Browse Source

CLDC-2563: Update prod deployment pipeline (#1960)

* CLDC-2563: Update prod deployment pipeline

* CLDC-2563: remove redundant REPO_URL assignment

* CLDC-2563: use GITHUB_OUTPUT only where necessary

* CLDC-2563: don't push image if tag already exists

* CLDC-2563: actually use github.sha for production as well

* CLDC-2563: remove obsolete env check in push docker image job

* CLDC-2563: remove redundant main branch check
CLDC-2896-pipes-in-bu v0.3.66
SamSeed-Softwire 1 year ago committed by GitHub
parent
commit
8adc8ed848
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 15
      .github/workflows/aws_deploy.yml
  2. 16
      .github/workflows/production_pipeline.yml

15
.github/workflows/aws_deploy.yml

@ -12,6 +12,9 @@ on:
environment: environment:
required: true required: true
type: string type: string
release_tag:
required: false
type: string
concurrency: concurrency:
group: deploy-${{ inputs.environment }} group: deploy-${{ inputs.environment }}
@ -45,8 +48,13 @@ jobs:
with: with:
mask-password: 'true' mask-password: 'true'
- name: Check if image with tag already exists
run: |
echo "image-exists=$(if aws ecr list-images --repository-name=$repository --query "imageIds[*].imageTag" | grep -q ${{ github.sha }}; then echo true; else echo false; fi)" >> $GITHUB_ENV
- name: Build, tag, and push docker image to ECR - name: Build, tag, and push docker image to ECR
id: build-image id: build-image
if: ${{ env.image-exists == 'false' }}
env: env:
registry: ${{ steps.ecr-login.outputs.registry }} registry: ${{ steps.ecr-login.outputs.registry }}
commit_tag: ${{ github.sha }} commit_tag: ${{ github.sha }}
@ -77,11 +85,16 @@ jobs:
id: timestamp id: timestamp
run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_ENV run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_ENV
- name: Get additional tag
run: |
echo "additional-tag=$(if [[ ${{ inputs.environment }} == 'production' ]]; then echo ${{ inputs.release_tag }}-${{ env.timestamp }}; else echo ${{ env.timestamp }}; fi)" >> $GITHUB_ENV
- name: Add environment tag to existing image - name: Add environment tag to existing image
id: update-image-tags
env: env:
registry: ${{ steps.ecr-login.outputs.registry }} registry: ${{ steps.ecr-login.outputs.registry }}
commit_tag: ${{ github.sha }} commit_tag: ${{ github.sha }}
readable_tag: ${{ inputs.environment }}-${{ env.timestamp }} readable_tag: ${{ inputs.environment }}-${{ env.additional-tag }}
run: | run: |
manifest=$(aws ecr batch-get-image --repository-name $repository --image-ids imageTag=$commit_tag --output text --query images[].imageManifest) manifest=$(aws ecr batch-get-image --repository-name $repository --image-ids imageTag=$commit_tag --output text --query images[].imageManifest)
aws ecr put-image --repository-name $repository --image-tag $readable_tag --image-manifest "$manifest" aws ecr put-image --repository-name $repository --image-tag $readable_tag --image-manifest "$manifest"

16
.github/workflows/production_pipeline.yml

@ -16,6 +16,8 @@ jobs:
test: test:
name: Test name: Test
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs:
releasetag: ${{ steps.latestrelease.outputs.releasetag }}
services: services:
postgres: postgres:
@ -48,7 +50,7 @@ jobs:
- name: Get latest release with tag - name: Get latest release with tag
id: latestrelease id: latestrelease
run: | run: |
echo "::set-output name=releasetag::$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')" echo "releasetag=$(curl -s https://api.github.com/repos/${REPO_URL}/releases/latest | jq '.tag_name' | sed 's/\"//g')" >> $GITHUB_OUTPUT
- name: Confirm release tag - name: Confirm release tag
run: | run: |
@ -257,3 +259,15 @@ jobs:
cf set-env $APP_NAME CSV_DOWNLOAD_PAAS_INSTANCE $CSV_DOWNLOAD_PAAS_INSTANCE cf set-env $APP_NAME CSV_DOWNLOAD_PAAS_INSTANCE $CSV_DOWNLOAD_PAAS_INSTANCE
cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN cf set-env $APP_NAME SENTRY_DSN $SENTRY_DSN
cf push $APP_NAME --strategy rolling cf push $APP_NAME --strategy rolling
aws_deploy:
name: AWS Deploy
needs: [lint, test, feature_test, audit]
uses: ./.github/workflows/aws_deploy.yml
with:
aws_account_id: 977287343304
aws_resource_prefix: core-prod
environment: production
release_tag: ${{ needs.test.outputs.releasetag }}
permissions:
id-token: write

Loading…
Cancel
Save