ci: add script to automatically update the project from upstream ever… #3

Workflow file for this run

	name: CI - CD
	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	jobs:
	validations:
	runs-on: ubuntu-latest
	env:
	DATABASE_URL: postgresql://catalogi:pg_password@localhost:5432/catalogi
	services:
	postgres:
	image: postgres:16-alpine
	env:
	POSTGRES_USER: catalogi
	POSTGRES_PASSWORD: pg_password
	POSTGRES_DB: catalogi
	ports:
	- 5432:5432
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v4
	with:
	node-version: "22"
	- uses: bahmutov/npm-install@v1
	- name: Build back
	run: cd api && yarn build
	- name: Migrate db
	run: cd api && yarn migrate latest
	- name: Fullcheck
	run: yarn fullcheck

	check_if_version_upgraded:
	name: Check if version upgrade
	if: github.event_name == 'push'
	runs-on: ubuntu-latest
	needs: validations
	outputs:
	is_upgraded_version: ${{ steps.check_version.outputs.is_upgraded_version }}
	to_version: ${{ steps.check_version.outputs.to_version }}
	from_version: ${{ steps.check_version.outputs.from_version }}
	steps:
	- uses: actions/checkout@v4
	- name: Check version upgrade
	id: check_version
	run: \|
	# Get current version from package.json
	CURRENT_VERSION=$(jq -r '.version' package.json)
	echo "Version in package.json: $CURRENT_VERSION"

	# Get deployed version from preprod API
	DEPLOYED_VERSION=$(curl -s "https://code.gouv.fr/sill/api/getApiVersion" \| jq -r '.result.data.json')
	echo "Deployed version in preprod: $DEPLOYED_VERSION"

	# Simple comparison: check if versions are different
	if [ "$CURRENT_VERSION" != "$DEPLOYED_VERSION" ]; then
	IS_UPGRADED="true"
	echo "✅ Version changed from $DEPLOYED_VERSION to $CURRENT_VERSION"
	else
	IS_UPGRADED="false"
	echo "ℹ️ Version unchanged: $CURRENT_VERSION"
	fi

	echo "Is version upgraded: $IS_UPGRADED"

	# Set outputs
	echo "is_upgraded_version=$IS_UPGRADED" >> $GITHUB_OUTPUT
	echo "to_version=$CURRENT_VERSION" >> $GITHUB_OUTPUT
	echo "from_version=$DEPLOYED_VERSION" >> $GITHUB_OUTPUT

	trigger_pre_production_deploy:
	name: "Trigger pre-production deploy"
	runs-on: ubuntu-latest
	concurrency:
	group: deploy-to-pre-production
	cancel-in-progress: true
	needs:
	- check_if_version_upgraded
	if: needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true'
	env:
	TO_VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }}
	steps:
	- run: echo "Triggering production deploy"
	- name: Set up SSH
	run: \|
	mkdir -p ~/.ssh
	echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
	chmod 600 ~/.ssh/id_ed25519
	ssh-keyscan code.gouv.fr >> ~/.ssh/known_hosts
	ssh -o StrictHostKeyChecking=no [email protected] "bash -c 'eval \"\$(ssh-agent -s)\" && ssh-add ~/.ssh/sill-data && ./update-sill-preprod.sh v${{ env.TO_VERSION }}'"
	env:
	SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}


	trigger_production_deploy:
	name: "Trigger production deploy"
	runs-on: ubuntu-latest
	environment: production
	concurrency:
	group: deploy-to-production
	cancel-in-progress: true
	needs:
	- trigger_pre_production_deploy
	- check_if_version_upgraded
	if: needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true'
	env:
	TO_VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }}
	steps:
	- run: echo "Triggering production deploy"
	- name: Set up SSH
	run: \|
	mkdir -p ~/.ssh
	echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
	chmod 600 ~/.ssh/id_ed25519
	ssh-keyscan code.gouv.fr >> ~/.ssh/known_hosts
	ssh -o StrictHostKeyChecking=no [email protected] "bash -c 'eval \"\$(ssh-agent -s)\" && ssh-add ~/.ssh/sill-data && ./update-sill-docker-compose.sh v${{ env.TO_VERSION }}'"
	env:
	SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ci: add script to automatically update the project from upstream ever… #3

Workflow file

ci: add script to automatically update the project from upstream ever… #3

Uh oh!

Jobs

Run details

Workflow file for this run