Create internal.yml #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ' CI/CD' | |
on: | |
workflow_dispatch: | |
push: | |
paths-ignore: | |
- '**.md' | |
- '.github/workflows/*.yaml' | |
- '!.github/workflows/CICD.yaml' | |
branches: [ 'main', 'release/*', 'feature/*' ] | |
defaults: | |
run: | |
shell: powershell | |
permissions: | |
contents: read | |
actions: read | |
env: | |
workflowDepth: 1 | |
ALGoOrgSettings: ${{ vars.ALGoOrgSettings }} | |
ALGoRepoSettings: ${{ vars.ALGoRepoSettings }} | |
jobs: | |
Initialization: | |
runs-on: [ windows-latest ] | |
outputs: | |
telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} | |
environments: ${{ steps.ReadSettings.outputs.EnvironmentsJson }} | |
environmentCount: ${{ steps.ReadSettings.outputs.EnvironmentCount }} | |
deliveryTargets: ${{ steps.DetermineDeliveryTargets.outputs.DeliveryTargetsJson }} | |
deliveryTargetCount: ${{ steps.DetermineDeliveryTargets.outputs.DeliveryTargetCount }} | |
githubRunner: ${{ steps.ReadSettings.outputs.GitHubRunnerJson }} | |
githubRunnerShell: ${{ steps.ReadSettings.outputs.GitHubRunnerShell }} | |
checkRunId: ${{ steps.CreateCheckRun.outputs.checkRunId }} | |
projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }} | |
projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }} | |
buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }} | |
workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- name: Initialize the workflow | |
id: init | |
uses: microsoft/AL-Go-Actions/WorkflowInitialize@v3.2 | |
with: | |
shell: powershell | |
eventId: "DO0091" | |
- name: Read settings | |
id: ReadSettings | |
uses: microsoft/AL-Go-Actions/ReadSettings@v3.2 | |
with: | |
shell: powershell | |
parentTelemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }} | |
getEnvironments: '*' | |
get: type | |
- name: Determine Workflow Depth | |
id: DetermineWorkflowDepth | |
run: | | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "WorkflowDepth=$($env:workflowDepth)" | |
- name: Determine Projects To Build | |
id: determineProjectsToBuild | |
uses: microsoft/AL-Go-Actions/DetermineProjectsToBuild@v3.2 | |
with: | |
shell: powershell | |
maxBuildDepth: ${{ env.workflowDepth }} | |
- name: Determine Delivery Target Secrets | |
id: DetermineDeliveryTargetSecrets | |
run: | | |
$errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
$deliveryTargetSecrets = @('GitHubPackagesContext','NuGetContext','StorageContext','AppSourceContext') | |
$namePrefix = 'DeliverTo' | |
Get-Item -Path (Join-Path $ENV:GITHUB_WORKSPACE ".github/$($namePrefix)*.ps1") | ForEach-Object { | |
$deliveryTarget = [System.IO.Path]::GetFileNameWithoutExtension($_.Name.SubString($namePrefix.Length)) | |
$deliveryTargetSecrets += @("$($deliveryTarget)Context") | |
} | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "Secrets=$($deliveryTargetSecrets -join ',')" | |
- name: Read secrets | |
uses: microsoft/AL-Go-Actions/ReadSecrets@v3.2 | |
with: | |
shell: powershell | |
gitHubSecrets: ${{ toJson(secrets) }} | |
getSecrets: ${{ steps.DetermineDeliveryTargetSecrets.outputs.Secrets }} | |
- name: Determine Delivery Targets | |
id: DetermineDeliveryTargets | |
run: | | |
$errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
$deliveryTargets = @('GitHubPackages','NuGet','Storage') | |
if ($env:type -eq "AppSource App") { | |
$continuousDelivery = $false | |
# For multi-project repositories, we will add deliveryTarget AppSource if any project has AppSourceContinuousDelivery set to true | |
('${{ steps.determineProjectsToBuild.outputs.ProjectsJson }}' | ConvertFrom-Json) | where-Object { $_ } | ForEach-Object { | |
