Skip to content

Merge pull request #1128 from GSA/add-snyk-exception #494

Merge pull request #1128 from GSA/add-snyk-exception

Merge pull request #1128 from GSA/add-snyk-exception #494

Workflow file for this run

---
name: 2 - Publish & Deploy
on:
push:
branches:
- main
jobs:
ghcr_publish:
name: Publish Images on GHCR
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
image: [ckan, solr, postgresql]
include:
- image: ckan
name: catalog.data.gov
tag: ghcr.io/gsa/catalog.data.gov:latest
- image: solr
name: catalog.data.gov.solr
tag: ghcr.io/gsa/catalog.data.gov.solr:latest
- image: postgresql
name: catalog.data.gov.db
tag: ghcr.io/gsa/catalog.data.gov.db:latest
steps:
- name: checkout
uses: actions/checkout@v3
- name: login to ghcr
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: publish ${{ matrix.name }}
uses: docker/build-push-action@v3
with:
context: ${{ matrix.image }}
push: true
tags: ${{ matrix.tag }}
create-cloudgov-services-staging:
name: create services (staging)
uses: gsa/data.gov/.github/workflows/create-services-template.yml@main
with:
environ: staging
secrets: inherit
create-cloudgov-services-prod:
name: create services (prod)
uses: gsa/data.gov/.github/workflows/create-services-template.yml@main
with:
environ: prod
secrets: inherit
deploy-staging:
name: deploy (staging)
needs:
- create-cloudgov-services-staging
uses: gsa/data.gov/.github/workflows/deploy-template.yml@main
with:
environ: staging
app_url: https://catalog-stage-datagov.app.cloud.gov
app_names: "{\"include\":[{\"app\":\"catalog-web\",\"smoketest\":true},{\"app\":\"catalog-admin\"},{\"app\":\"catalog-fetch\"},{\"app\":\"catalog-gather\"},{\"app\":\"catalog-proxy\"}]}"
secrets: inherit
deploy-prod:
name: deploy (prod)
needs:
- create-cloudgov-services-prod
- deploy-staging
uses: gsa/data.gov/.github/workflows/deploy-template.yml@main
with:
environ: prod
app_url: https://catalog.data.gov
app_names: "{\"include\":[{\"app\":\"catalog-web\",\"smoketest\":true},{\"app\":\"catalog-admin\"},{\"app\":\"catalog-fetch\"},{\"app\":\"catalog-gather\"},{\"app\":\"catalog-proxy\"}]}"
secrets: inherit
network-policies:
name: Add network-policies
needs:
- deploy-staging
- deploy-prod
runs-on: ubuntu-latest
environment: ${{ matrix.environ }}
strategy:
fail-fast: false
matrix:
command: [
"cf add-network-policy catalog-proxy catalog-web --protocol tcp --port 61443",
"cf add-network-policy catalog-proxy catalog-admin --protocol tcp --port 61443"
]
environ: ["staging", "prod"]
steps:
- name: proxy to web
uses: cloud-gov/cg-cli-tools@main
with:
command: ${{ matrix.command }}
cf_org: gsa-datagov
cf_space: ${{ matrix.environ }}
cf_username: ${{secrets.CF_SERVICE_USER}}
cf_password: ${{secrets.CF_SERVICE_AUTH}}