Fikset merge conflicts

Author: betsytraran

.github/workflows/alert-dolly.yml

@@ -8,12 +8,14 @@ jobs:
   apply-alerts:
     name: Apply alerts to cluster
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: deploy to dev
-        uses: nais/deploy/actions/deploy@v1
+        uses: nais/deploy/actions/deploy@v2
         env:
-          APIKEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
           CLUSTER: dev-gcp
           RESOURCE: .nais/alerting-dolly.yml

.github/workflows/all.workflows.yml

@@ -9,7 +9,7 @@ on:
           - "frontend"
       type:
         type: choice
-        description: "App or proxy. Used to resolve the working directory together with name, as <type>/<name>."
+        description: "Apps or proxies. Used to resolve the working directory together with name, as <type>/<name>."
         options:
           - "apps"
           - "proxies"
@@ -28,31 +28,22 @@ on:
         type: boolean
         description: "Deploy? Make sure the effective working directory contains a NAIS manifest as named below! Note: For dolly-frontend, this will also deploy with config.idporten.yml."
         default: false
-      nais-manifest:
-        type: string
-        description: "Custom NAIS manifest filename."
-        default: "config.yml"
       force-deploy-test:
         type: boolean
         description: "Deploy to test? Make sure the effective working directory contains a config.test.yml! Note: For dolly-frontend, this will also deploy with config.unstable.yml."
         default: false
+      sonar-enabled:
+        type: boolean
+        description: "Run Sonar scan?"
+        default: true
 
 permissions:
   contents: read
   id-token: write
 
 jobs:
 
-  start:
-    runs-on: ubuntu-latest
-    steps:
-      - name: "Log inputs"
-        run: |
-          echo "branch: ${{ github.ref_name }}"
-          echo "inputs: ${{ toJSON(inputs) }}"
-
   backend:
-    needs: start
     if: inputs.workflow == 'backend'
     uses: ./.github/workflows/common.workflow.backend.yml
     with:
@@ -62,35 +53,20 @@ jobs:
       deploy-tag: ""
       force-deploy: ${{ inputs.force-deploy }}
       force-deploy-test: ${{ inputs.force-deploy-test }}
-    permissions:
-      contents: read
-      id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      sonar-enabled: ${{ inputs.sonar-enabled }}
+    secrets: inherit
 
   frontend:
-    needs: start
     if: inputs.workflow == 'frontend'
     uses: ./.github/workflows/common.workflow.frontend.yml
     with:
       cluster: ${{ inputs.cluster }}
       working-directory: "${{ inputs.type }}/${{ inputs.name }}"
       image-suffix: ${{ inputs.name }}
       deploy-tag: ""
-      nais-manifest: ${{ inputs.nais-manifest }}
       force-deploy: ${{ inputs.force-deploy }}
       force-deploy-test: ${{ inputs.force-deploy-test }}
       force-deploy-idporten: ${{ inputs.name == 'dolly-frontend' && inputs.force-deploy }}
       force-deploy-unstable: ${{ inputs.name == 'dolly-frontend' && inputs.force-deploy-test }}
-    permissions:
-      contents: read
-      id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      READER_TOKEN: ${{ secrets.READER_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      sonar-enabled: ${{ inputs.sonar-enabled }}
+    secrets: inherit

.github/workflows/app.adresse-service.yml

@@ -19,8 +19,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.amelding-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.app-tilgang-analyse-service.yml

@@ -18,8 +18,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.arbeidsforhold-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.batch-bestilling-service.yml

@@ -22,8 +22,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.brreg-stub.yml

@@ -18,8 +18,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.bruker-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.budpro-service.yml

@@ -22,8 +22,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.dolly-backend.yml

@@ -23,8 +23,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.dolly-frontend.yml

@@ -13,6 +13,7 @@ on:
       - libs/security-core
       - apps/dolly-frontend/**
       - .github/workflows/app.dolly-frontend.yml
+      - .github/workflows/common.cypress.yml
 
 jobs:
 
@@ -34,9 +35,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      READER_TOKEN: ${{ secrets.READER_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.dollystatus.yml

@@ -15,9 +15,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      READER_TOKEN: ${{ secrets.READER_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.endringsmelding-frontend.yml

@@ -19,9 +19,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      READER_TOKEN: ${{ secrets.READER_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.endringsmelding-service.yml

@@ -19,8 +19,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.ereg-batch-status-service.yml

@@ -14,14 +14,10 @@ jobs:
   workflow:
     uses: ./.github/workflows/common.workflow.backend.yml
     with:
-      cluster: "dev-fss"
+      cluster: "dev-gcp"
       working-directory: "apps/ereg-batch-status-service"
       deploy-tag: "#deploy-ereg-batch-status-service"
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.faste-data-frontend.yml

@@ -19,9 +19,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      READER_TOKEN: ${{ secrets.READER_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.generer-arbeidsforhold-populasjon-service.yml

@@ -20,8 +20,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.generer-navn-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.generer-organisasjon-populasjon-service.yml

@@ -25,8 +25,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.generer-synt-amelding-service.yml

@@ -20,8 +20,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.geografiske-kodeverk-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.helsepersonell-service.yml

@@ -18,8 +18,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.inntektsmelding-generator-service.yml

@@ -19,8 +19,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.inntektsmelding-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit

.github/workflows/app.jenkins-batch-status-service.yml

@@ -21,8 +21,4 @@ jobs:
     permissions:
       contents: read
       id-token: write
-    secrets:
-      NAIS_DOLLY_DEPLOY_API_KEY: ${{ secrets.NAIS_DOLLY_DEPLOY_API_KEY }}
-      NAIS_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
-      NAV_TOKEN: ${{ secrets.NAV_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    secrets: inherit