Continuous Integration of refs/pull/12/merge to develop by dreads #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##################################################################### | |
# GitHub Action to perform continuous integration (CI) of database | |
# changes using Liquibase Pro, Liquibase Pro Flows, and Custom | |
# Policy checks. | |
##################################################################### | |
name: 'Liquibase Pro CI Workflow' | |
run-name: Continuous Integration of ${{github.ref}} to ${{github.base_ref}} by ${{ github.actor }} | |
# This workflow will execute whenever a pull request' is opened against | |
# the 'develop' branch. When this workflow executes, it will execute | |
# the pre-merge Custom Policy Checks via Liquibase Flow. | |
# | |
# To extend CI to other environments, add their corresponding | |
# branches here. | |
on: | |
pull_request: | |
types: [opened, reopened, synchronize] | |
branches: | |
- 'develop' | |
- 'qa' | |
- 'release/**' | |
##################################################################### | |
# Set up the environment | |
##################################################################### | |
env: | |
# The top level Flow File that gets cloned into the workspace from | |
# the Liquibase Configuration Repo which orchestrates the database changes. | |
# See https://docs.liquibase.com/commands/flow/flow.html | |
FLOW_FILE: "flowfiles/liquibase-premerge.flowfile.yaml" | |
# The Liquibase Search Path controls how Liquibase finds it's configurations. | |
# To ensure the correct config gets located first, keep "." at the end of this path. | |
# See https://docs.liquibase.com/concepts/changelogs/how-liquibase-finds-files.html | |
LIQUIBASE_SEARCH_PATH: "." | |
# Location of the Custom Policy Checks settings file from the Liquibase Configuration Repo. | |
# See https://docs.liquibase.com/liquibase-pro/policy-checks/custom-policy-checks/home.html | |
LIQUIBASE_COMMAND_CHECKS_SETTINGS_FILE: "policychecks/liquibase.checks-settings.conf" | |
# Store the Liquibase Pro License key in a Github Action Repository Secret. The | |
# same license key is used for all executions, so it is tracked at the repository level | |
# See https://docs.liquibase.com/workflows/liquibase-pro/how-to-apply-your-liquibase-pro-license-key.html | |
LIQUIBASE_LICENSE_KEY: ${{ secrets.LIQUIBASE_PRO_LICENSE_KEY }} | |
# JDBC URL of the database per environment. Based on the incoming branch (one of DEV, QA, or PROD), | |
# the corresponding secret will be taken from the Environment secrets. | |
# See https://docs.liquibase.com/workflows/liquibase-community/using-jdbc-url-in-liquibase.html | |
LIQUIBASE_COMMAND_URL: ${{ secrets.LIQUIBASE_COMMAND_URL }} | |
# Credentials for the environment's database. Based on the incoming branch (one of DEV, QA, or PROD), | |
# the corresponding secrets will be taken from the Environment secrets. | |
# See https://docs.liquibase.com/parameters/command-parameters.html | |
LIQUIBASE_COMMAND_USERNAME: ${{ secrets.LIQUIBASE_COMMAND_USERNAME }} | |
LIQUIBASE_COMMAND_PASSWORD: ${{ secrets.LIQUIBASE_COMMAND_PASSWORD }} | |
# Logging Settings | |
# See https://docs.liquibase.com/parameters/log-format.html | |
LIQUIBASE_LOG_FORMAT: JSON | |
LIQUIBASE_LOG_LEVEL: INFO | |
jobs: | |
#################################################################### | |
# Initialization runs first because it has no 'needs' value. | |
#################################################################### | |
init: | |
name: Initialization | |
# This runs on a self-hosted runner with Liquibase preinstalled. | |
runs-on: [self-hosted] | |
outputs: | |
environment: ${{ steps.set-environment.outputs.environment }} | |
steps: | |
# Cancel any previous runs that are not completed for this workflow | |
# - name: Cancel previous workflow | |
# uses: styfle/[email protected] | |
# with: | |
# access_token: ${{ github.token }} | |
# Determine the environment based on the branch(es) that triggered this workflow. | |
# Output "DEV", "QA", or "PROD" to $GITHUB_OUTPUT where job output parameters are | |
# shared between jobs. | |
- name: Set Environment | |
id: set-environment | |
run: | | |
echo "environment=DEV" >> $GITHUB_OUTPUT | |
if [[ "${{github.base_ref}}" == qa || "${{github.ref}}" == refs/heads/qa ]]; then | |
echo "environment=QA" >> $GITHUB_OUTPUT | |
fi | |
if [[ "${{github.base_ref}}" == release* || "${{github.ref}}" == refs/heads/release* ]]; then | |
echo "environment=PROD" >> $GITHUB_OUTPUT | |
fi | |
#################################################################### | |
# Print out the selected environment to the log for troubleshooting. | |
# This informational job runs in parallel with the checkout-repo job. | |
#################################################################### | |
print-environment: | |
name: Environment information | |
runs-on: [self-hosted] | |
needs: [init] | |
steps: | |
- env: | |
ENVIRONMENT: ${{needs.init.outputs.environment}} | |
run: echo "The $ENVIRONMENT environment was selected." | |
################################################################### | |
# Check out the source code | |
#################################################################### | |
checkout-repo: | |
name: Check out repositories | |
needs: [init] | |
runs-on: [self-hosted] | |
steps: | |
# Check out the database change configuration code and workflows | |
- name: Checkout Database Change Configuration repo | |
uses: actions/checkout@v3 | |
# Check out the SQL Repo to a folder, "liquibase-sql" | |
- name: Checkout Database Change SQL repo | |
uses: actions/checkout@v4 | |
with: | |
repository: liquibase/cs-impl-guide-examples-sql | |
path: liquibase-sql | |
#################################################################### | |
# Perform the Database change control operations specified | |
# in the flowfile. In this case, run the checks. | |
##################################################################### | |
liquibase-checks: | |
name: Custom Policy Checks | |
needs: [checkout-repo, init] | |
runs-on: [self-hosted] | |
environment: ${{needs.init.outputs.environment}} | |
steps: | |
# Execute the Flow file | |
- name: Perform policy checks | |
run: | | |
liquibase --license-key=${{ secrets.LIQUIBASE_LICENSE_KEY }} flow \ | |
--flow-file=${{ env.FLOW_FILE }} \ | |
--logfile=logs/liquibase.log |