add an action to deploy to a specific environment and a specific comm…

…it (#93) * add an action to deploy to a specific environment and a specific commit * Updated package versions for action and .net version in dockerfile * updated readme with deploy actions * Update README.md Co-authored-by: Aleksander Heintz <[email protected]> * Update .github/workflows/build-deploy-to-environment.yml Co-authored-by: Aleksander Heintz <[email protected]> * update action name and readme --------- Co-authored-by: acn-dgopa <acn-dgopa@dev-acn-tje-14> Co-authored-by: Aleksander Heintz <[email protected]>
Altinn · Mar 20, 2024 · 6f127f0 · 6f127f0
1 parent 161f7b4
commit 6f127f0
Show file tree

Hide file tree

Showing 6 changed files with 110 additions and 17 deletions.
diff --git a/.github/workflows/build-analyze.yml b/.github/workflows/build-analyze.yml
@@ -12,7 +12,7 @@ jobs:
     if: ((github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) || github.event_name == 'push') && github.repository_owner == 'Altinn' && github.actor != 'dependabot[bot]' 
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set inotify watchers
         run: echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
       - name: Set inotify instances
@@ -41,18 +41,18 @@ jobs:
         with:
           distribution: 'microsoft'
           java-version: 17
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
       - name: Cache SonarCloud packages
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ~\sonar\cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
       - name: Cache SonarCloud scanner
         id: cache-sonar-scanner
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: .\.sonar\scanner
           key: ${{ runner.os }}-sonar-scanner

diff --git a/.github/workflows/build-deploy-at.yml b/.github/workflows/build-deploy-at.yml
@@ -37,17 +37,17 @@ jobs:
           path: ./src/Functions/Altinn.Auth.AuditLog.Functions/output
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Log in to the Container registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           push: true
           tags: ghcr.io/altinn/altinn-auth-audit-log:${{ github.sha }}

diff --git a/.github/workflows/manual-build-deploy-to-environment.yml b/.github/workflows/manual-build-deploy-to-environment.yml
@@ -0,0 +1,93 @@
+name: Manually build and publish to a specific environments
+on:
+  workflow_dispatch:
+    inputs:
+        environment:
+          type: environment
+          description: Select the environment
+
+env:
+  DOTNET_VERSION: '8.0.x'
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: ${{ env.DOTNET_VERSION }}
+
+      - name: Build function app
+        shell: bash
+        working-directory: ./src/Functions/Altinn.Auth.AuditLog.Functions
+        run: dotnet build --configuration Release --output ./output
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: function-app
+          path: ./src/Functions/Altinn.Auth.AuditLog.Functions/output
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          tags: ghcr.io/altinn/altinn-auth-audit-log:${{ github.sha }}
+
+  deploy:
+    name: Deploy to ${{ inputs.environment }}
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    needs:
+      - build
+
+    permissions:
+      id-token: write
+      contents: read
+      packages: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Download built function-app
+        uses: actions/download-artifact@v4
+        with:
+          name: function-app
+          path: ./artifacts/function-app     
+
+      - name: Azure Login
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - uses: ./.github/actions/deploy
+        name: Deploy
+        with:
+          image-tag: ${{ github.sha }}
+          resource-group: ${{ vars.CONTAINER_APP_RESOURCE_GROUP_NAME }}
+          container-app: ${{ vars.CONTAINER_APP_NAME }}
+          function-app: ${{ vars.AZURE_FUNCTIONAPP_NAME }}
+          function-app-path: ./artifacts/function-app
diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml
@@ -13,7 +13,7 @@ jobs:
       pull-requests: write # for TimonVS/pr-labeler-action to add labels in PR
     runs-on: ubuntu-latest
     steps:
-      - uses: TimonVS/pr-labeler-action@v4
+      - uses: TimonVS/pr-labeler-action@v5
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           configuration-path: .github/pr-labeler.yml # optional, .github/pr-labeler.yml is the default value
diff --git a/README.md b/README.md
@@ -27,7 +27,7 @@ The auditlog api maps the events to the database model and stores them in the da
 The events are stored in the postgres database.
 
