forked from cds-snc/notification-api
-
Notifications
You must be signed in to change notification settings - Fork 9
115 lines (106 loc) · 3.35 KB
/
dev_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
name: Deploy to Env - API
run-name: "Deploy API to ${{ inputs.environment }}"
on:
workflow_dispatch:
inputs:
environment:
type: choice
description: Environment to deploy
default: dev
options:
- dev
- perf
- staging
- prod
ref:
description: "Branch or Commit"
default: main
required: true
type: string
lambdaDeploy:
description: "Include Lambda in deployment?"
default: false
required: false
type: boolean
workflow_call:
inputs:
environment:
required: true
type: string
ref:
required: true
type: string
lambdaDeploy:
default: false
required: false
type: boolean
jobs:
setup-environment:
name: "setup-env-${{ inputs.environment }}"
runs-on: ubuntu-latest
outputs:
git-hash: ${{ steps.set-hash.outputs.commit-hash }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Set Hash
id: set-hash
run: |
echo "commit-hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Env Values
run: |
echo "The environment is ${{ inputs.environment }}"
echo "The branch/tag is ${{ inputs.ref }}"
echo "The commit hash is ${{ steps.set-hash.outputs.commit-hash }}"
build-push-artifacts:
needs: [setup-environment]
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Configure VAEC AWS Credentials
uses: aws-actions/[email protected]
with:
aws-access-key-id: ${{ secrets.VAEC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.VAEC_AWS_SECRET_ACCESS_KEY }}
aws-region: us-gov-west-1
role-to-assume: ${{ secrets.VAEC_DEPLOY_ROLE }}
role-skip-session-tagging: true
role-duration-seconds: 900
- name: Build and Push Artifacts
uses: ./.github/actions/build-push-artifacts
with:
ref: "${{ needs.setup-environment.outputs.git-hash }}"
aws-access-key-id: ${{ secrets.VAEC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.VAEC_AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ secrets.VAEC_DEPLOY_ROLE }}
- name: Upload Env File to S3
shell: bash
run: |
aws s3 cp cd/application-deployment/${{ inputs.environment }}/${{ inputs.environment }}.env s3://vanotify-environment-variables-${{ inputs.environment }}/
run-lambda-deploy:
if: ${{ inputs.lambdaDeploy }}
needs: [setup-environment]
uses: ./.github/workflows/lambda-functions.yml
with:
environment: "${{ inputs.environment }}"
ref: "${{ needs.setup-environment.outputs.git-hash }}"
lambdaName: "All"
secrets: inherit
run-deployment:
needs: [setup-environment, build-push-artifacts]
uses: ./.github/workflows/deployment.yml
with:
environment: "${{ inputs.environment }}"
ref: "${{ needs.setup-environment.outputs.git-hash }}"
secrets: inherit
run-qa-suite:
needs: [run-deployment]
uses: ./.github/workflows/run-regression.yml
with:
environment: "${{ inputs.environment }}"
secrets: inherit