-
Notifications
You must be signed in to change notification settings - Fork 0
153 lines (132 loc) · 6.37 KB
/
liquibase_pro_ci_action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#####################################################################
# GitHub Action to perform continuous integration (CI) of database
# changes using Liquibase Pro, Liquibase Pro Flows, and Custom
# Policy checks.
#####################################################################
name: 'Liquibase Pro CI Workflow'
run-name: Continuous Integration of ${{github.ref}} to ${{github.base_ref}} by ${{ github.actor }}
# This workflow will execute whenever a pull request' is opened against
# the 'develop' branch. When this workflow executes, it will execute
# the pre-merge Custom Policy Checks via Liquibase Flow.
#
# To extend CI to other environments, add their corresponding
# branches here.
on:
pull_request:
types: [opened, reopened, synchronize]
branches:
- 'develop'
- 'qa'
- 'release/**'
#####################################################################
# Set up the environment
#####################################################################
env:
# The top level Flow File that gets cloned into the workspace from
# the Liquibase Configuration Repo which orchestrates the database changes.
# See https://docs.liquibase.com/commands/flow/flow.html
FLOW_FILE: "flowfiles/liquibase-premerge.flowfile.yaml"
# The Liquibase Search Path controls how Liquibase finds it's configurations.
# To ensure the correct config gets located first, keep "." at the end of this path.
# See https://docs.liquibase.com/concepts/changelogs/how-liquibase-finds-files.html
LIQUIBASE_SEARCH_PATH: "liquibase-process,."
# Location of the Custom Policy Checks settings file from the Liquibase Configuration Repo.
# See https://docs.liquibase.com/liquibase-pro/policy-checks/custom-policy-checks/home.html
LIQUIBASE_COMMAND_CHECKS_SETTINGS_FILE: "policychecks/liquibase.checks-settings.conf"
# Store the Liquibase Pro License key in a Github Action Repository Secret. The
# same license key is used for all executions, so it is tracked at the repository level
# See https://docs.liquibase.com/workflows/liquibase-pro/how-to-apply-your-liquibase-pro-license-key.html
LIQUIBASE_LICENSE_KEY: ${{ secrets.LIQUIBASE_PRO_LICENSE_KEY }}
# JDBC URL of the database per environment. Based on the incoming branch (one of DEV, QA, or PROD),
# the corresponding secret will be taken from the Environment secrets.
# See https://docs.liquibase.com/workflows/liquibase-community/using-jdbc-url-in-liquibase.html
LIQUIBASE_COMMAND_URL: ${{ secrets.LIQUIBASE_COMMAND_URL }}
# Credentials for the environment's database. Based on the incoming branch (one of DEV, QA, or PROD),
# the corresponding secrets will be taken from the Environment secrets.
# See https://docs.liquibase.com/parameters/command-parameters.html
LIQUIBASE_COMMAND_USERNAME: ${{ secrets.LIQUIBASE_COMMAND_USERNAME }}
LIQUIBASE_COMMAND_PASSWORD: ${{ secrets.LIQUIBASE_COMMAND_PASSWORD }}
# Logging Settings
# See https://docs.liquibase.com/parameters/log-format.html
LIQUIBASE_LOG_FORMAT: JSON
LIQUIBASE_LOG_LEVEL: INFO
jobs:
####################################################################
# Initialization runs first because it has no 'needs' value.
####################################################################
init:
name: Initialization
# This runs on a self-hosted runner with Liquibase preinstalled.
runs-on: [self-hosted]
outputs:
environment: ${{ steps.set-environment.outputs.environment }}
steps:
# Cancel any previous runs that are not completed for this workflow
# - name: Cancel previous workflow
# uses: styfle/[email protected]
# with:
# access_token: ${{ github.token }}
# Determine the environment based on the branch(es) that triggered this workflow.
# Output "DEV", "QA", or "PROD" to $GITHUB_OUTPUT where job output parameters are
# shared between jobs.
- name: Set Environment
id: set-environment
run: |
echo "environment=DEV" >> $GITHUB_OUTPUT
if [[ "${{github.base_ref}}" == qa || "${{github.ref}}" == refs/heads/qa ]]; then
echo "environment=QA" >> $GITHUB_OUTPUT
fi
if [[ "${{github.base_ref}}" == release* || "${{github.ref}}" == refs/heads/release* ]]; then
echo "environment=PROD" >> $GITHUB_OUTPUT
fi
####################################################################
# Print out the selected environment to the log for troubleshooting.
# This informational job runs in parallel with the checkout-repo job.
####################################################################
print-environment:
name: Environment information
runs-on: [self-hosted]
needs: [init]
steps:
- env:
ENVIRONMENT: ${{needs.init.outputs.environment}}
run: echo "The $ENVIRONMENT environment was selected."
###################################################################
# Check out the source code
####################################################################
checkout-repo:
name: Check out repositories
needs: [init]
runs-on: [self-hosted]
steps:
# Check out the source code
- name: Checkout Database Source repo
uses: actions/checkout@v3
# Check out the Liquibase Configuration Repo to a folder, "liquibase-process"
- name: Checkout Liquibase SQL repo
uses: actions/checkout@v4
with:
repository: liquibase/cs-impl-guide-examples-sql
path: liquibase-sql
# Check out the Liquibase Configuration Repo to a folder, "liquibase-process"
- name: Checkout Liquibase Configuration repo
uses: actions/checkout@v4
with:
repository: adeelmalik78/Automations
path: liquibase-process
####################################################################
# Perform the Database change control operations specified
# in the flowfile. In this case, run the checks.
#####################################################################
liquibase-checks:
name: Custom Policy Checks
needs: [checkout-repo, init]
runs-on: [self-hosted]
environment: ${{needs.init.outputs.environment}}
steps:
# Execute the Flow file
- name: Perform policy checks
run: |
liquibase --license-key=${{ secrets.LIQUIBASE_LICENSE_KEY }} flow \
--flow-file=${{ env.FLOW_FILE }} \
--logfile=logs/liquibase.log