test(connlib): ensure effective DNS servers match (#5107) #2191
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Delivery | |
on: | |
# Used for debugging the workflow by manually calling it | |
workflow_dispatch: | |
inputs: | |
deploy-staging: | |
description: "Also deploy to staging. By default the deploy is not executed when triggering this workflow manually." | |
type: boolean | |
default: false | |
required: false | |
push: | |
branches: | |
- main | |
env: | |
# mark:automatic-version | |
VERSION: "1.0.6" | |
jobs: | |
# Builds images that match what's default in docker-compose.yml for | |
# local development. | |
build-dev-images: | |
uses: ./.github/workflows/_build_artifacts.yml | |
secrets: inherit | |
with: | |
tag_name: "${{ github.ref_name }}" | |
image_prefix: "dev" | |
stage: "debug" | |
profile: "debug" | |
# Re-run CI checks to make sure everything's green, since "Merging as administrator" | |
# won't trigger these in the merge group. | |
ci: | |
uses: ./.github/workflows/ci.yml | |
secrets: inherit | |
with: | |
profile: "release" | |
stage: "release" | |
deploy-staging: | |
if: ${{ github.event_name != 'workflow_dispatch' || inputs.deploy-staging }} | |
runs-on: ubuntu-22.04 | |
environment: gcp_staging | |
permissions: | |
contents: write | |
# Cancel old workflow runs if new code is pushed | |
concurrency: | |
group: "staging-deploy-${{ github.workflow }}-${{ github.ref }}" | |
cancel-in-progress: false | |
needs: ci | |
env: | |
TF_CLOUD_ORGANIZATION: "firezone" | |
TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" | |
TF_WORKSPACE: "staging" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Tool Versions | |
id: versions | |
uses: marocchino/tool-versions-action@v1.2.0 | |
- uses: hashicorp/setup-terraform@v3 | |
with: | |
terraform_version: ${{ steps.versions.outputs.terraform }} | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.workflow_run.head_branch }} | |
- name: Upload Configuration | |
uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.3.0 | |
id: apply-upload | |
with: | |
workspace: ${{ env.TF_WORKSPACE }} | |
# Subdirectory is set in the project settings: | |
# https://app.terraform.io/app/firezone/workspaces/staging/settings/general | |
directory: "./" | |
- name: Create Plan Run | |
uses: hashicorp/tfc-workflows-github/actions/create-run@v1.3.0 | |
id: apply-run | |
env: | |
TF_VAR_image_tag: '"${{ env.VERSION }}-${{ github.sha }}"' | |
with: | |
workspace: ${{ env.TF_WORKSPACE }} | |
configuration_version: | |
${{ steps.apply-upload.outputs.configuration_version_id }} | |
- name: Apply | |
uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.3.0 | |
if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable | |
id: apply | |
with: | |
run: ${{ steps.apply-run.outputs.run_id }} | |
comment: "Apply Run from GitHub Actions CI ${{ github.sha }}" |