Skip to content

Deploy

Deploy #9144

Workflow file for this run

name: Deploy
on:
workflow_dispatch:
inputs:
environment:
description: "Deploy environment"
required: true
default: development
type: environment
options:
- development
- test
- preproduction
- production
push:
branches:
- main
pull_request:
branches:
- main
types:
- labeled
- synchronize
- reopened
- opened
jobs:
docker:
name: Build and push Docker image
runs-on: ubuntu-latest
environment: development
if: contains(github.event.pull_request.labels.*.name, 'deploy') || github.event_name != 'pull_request'
outputs:
image: ${{ steps.build-docker-image.outputs.image }}
steps:
- uses: actions/checkout@v4
- id: key-vault-name
shell: bash
run: echo "value=$(make -s development print-infrastructure-key-vault-name)" >> $GITHUB_OUTPUT
- uses: Azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: Azure/get-keyvault-secrets@v1
id: key-vault-secrets
with:
keyvault: ${{ steps.key-vault-name.outputs.value }}
secrets: "SNYK-TOKEN"
- uses: DFE-Digital/github-actions/build-docker-image@master
id: build-docker-image
with:
docker-repository: ghcr.io/dfe-digital/apply-for-qualified-teacher-status
github-token: ${{ secrets.GITHUB_TOKEN }}
snyk-token: ${{ steps.key-vault-secrets.outputs.SNYK-TOKEN }}
rspec:
name: Rspec
runs-on: ubuntu-latest
services:
postgres:
image: postgres
env:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-retries 5
--health-timeout 5s
redis:
image: redis
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
DATABASE_URL: postgres://postgres:postgres@localhost:5432/apply_for_qts_test
RAILS_ENV: test
REDIS_URL: redis://localhost:6379/0
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Prepare application environment
uses: ./.github/actions/prepare-app-env
- name: Build frontend
run: yarn build && yarn build:css
- name: Setup DB
run: bin/rails db:test:prepare
- name: Run DfE Analytics
run: bin/bundle exec rails dfe:analytics:check
- name: Run tests
run: bin/test
deploy_review:
name: Deploy to review environment
concurrency: deploy_review_${{ github.event.pull_request.number }}
needs: [docker, rspec]
runs-on: ubuntu-latest
if: contains(github.event.pull_request.labels.*.name, 'deploy')
environment: review
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/deploy-environment
id: deploy
with:
environment: review
docker-image: ${{ needs.docker.outputs.image }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
pull-request-number: ${{ github.event.pull_request.number }}
- name: Post sticky pull request comment
if: github.event_name == 'pull_request'
uses: marocchino/sticky-pull-request-comment@v2
with:
message: |
Review app deployed to ${{ steps.deploy.outputs.url }}/personas
deploy_non_production:
name: Deploy to ${{ matrix.environment }} environment
runs-on: ubuntu-latest
needs: [docker, rspec]
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
concurrency: deploy_${{ matrix.environment }}
strategy:
max-parallel: 1
matrix:
environment: [development, test, preproduction]
environment:
name: ${{ matrix.environment }}
url: ${{ steps.deploy.outputs.url }}
outputs:
environment_name: ${{ matrix.environment }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/deploy-environment
id: deploy
with:
environment: ${{ matrix.environment }}
docker-image: ${{ needs.docker.outputs.image }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
deploy_production:
name: Deploy to production environment
needs: [docker, rspec, deploy_non_production]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
environment:
name: production
url: ${{ steps.deploy.outputs.url }}
concurrency: deploy_production
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/deploy-environment
id: deploy
with:
environment: production
docker-image: ${{ needs.docker.outputs.image }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
smoke-test-credentials-required: "false"
notify_slack_of_failures:
name: Notify Slack of failures
runs-on: ubuntu-latest
environment: development
if: ${{ failure() && github.ref == 'refs/heads/main' && github.event_name == 'push' }}
needs: [docker, rspec, deploy_non_production]
steps:
- uses: actions/checkout@v4
- id: key-vault-name
shell: bash
run: echo "value=$(make -s development print-infrastructure-key-vault-name)" >> $GITHUB_OUTPUT
- uses: Azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: Azure/get-keyvault-secrets@v1
id: key-vault-secrets
with:
keyvault: ${{ steps.key-vault-name.outputs.value }}
secrets: "SLACK-WEBHOOK"
- name: Notify Slack channel on job failure
uses: rtCamp/action-slack-notify@v2
env:
SLACK_TITLE: Deployment of apply-for-qualified-teacher-status to ${{ needs.deploy_non_production.outputs.environment_name }} failed
SLACK_MESSAGE: |
Deployment to ${{ needs.deploy_non_production.outputs.environment_name }} environment failed
SLACK_WEBHOOK: ${{ steps.key-vault-secrets.outputs.SLACK-WEBHOOK }}
SLACK_COLOR: failure
SLACK_FOOTER: Sent from notify_slack_of_failures job in deploy workflow