From 3d273708cf491e204fb9a3e5de814f8d188bdac3 Mon Sep 17 00:00:00 2001 From: Morten Osvik <33130876+mortenoosvik@users.noreply.github.com> Date: Tue, 28 Jan 2025 14:50:46 +0100 Subject: [PATCH 1/3] =?UTF-8?q?Opprett=20workflow=20for=20=C3=A5=20deploye?= =?UTF-8?q?=20k9-inntekstmelding=20til=20prod?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/build.yml | 72 ++++++++++++++++++++++--------------- 1 file changed, 44 insertions(+), 28 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b9e5021e..f708ab63 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,47 +16,63 @@ on: - '.github/*.yml' jobs: - publish-image-k9: - name: Build på nytt for publisering til k9saksbehandling i GAR - if: github.ref_name == 'master' + build-app: + name: Build permissions: contents: read packages: write id-token: write - pull-requests: read - uses: navikt/fp-gha-workflows/.github/workflows/build-app-no-db.yml@main + uses: navikt/sif-gha-workflows/.github/workflows/maven-build-app-db.yml@main with: - build-image: ${{ github.ref_name == 'master' }} # default: true - push-image: ${{ github.ref_name == 'master' }} # default: false - namespace: k9saksbehandling - sonar-scan: false + java-version: 21 + build-image: ${{ github.actor != 'dependabot[bot]' }} + push-image: ${{ github.ref_name == github.event.repository.default_branch}} + upload-image: ${{ github.ref_name != github.event.repository.default_branch }} # TODO: hør med Qadeer om denne trengs + db_schema: k9inntektsmelding_unit secrets: inherit - deploy-dev-k9saksbehandling: + verdikjede-tester: + name: Verdikjedetester + secrets: inherit + permissions: + id-token: write + contents: read + packages: read + uses: navikt/sif-gha-workflows/.github/workflows/verdikjede-test-v2.yml@main + if: ${{github.actor != 'dependabot[bot]'}} + needs: build-app + with: + tag: ${{ needs.build-app.outputs.build-version }} + suites: "pleiepenger,livetssluttfase" + override_image_artifact_name: ${{ github.ref_name != github.event.repository.default_branch && needs.build-app.outputs.image-artifact-name || null }} + image_version: ${{ needs.build-app.outputs.build-version }} + + deploy-dev: name: Deploy dev permissions: id-token: write - if: github.ref_name == 'master' - needs: [publish-image-k9] + if: | + github.ref_name == 'master' + && always() + && needs.verdikjede-tester.outputs.pleiepenger == 'success' + && needs.verdikjede-tester.outputs.livetssluttfase == 'success' + needs: [ build-app, verdikjede-tester ] uses: navikt/ft-inntektsmelding/.github/workflows/deploy.yml@master with: - image: ${{ needs.publish-image-k9.outputs.build-version }} + image: ${{ needs.build-app.outputs.build-version }} cluster: dev-gcp namespace: k9saksbehandling secrets: inherit -# deploy-prod: -# name: Deploy prod -# permissions: -# id-token: write -# if: github.ref_name == 'master' -# needs: [build-app] -# uses: navikt/fp-gha-workflows/.github/workflows/deploy.yml@main -# with: -# gar: true -# image: ${{ needs.build-app.outputs.build-version }} -# cluster: prod-gcp -# secrets: inherit - - - + deploy-prod: + name: Deploy prod + permissions: + id-token: write + if: github.ref_name == 'master' + needs: [ build-app, verdikjede-tester, deploy-dev ] + uses: navikt/ft-inntektsmelding/.github/workflows/deploy.yml@master + with: + image: ${{ needs.build-app.outputs.build-version }} + cluster: prod-gcp + namespace: k9saksbehandling + secrets: inherit From 3cb4cf1b59a7826387aee33c36265dbe7ba52c7a Mon Sep 17 00:00:00 2001 From: Morten Osvik <33130876+mortenoosvik@users.noreply.github.com> Date: Tue, 28 Jan 2025 15:00:31 +0100 Subject: [PATCH 2/3] Tilpass workflow for codeql og dependency-submission til k9 --- .github/workflows/codeql.yml | 6 ++++-- .github/workflows/dependency-submission.yml | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6fa71f8a..b48f0c6e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,5 +15,7 @@ jobs: actions: read contents: read security-events: write - uses: navikt/fp-gha-workflows/.github/workflows/codeql.yml@main - secrets: inherit \ No newline at end of file + uses: navikt/sif-gha-workflows/.github/workflows/codeql.yml@main + secrets: inherit + with: + java-version: 21 diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml index 16acc303..5165457a 100644 --- a/.github/workflows/dependency-submission.yml +++ b/.github/workflows/dependency-submission.yml @@ -12,5 +12,5 @@ jobs: deps: permissions: contents: write - uses: navikt/fp-gha-workflows/.github/workflows/mvn-dependency-submission.yml@main + uses: navikt/sif-gha-workflows/.github/workflows/maven-dependency-submission.yml@main secrets: inherit From d6ed18d38170e66a31ab2ad1dedd4c825069210f Mon Sep 17 00:00:00 2001 From: Morten Osvik <33130876+mortenoosvik@users.noreply.github.com> Date: Tue, 28 Jan 2025 15:14:36 +0100 Subject: [PATCH 3/3] Oppdater prod-gcp-k9saksbehandling.json med riktig db properties og ingress --- .deploy/k9/prod-gcp-k9saksbehandling.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.deploy/k9/prod-gcp-k9saksbehandling.json b/.deploy/k9/prod-gcp-k9saksbehandling.json index de369867..583cb727 100644 --- a/.deploy/k9/prod-gcp-k9saksbehandling.json +++ b/.deploy/k9/prod-gcp-k9saksbehandling.json @@ -10,7 +10,10 @@ "cpu": "500m", "mem": "1024Mi" }, - "dbTier": "TODO", + "ingresses": [ + "https://k9-inntektsmelding.intern.nav.no" + ], + "dbTier": "db-custom-1-3840", "dbDiskAutoresize": "true", "dbHighAvailability": "true", "dbPointInTimeRecovery": "true",