: ee-runner
timeout-minutes: 60
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
lfs: true
show-progress: false
ssh-key: ${{ secrets.EE_GITHUB_PRIVATE_KEY }}
submodules: recursive
- name: docker-compose
run: |-
docker-compose \
-f e2e/actions/docker-compose/docker-compose.yml \
run \
--use-aliases \
-e ARTIFACTORY_PASSWORD \
-e ARTIFACTORY_URL \
-e ARTIFACTORY_USERNAME \
-e BUILD_VERSION \
-e GIT_REVISION \
-e RUNNING_IN_CI \
-e VAULT_ROLE_ID \
-e VAULT_SECRET_ID \
-v /mnt/halfpipe-cache/halfpipe-team:/var/halfpipe/shared-cache \
-v /var/run/docker.sock:/var/run/docker.sock \
app
- name: Docker cleanup
if: always()
run: docker-compose -f e2e/actions/docker-compose/docker-compose.yml down
- name: 'Notify slack #halfpipe-dev (failure)'
if: failure()
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0
with:
channel-id: '#halfpipe-dev'
slack-message: '${{ job.status }} for pipeline ${{ github.workflow }} - link to the pipeline: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
SLACK_BOT_TOKEN: ${{ secrets.EE_SLACK_TOKEN }}