$projectSettings = Get-Content (Join-Path $_ '.AL-Go/settings.json') -encoding UTF8 -raw | ConvertFrom-Json | |
if ($projectSettings.PSObject.Properties.Name -eq 'AppSourceContinuousDelivery' -and $projectSettings.AppSourceContinuousDelivery) { | |
Write-Host "Project $_ is setup for Continuous Delivery" | |
$continuousDelivery = $true | |
} | |
} | |
if ($continuousDelivery) { | |
$deliveryTargets += @("AppSource") | |
} | |
} | |
$namePrefix = 'DeliverTo' | |
Get-Item -Path (Join-Path $ENV:GITHUB_WORKSPACE ".github/$($namePrefix)*.ps1") | ForEach-Object { | |
$deliveryTarget = [System.IO.Path]::GetFileNameWithoutExtension($_.Name.SubString($namePrefix.Length)) | |
$deliveryTargets += @($deliveryTarget) | |
} | |
$settings = $env:Settings | ConvertFrom-Json | |
$secrets = $env:Secrets | ConvertFrom-Json | |
$deliveryTargets = @($deliveryTargets | Select-Object -unique | Where-Object { | |
$include = $false | |
Write-Host "Check DeliveryTarget $_" | |
$contextName = "$($_)Context" | |
if ($secrets."$contextName") { | |
$settingName = "DeliverTo$_" | |
if (($settings.PSObject.Properties.Name -eq $settingName) -and ($settings."$settingName".PSObject.Properties.Name -eq "Branches")) { | |
Write-Host "Branches:" | |
$settings."$settingName".Branches | ForEach-Object { | |
Write-Host "- $_" | |
if ($ENV:GITHUB_REF_NAME -like $_) { | |
$include = $true | |
} | |
} | |
} | |
else { | |
$include = ($ENV:GITHUB_REF_NAME -eq 'main') | |
} | |
} | |
if ($include) { | |
Write-Host "DeliveryTarget $_ included" | |
} | |
$include | |
}) | |
$deliveryTargetsJson = $deliveryTargets | ConvertTo-Json -Depth 99 -compress | |
if ($deliveryTargets.Count -lt 2) { $deliveryTargetsJson = "[$($deliveryTargetsJson)]" } | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "DeliveryTargetsJson=$deliveryTargetsJson" | |
Write-Host "DeliveryTargetsJson=$deliveryTargetsJson" | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "DeliveryTargetCount=$($deliveryTargets.Count)" | |
Write-Host "DeliveryTargetCount=$($deliveryTargets.Count)" | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_ENV -Value "DeliveryTargets=$deliveryTargetsJson" | |
CheckForUpdates: | |
runs-on: [ windows-latest ] | |
needs: [ Initialization ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Read settings | |
uses: microsoft/AL-Go-Actions/ReadSettings@v3.2 | |
with: | |
shell: powershell | |
parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
get: templateUrl | |
- name: Check for updates to AL-Go system files | |
uses: microsoft/AL-Go-Actions/CheckForUpdates@v3.2 | |
with: | |
shell: powershell | |
parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
templateUrl: ${{ env.templateUrl }} | |
Build: | |
needs: [ Initialization ] | |
if: (!failure()) && (!cancelled()) && fromJson(needs.Initialization.outputs.buildOrderJson)[0].projectsCount > 0 | |
strategy: | |
matrix: | |
include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[0].buildDimensions }} | |
fail-fast: false | |
name: Build ${{ matrix.project }} - ${{ matrix.buildMode }} | |
uses: ./.github/workflows/_BuildALGoProject.yaml | |
secrets: inherit | |
with: | |
shell: ${{ needs.Initialization.outputs.githubRunnerShell }} | |
runsOn: ${{ needs.Initialization.outputs.githubRunner }} | |
parentTelemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} | |
project: ${{ matrix.project }} | |
buildMode: ${{ matrix.buildMode }} | |
projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }} | |
secrets: 'licenseFileUrl,insiderSasToken,codeSignCertificateUrl,codeSignCertificatePassword,keyVaultCertificateUrl,keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString' | |
