Skip to content
Build and deploy

Amend incorrect validation #1704

Sign in to view logs

Amend incorrect validation

Amend incorrect validation #1704

Workflow file for this run

.github/workflows/cd.yml at fd36134
name: Build and deploy
on:
workflow_dispatch:
push:
branches:
- main
- feature/*
concurrency:
group: cd-${{ github.ref }}
jobs:
check-migrations:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run tests
uses: ./.github/actions/check-migrations
check-formatting:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run tests
uses: ./.github/actions/check-formatting
test-python:
runs-on: ubuntu-latest
permissions:
contents: read
services:
postgres:
image: postgres:16.0
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 1s --health-timeout 3s --health-retries 10
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run tests
uses: ./.github/actions/python-tests
with:
codecov-token: ${{ secrets.CODECOV_TOKEN }}
build:
runs-on: ubuntu-latest
needs:
- check-migrations
- check-formatting
- test-python
permissions:
packages: write
contents: write
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Generate version tag
id: version-tag
uses: nationalarchives/ds-docker-actions/.github/actions/get-version-tag@main # zizmor: ignore[unpinned-uses] Owned by The National Archives
- name: Build Docker image
uses: nationalarchives/ds-docker-actions/.github/actions/build@main # zizmor: ignore[unpinned-uses] Owned by The National Archives
with:
version: ${{ steps.version-tag.outputs.version-tag }}
latest: ${{ github.ref == 'refs/heads/main' }}
github-token: ${{ secrets.GITHUB_TOKEN }}
docker-image-name: ${{ vars.DOCKER_IMAGE_NAME }}
dockerfile-path: ./Dockerfile
wiz-client-id: ${{ secrets.WIZ_CLIENT_ID }}
wiz-client-secret: ${{ secrets.WIZ_CLIENT_SECRET }}
wiz-project-id: ${{ secrets.WIZ_PROJECT_DIGITALSERVICES }}
- name: Create tag
if: github.ref == 'refs/heads/main'
uses: actions/github-script@211cb3fefb35a799baa5156f9321bb774fe56294 # v5.2.0
with:
script: |
github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: 'refs/tags/v${{ steps.version-tag.outputs.version-tag }}',
sha: context.sha
})
outputs:
version: ${{ steps.version-tag.outputs.version-tag }}
update-ds-infrastructure-web:
runs-on: ubuntu-latest
permissions:
contents: write
needs:
- build
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
repository: nationalarchives/ds-infrastructure-web
ref: main
token: ${{ secrets.ACTIONS_GITHUB_TOKEN }}
- name: Set up git config
run: |
git config user.name "ds-wagtail"
git config user.email "<>"
- name: Install jq
run: sudo apt-get install jq
- name: Update config
run: jq --indent 4 '(.services.wagtail.version|="${{ needs.build.outputs.version }}")' config/develop.json > tmp.$$.json && mv tmp.$$.json config/develop.json
- name: Push new version
run: |
git add config/develop.json
git commit -m "Update wagtail to v${{ needs.build.outputs.version }}" -m "${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}"
git push origin main