Skip to content

Add a GitHub workflow

This section shows you how to set up a workflow that listens for the event you send from the application repository. When the workflow receives the event, it commits the new image tag to the infrastructure repository.

Given this configuration, you should achieve the following outcome after completing this page:

Configuration
Environment pirates-dev
AppName too-tikki
Outcome
Workflow file .github/workflows/_gp_too-tikki_pirates-dev_receive_dispatch_event.yml

Step 1: Create metadata file

The IaC repository needs a metadata file to store the image tag and digest. Create a new file in the app-too-tikki directory of your IaC repository, this is where the state of the current image will be stored.

The initial values are not so important, we will update them automatically in the steps below.

repo-iac/environments/dev/app-too-tikki/__gp_config_app_image.auto.tfvars.json
{
  "main_container_image_digest": "sha256:2eb61545144b6c60eae0a7ae6d622cdd3bb205124f0054cbc3ad799516b67c1a",
  "main_container_image_tag": "sha-cbd6a43f973802a3dc60ed55ecf43f8a817bdd54"
}

Step 2: Create configuration file

Create a new configuration file for the receive event workflow in your IaC repository:

.github/workflows/environments/dev/app-too-tikki/receive-dispatch-event.yml
AppName: "too-tikki"
CreatePr: true
GpgSign: true
WorkingDirectory: "environments/dev/app-{{ .AppName }}"
ImageMetadataFile: "__gp_config_app_image.auto.tfvars.json"

Step 2: Fetch the receive-dispatch-event template

.github/workflows/environments/dev/app-too-tikki/
boilerplate \
  --template-url "git@github.com:oslokommune/golden-path-boilerplate.git//boilerplate/github-actions/receive-dispatch-event/?ref=main" \
  --var-file receive-dispatch-event.yml \
  --var-file ../common-config.yml \
  --output-folder ../../../ \
  --non-interactive

Step 3: Verify

The IaC repository should now contain a new workflow file located at .github/workflows/_gp_too-tikki_pirates-dev_receive_dispatch_event.yml.

The outcome values from configure the workflow should now be able to be identified in the new workflow file.

Commit your files

At this stage it is a good idea to commit your files.

Step 3: Try to run the workflow

Try to run the chain of workflows by building a new image. The receiving workflow will try to commit the changes, but it will fail because you've not configured a PAT and GPG key yet. The next section covers how to do this.

Next step

Add PAT as a secret to the infrastructure repository.