From e2957c4c31ea28d8b4256b6e7e0fd37d54db71f4 Mon Sep 17 00:00:00 2001 From: JulieHillRoa Date: Wed, 21 Feb 2024 10:02:17 +0100 Subject: [PATCH] TC-555 nokkelfri deploy --- .github/workflows/build-push-deploy-dev.yml | 2 +- .github/workflows/deploy-alerts-to-prod.yaml | 2 +- .github/workflows/deploy-unleash-apitoken.yaml | 6 ++++-- .github/workflows/main.yml | 3 +-- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-push-deploy-dev.yml b/.github/workflows/build-push-deploy-dev.yml index ed49cc36..1fa23d48 100644 --- a/.github/workflows/build-push-deploy-dev.yml +++ b/.github/workflows/build-push-deploy-dev.yml @@ -6,6 +6,7 @@ env: permissions: packages: write contents: write + id-token: write jobs: build-and-push: name: Build and push @@ -46,7 +47,6 @@ jobs: - name: Deploy application uses: nais/deploy/actions/deploy@v2 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} CLUSTER: dev-fss RESOURCE: .nais/application/application-config-dev.yaml VAR: image=${{ needs.build-and-push.outputs.image }} diff --git a/.github/workflows/deploy-alerts-to-prod.yaml b/.github/workflows/deploy-alerts-to-prod.yaml index 68e3aae9..d9cf8577 100644 --- a/.github/workflows/deploy-alerts-to-prod.yaml +++ b/.github/workflows/deploy-alerts-to-prod.yaml @@ -10,6 +10,7 @@ on: workflow_dispatch: permissions: packages: write + id-token: write jobs: deploy-alerts: @@ -22,6 +23,5 @@ jobs: - name: Deploy to prod-fss uses: nais/deploy/actions/deploy@v2 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY_OBO }} CLUSTER: prod-fss RESOURCE: .nais/alerts/alerts-config-prod.yaml diff --git a/.github/workflows/deploy-unleash-apitoken.yaml b/.github/workflows/deploy-unleash-apitoken.yaml index 10f17556..e08f2fdd 100644 --- a/.github/workflows/deploy-unleash-apitoken.yaml +++ b/.github/workflows/deploy-unleash-apitoken.yaml @@ -12,6 +12,8 @@ on: jobs: deploy-dev: name: Deploy unleash-apitoken to dev + permissions: + id-token: write runs-on: ubuntu-latest steps: - name: Checkout @@ -19,13 +21,14 @@ jobs: - name: Deploy unleash-apitoken uses: nais/deploy/actions/deploy@v2 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} CLUSTER: dev-fss RESOURCE: .nais/application/unleash-apitoken-dev.yaml PRINT_PAYLOAD: true deploy-prod: name: Deploy unleash-apitoken to prod + permissions: + id-token: write runs-on: ubuntu-latest if: github.ref == 'refs/heads/master' steps: @@ -35,7 +38,6 @@ jobs: uses: nais/deploy/actions/deploy@v2 if: github.ref == 'refs/heads/master' env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} CLUSTER: prod-fss RESOURCE: .nais/application/unleash-apitoken-prod.yaml PRINT_PAYLOAD: true diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 6de1160d..22524f5d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -6,6 +6,7 @@ env: permissions: packages: write contents: write + id-token: write jobs: test: name: Run tests @@ -67,7 +68,6 @@ jobs: - name: Deploy application uses: nais/deploy/actions/deploy@v2 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} CLUSTER: dev-fss RESOURCE: .nais/application/application-config-dev.yaml VAR: image=${{ needs.test-build-and-push.outputs.image }} @@ -91,7 +91,6 @@ jobs: - name: Deploy application uses: nais/deploy/actions/deploy@v2 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} CLUSTER: prod-fss RESOURCE: .nais/application/application-config-prod.yaml VAR: image=${{ needs.test-build-and-push.outputs.image }}