Add oauth with role on workflow endpoints #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Workflow Notifier to Development | |
| # Only one workflow in a concurrency group may run at a time | |
| concurrency: | |
| group: development-concurrency-wf-notifier | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| jobs: | |
| # NB: Instead of using github commit sha, | |
| # calculate the hash of the directory to use as a tag | |
| # so that it does not have to create a new image | |
| # in the container registry if the code has not changed | |
| get-short-sha: | |
| outputs: | |
| tag: ${{ steps.get-tag.outputs.tag }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - id: get-tag | |
| run: | | |
| DIR_HASH=$(find workflow-notifier -type f -exec sha256sum {} + | sort | sha256sum | cut -c1-8) | |
| echo "Computed DIR_HASH: $DIR_HASH" | |
| echo "tag=$DIR_HASH" >> "$GITHUB_OUTPUT" | |
| build-and-push-components: | |
| name: Build and push containers to acr for Development | |
| needs: get-short-sha | |
| uses: ./.github/workflows/publish_component.yml | |
| with: | |
| Registry: auroradevacr.azurecr.io | |
| ImageName: robotics/workflow-notifier | |
| Tag: "dev.${{ needs.get-short-sha.outputs.tag }}" | |
| ContextDir: "workflow-notifier" | |
| DockerfilePath: "workflow-notifier/Dockerfile" | |
| secrets: | |
| RegistryUsername: ${{ secrets.ROBOTICS_AURORADEVACR_USERNAME }} | |
| RegistryPassword: ${{ secrets.ROBOTICS_AURORADEVACR_PASSWORD }} | |
| deploy: | |
| name: Update deployment in Development | |
| needs: [build-and-push-components, get-short-sha] | |
| uses: ./.github/workflows/update_aurora_deployment.yml | |
| with: | |
| Environment: development | |
| Registry: auroradevacr.azurecr.io | |
| ImageName: robotics/workflow-notifier | |
| # Add dev. prefix for the tags used in dev environment, | |
| # due to the commit hash can be interpreted as an integer if only numbers | |
| # PS: Needs to match build-and-push-components.with.Tag | |
| Tag: "dev.${{ needs.get-short-sha.outputs.tag }}" | |
| AuthorEmail: ${{ github.event.head_commit.author.email }} | |
| AuthorName: ${{ github.event.head_commit.author.name }} | |
| secrets: | |
| DeployKey: ${{ secrets.ANALYTICS_INFRASTRUCTURE_DEPLOY_KEY }} |