Skip to content
This repository has been archived by the owner on Oct 24, 2023. It is now read-only.

Build and deploy || fix: server/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ZOD-5925617 #326

Build and deploy || fix: server/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ZOD-5925617

Build and deploy || fix: server/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ZOD-5925617 #326

Workflow file for this run

name: Build and deploy
run-name: Build and deploy || ${{ github.event.head_commit.message }}
on: [ push ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
docker-build-push:
name: Build, test and push docker image
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 16
registry-url: https://npm.pkg.github.com
cache: yarn
cache-dependency-path: |
yarn.lock
server/yarn.lock
- name: Install server dependencies
run: cd server && yarn install --frozen-lockfile --prefer-offline
env:
NODE_AUTH_TOKEN: ${{ secrets.READER_TOKEN }}
- name: Install client dependencies
run: yarn install --frozen-lockfile --prefer-offline
env:
NODE_AUTH_TOKEN: ${{ secrets.READER_TOKEN }}
- name: Run tests
run: yarn test
- name: Build application
run: yarn build
- name: Push to Google Artifact Registry
uses: nais/docker-build-push@v0
id: docker-push
with:
team: teamia
identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}
salsa: false
outputs:
image: ${{ steps.docker-push.outputs.image }}
deploy-to-dev-gcp:
name: Deploy to dev-gcp
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/yarn-upgrade'
needs: docker-build-push
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- uses: nais/deploy/actions/deploy@v1
env:
CLUSTER: dev-gcp
IMAGE: ${{ needs.docker-build-push.outputs.image }}
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
RESOURCE: nais/dev.yaml
deploy-to-dev-gcp-ekstern:
name: Deploy to dev-gcp (ekstern)
if: github.ref == 'refs/heads/master'
needs: docker-build-push
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- uses: nais/deploy/actions/deploy@v1
env:
CLUSTER: dev-gcp
IMAGE: ${{ needs.docker-build-push.outputs.image }}
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
RESOURCE: nais/dev-ekstern.yaml
deploy-to-prod-gcp:
name: Deploy to prod-gcp
if: github.ref == 'refs/heads/master'
needs: docker-build-push
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v3
- uses: nais/deploy/actions/deploy@v1
env:
CLUSTER: prod-gcp
IMAGE: ${{ needs.docker-build-push.outputs.image }}
APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
RESOURCE: nais/prod-gcp.yaml