Browse Source

CLDC-2563: Update prod deployment pipeline

pull/1960/head
Sam Seed 2 years ago
parent
commit
3059147271
  1. 35
      .github/workflows/aws_deploy.yml
  2. 17
      .github/workflows/production_pipeline.yml

35
.github/workflows/aws_deploy.yml

@ -12,6 +12,9 @@ on:
environment:
required: true
type: string
release_tag:
required: false
type: string
concurrency:
group: deploy-${{ inputs.environment }}
@ -21,9 +24,11 @@ env:
app_repo_role: arn:aws:iam::815624722760:role/core-application-repo
aws_region: eu-west-2
repository: core
REPO_URL: communitiesuk/submit-social-housing-lettings-and-sales-data
jobs:
push_docker_image:
if: inputs.environment != 'production'
name: Push docker image to AWS
runs-on: ubuntu-latest
permissions:
@ -59,6 +64,9 @@ jobs:
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}
needs: push_docker_image
if: |
always() &&
(needs.push_docker_image.result == 'success' || needs.push_docker_image.result == 'skipped')
steps:
- name: Configure AWS credentials
@ -75,17 +83,30 @@ jobs:
- name: Get timestamp
id: timestamp
run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_ENV
run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_OUTPUT
- name: Checkout at release tag
uses: actions/checkout@v3
if: inputs.environment == 'production'
with:
ref: ${{ inputs.release_tag }}
- name: Get tags
id: tags
run: |
echo "commit-tag=$(if [[ ${{ inputs.environment }} == 'production' ]]; then echo $(git log -1 '--format=format:%H'); else echo ${{ github.sha }}; fi)" >> $GITHUB_OUTPUT
echo "additional-tag=$(if [[ ${{ inputs.environment }} == 'production' ]]; then echo ${{ inputs.release_tag }}-${{ steps.timestamp.outputs.timestamp }}; else echo ${{ steps.timestamp.outputs.timestamp }}; fi)" >> $GITHUB_OUTPUT
- name: Add environment tag to existing image
id: update-image-tags
env:
registry: ${{ steps.ecr-login.outputs.registry }}
commit_tag: ${{ github.sha }}
readable_tag: ${{ inputs.environment }}-${{ env.timestamp }}
commit_tag: ${{ steps.tags.outputs.commit-tag }}
readable_tag: ${{ inputs.environment }}-${{ steps.tags.outputs.additional-tag }}
run: |
manifest=$(aws ecr batch-get-image --repository-name $repository --image-ids imageTag=$commit_tag --output text --query images[].imageManifest)
aws ecr put-image --repository-name $repository --image-tag $readable_tag --image-manifest "$manifest"
echo "image=$registry/$repository:$readable_tag" >> $GITHUB_ENV
echo "image=$registry/$repository:$readable_tag" >> $GITHUB_OUTPUT
- name: Configure AWS credentials for environment
uses: aws-actions/configure-aws-credentials@v3
@ -106,7 +127,7 @@ jobs:
with:
task-definition: ad-hoc-task-definition.json
container-name: app
image: ${{ env.image }}
image: ${{ steps.update-image-tags.outputs.image }}
- name: Update ad hoc task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
@ -141,7 +162,7 @@ jobs:
with:
task-definition: app-task-definition.json
container-name: app
image: ${{ env.image }}
image: ${{ steps.update-image-tags.outputs.image }}
- name: Deploy updated application
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
@ -163,7 +184,7 @@ jobs:
with:
task-definition: sidekiq-task-definition.json
container-name: sidekiq
image: ${{ env.image }}
image: ${{ steps.update-image-tags.outputs.image }}
- name: Deploy updated sidekiq
uses: aws-actions/amazon-ecs-deploy-task-definition@v1

17
.github/workflows/production_pipeline.yml

@ -16,6 +16,8 @@ jobs:
test:
name: Test
runs-on: ubuntu-latest
outputs:
releasetag: ${{ steps.latestrelease.outputs.releasetag }}
services:
postgres:
@ -48,7 +50,7 @@ jobs:
- name: Get latest release with tag
id: latestrelease
run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')"
echo "releasetag=$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')" >> $GITHUB_OUTPUT
- name: Confirm release tag
run: |
@ -257,3 +259,16 @@ jobs:
cf set-env $APP_NAME CSV_DOWNLOAD_PAAS_INSTANCE $CSV_DOWNLOAD_PAAS_INSTANCE
cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN
cf push $APP_NAME --strategy rolling
aws_deploy:
name: AWS Deploy
if: github.ref == 'refs/heads/main'
needs: [lint, test, feature_test, audit]
uses: ./.github/workflows/aws_deploy.yml
with:
aws_account_id: 977287343304
aws_resource_prefix: core-prod
environment: production
release_tag: ${{ needs.test.outputs.releasetag }}
permissions:
id-token: write

Loading…
Cancel
Save