publishThisBuildArtifacts: ${{ needs.Initialization.outputs.workflowDepth > 1 }} | |
publishArtifacts: ${{ github.ref_name == 'main' || startswith(github.ref_name, 'release/') || needs.Initialization.outputs.deliveryTargetCount > 0 || needs.Initialization.outputs.environmentCount > 0 }} | |
signArtifacts: true | |
useArtifactCache: true | |
Deploy: | |
needs: [ Initialization, Build ] | |
if: always() && needs.Build.result == 'Success' && needs.Initialization.outputs.environmentCount > 0 | |
strategy: ${{ fromJson(needs.Initialization.outputs.environments) }} | |
runs-on: ${{ fromJson(matrix.os) }} | |
name: Deploy to ${{ matrix.environment }} | |
environment: | |
name: ${{ matrix.environment }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: '.artifacts' | |
- name: EnvName | |
id: envName | |
run: | | |
$errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
$envName = '${{ matrix.environment }}'.split(' ')[0] | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "envName=$envName" | |
- name: Read settings | |
uses: microsoft/AL-Go-Actions/ReadSettings@v3.2 | |
with: | |
shell: powershell | |
- name: Read secrets | |
uses: microsoft/AL-Go-Actions/ReadSecrets@v3.2 | |
with: | |
shell: powershell | |
gitHubSecrets: ${{ toJson(secrets) }} | |
getSecrets: '${{ steps.envName.outputs.envName }}-AuthContext,${{ steps.envName.outputs.envName }}_AuthContext,AuthContext,${{ steps.envName.outputs.envName }}-EnvironmentName,${{ steps.envName.outputs.envName }}_EnvironmentName,EnvironmentName,projects' | |
- name: AuthContext | |
id: authContext | |
run: | | |
$errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
$settings = $env:Settings | ConvertFrom-Json | |
$envName = '${{ steps.envName.outputs.envName }}' | |
$settingsName = "DeployTo$envName" | |
if ($settings.PSObject.Properties.name -eq $settingsName) { | |
$deployToSetting = $settings."$settingsName" | ConvertFrom-Json | |
} | |
else { | |
$deployToSetting = [PSCustomObject]@{} | |
} | |
$secrets = $env:Secrets | ConvertFrom-Json | |
$authContext = $null | |
"$($envName)-AuthContext", "$($envName)_AuthContext", "AuthContext" | ForEach-Object { | |
if (!($authContext)) { | |
if ($secrets."$_") { | |
Write-Host "Using $_ secret as AuthContext" | |
$authContext = $secrets."$_" | |
} | |
} | |
} | |
if (!($authContext)) { | |
Write-Host "::Error::No AuthContext provided" | |
exit 1 | |
} | |
if (("$deployToSetting" -ne "") -and $deployToSetting.PSObject.Properties.name -eq "EnvironmentName") { | |
$environmentName = $deployToSetting.EnvironmentName | |
} | |
else { | |
$environmentName = $null | |
"$($envName)-EnvironmentName", "$($envName)_EnvironmentName", "EnvironmentName" | ForEach-Object { | |
if (!($EnvironmentName)) { | |
if ($secrets."$_") { | |
Write-Host "Using $_ secret as EnvironmentName" | |
Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the EnvironmentName in a Secret." | |
$EnvironmentName = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($secrets."$_")) | |
} | |
} | |
} | |
} | |
if (!($environmentName)) { | |
$environmentName = '${{ steps.envName.outputs.envName }}' | |
} | |
$environmentName = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(($environmentName + '${{ matrix.environment }}'.SubString($envName.Length)).ToUpperInvariant())) | |
$projects = '' | |
if (("$deployToSetting" -ne "") -and $deployToSetting.PSObject.Properties.name -eq "projects") { | |
$projects = $deployToSetting.projects | |
} | |
elseif ($settings.PSObject.Properties.name -eq "$($envName)-projects") { | |
$projects = $settings."$($envName)-projects" | |
Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the Projects in Setting '$($envName)-projects'" | |