 ## Technologies
-  - .NET 7.0
+  - .NET 8.0
   - Azure Storage Queue
   - Azure Function App V4
   - Azure Container App
@@ -112,15 +112,15 @@ Now, this message will be processed by the function app, sent to the auditlog ap
 pr-labeler action is triggered for each pull request. Based on the branch name, this action adds a label to the pull request. The configuration for the labels can be found here.
 
 ## Deploy
-### Auditlog Container application
-Code is continously integrated and deployed to all testing environments (AT environments). build-publish-deploy-via-ghcr is triggered when a pull request is merged into main branch. On each run, the code is built, packaged and published to Github Container registry as altinn-auth-audit-log. Each image is tagged with the github commit sha. The package is then deployed to an azure container app in testing environment. The environment variables, secrets for the action are setup in the repository settings.
+### Auditlog Container application / function application
+Code is continously integrated and deployed to all testing environments (AT environments). [build-deploy-at](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/build-deploy-at.yml) is triggered when a pull request is merged into main branch. On each run, the code is built, packaged and published to Github Container registry as altinn-auth-audit-log. Each image is tagged with the github commit sha. The package is then deployed to an azure container app in testing environment. The environment variables, secrets for the action are setup in the repository settings.
 
 ### Auditlog Function Application
 Code is continously integrated and deployed to all testing environments (AT environments). The code from the main branch is published to the function app in different environments. In the future, the function app will also be containerized.
 
 ## Release
-### Auditlog Container Application
-The application has a release every wednesday. [scheduled-release](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/scheduled-release.yml) action is triggered every wednesday 00.00. This action drafts a release, tags the latest package with the release version, f.ex package gets a release version v2024.1. The action drafts the release on different categories. The changes are categorized based on the pull request label. F.ex, A PR with a label bugfix is categorized under bug. The detailed release draft configuration can be found [here](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/release-drafter.yml). The deploy in charge for the week, deploys the application to a specific environment(TT02/Prod) using the action [deploy-to-environment](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/deploy-to-environment.yml). The drafted release is then reviewed manually and published by the deploy in charge.
+### Auditlog Container Application / Function application
+The application has a release every wednesday. [create-release-draft](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/create-release-draft.yml) action is triggered every wednesday 00.00. This action drafts release notes, formats a release version f.ex 2024.3.19. The action drafts the release on different categories. The changes are categorized based on the pull request label. F.ex, A PR with a label bugfix is categorized under bug. The detailed release draft configuration can be found [here](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/release-drafter.yml). The deploy in charge for the week, publishes the drafted release notes. The release action then triggers [deploy-after-release](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/deploy-after-release.yml) of the release version. 
 
-### Auditlog Function Application
-The application has a release every wednesday. The deploy in charge for the week, deploys the application to a specific environment(TT02/Prod) using the action [deploy-fa-to-environment](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/deploy-fa-to-environment.yml).
+### Manually deploy a specific commit to specific environment
+In some scenarios, there will be a necessity to deploy a specific commit/branch to a specific environment. [manual-build-deploy-to-environment](https://github.com/Altinn/altinn-auth-audit-log/blob/main/.github/workflows/manual-build-deploy-to-environment.yml) action can be used to build/ deploy a specific commitid.
diff --git a/src/Altinn.Auth.AuditLog/Dockerfile b/src/Altinn.Auth.AuditLog/Dockerfile
@@ -1,11 +1,11 @@
 #See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.
 
-FROM mcr.microsoft.com/dotnet/aspnet:7.0 AS base
+FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
 WORKDIR /app
 EXPOSE 80
 EXPOSE 443
 
-FROM mcr.microsoft.com/dotnet/sdk:7.0 AS build
+FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
 WORKDIR /src
 COPY ["Altinn.Auth.AuditLog/Altinn.Auth.AuditLog.csproj", "Altinn.Auth.AuditLog/"]
 RUN dotnet restore "Altinn.Auth.AuditLog/Altinn.Auth.AuditLog.csproj"