} | |
elseif ($settings.PSObject.Properties.name -eq "$($envName)_projects") { | |
$projects = $settings."$($envName)_projects" | |
Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the Projects in Setting '$($envName)_projects'" | |
} | |
elseif ($secrets.projects) { | |
$projects = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($secrets.projects)) | |
Write-Host "::Warning::Please consider using the $settingsName setting, where you can specify EnvironmentName, projects and branches - instead of specifying the Projects in the secret 'project'" | |
} | |
if ($projects -eq '' -or $projects -eq '*') { | |
$projects = '*' | |
} | |
else { | |
$buildProjects = '${{ needs.Initialization.outputs.projects }}' | ConvertFrom-Json | |
$projects = ($projects.Split(',') | Where-Object { $buildProjects -contains $_ }) -join ',' | |
} | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "authContext=$authContext" | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "environmentName=$environmentName" | |
Write-Host "environmentName=$([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($environmentName)))" | |
Write-Host "environmentName (as Base64)=$environmentName" | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "projects=$projects" | |
Write-Host "projects=$projects" | |
- name: Deploy | |
uses: microsoft/AL-Go-Actions/Deploy@v3.2 | |
env: | |
AuthContext: ${{ steps.authContext.outputs.authContext }} | |
with: | |
shell: powershell | |
type: 'CD' | |
projects: ${{ steps.authContext.outputs.projects }} | |
environmentName: ${{ steps.authContext.outputs.environmentName }} | |
artifacts: '.artifacts' | |
Deliver: | |
needs: [ Initialization, Build ] | |
if: always() && needs.Build.result == 'Success' && needs.Initialization.outputs.deliveryTargetCount > 0 | |
strategy: | |
matrix: | |
deliveryTarget: ${{ fromJson(needs.Initialization.outputs.deliveryTargets) }} | |
fail-fast: false | |
runs-on: [ windows-latest ] | |
name: Deliver to ${{ matrix.deliveryTarget }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: '.artifacts' | |
- name: Read settings | |
uses: microsoft/AL-Go-Actions/ReadSettings@v3.2 | |
with: | |
shell: powershell | |
- name: Read secrets | |
uses: microsoft/AL-Go-Actions/ReadSecrets@v3.2 | |
with: | |
shell: powershell | |
gitHubSecrets: ${{ toJson(secrets) }} | |
getSecrets: '${{ matrix.deliveryTarget }}Context' | |
- name: DeliveryContext | |
id: deliveryContext | |
run: | | |
$errorActionPreference = "Stop"; $ProgressPreference = "SilentlyContinue"; Set-StrictMode -Version 2.0 | |
$secrets = $env:Secrets | ConvertFrom-Json | |
$contextName = '${{ matrix.deliveryTarget }}Context' | |
$deliveryContext = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($secrets."$contextName")) | |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "deliveryContext=$deliveryContext" | |
Write-Host "deliveryContext=$deliveryContext" | |
- name: Deliver | |
uses: microsoft/AL-Go-Actions/Deliver@v3.2 | |
env: | |
deliveryContext: ${{ steps.deliveryContext.outputs.deliveryContext }} | |
with: | |
shell: powershell | |
type: 'CD' | |
projects: ${{ needs.Initialization.outputs.projects }} | |
deliveryTarget: ${{ matrix.deliveryTarget }} | |
artifacts: '.artifacts' | |
PostProcess: | |
if: (!cancelled()) | |
runs-on: [ windows-latest ] | |
needs: [ Initialization, Build, Deploy, Deliver ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Finalize the workflow | |
id: PostProcess | |
uses: microsoft/AL-Go-Actions/WorkflowPostProcess@v3.2 | |
with: | |
shell: powershell | |
eventId: "DO0091" | |
telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }} |