From c64d969948b8ac64b83e154e20b44ce5fb5a691f Mon Sep 17 00:00:00 2001
From: Sam Seed <sam.seed@softwire.com>
Date: Tue, 10 Oct 2023 09:29:04 +0100
Subject: [PATCH] Reintroduce deploy job, but only up to adding tags

---
 .github/workflows/aws_deploy.yml | 49 ++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/.github/workflows/aws_deploy.yml b/.github/workflows/aws_deploy.yml
index 5b1bb4a8f..e8a1b50c3 100644
--- a/.github/workflows/aws_deploy.yml
+++ b/.github/workflows/aws_deploy.yml
@@ -66,3 +66,52 @@ jobs:
         run: |
           docker build -t $registry/$repository:$commit_tag . --target=production
           docker push $registry/$repository:$commit_tag
+
+  deploy:
+    name: Deploy image
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    needs: push_docker_image
+    if: |
+      always() &&
+      (needs.push_docker_image.result == 'success' || needs.push_docker_image.result == 'skipped')
+
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          aws-region: ${{ env.aws_region }}
+          role-to-assume: ${{ env.app_repo_role }}
+
+      - name: Login to Amazon ECR
+        id: ecr-login
+        uses: aws-actions/amazon-ecr-login@v1
+        with:
+          mask-password: 'true'
+
+      - name: Get timestamp
+        id: timestamp
+        run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_ENV
+
+      - name: Checkout at release tag
+        uses: actions/checkout@v3
+        if: inputs.environment == 'production'
+        with:
+          ref: ${{ inputs.release_tag }}
+
+      - name: Get tags
+        id: tags
+        run: |
+          echo "commit-tag=$(if [[ ${{ inputs.environment }} == 'production' ]]; then echo $(git log -1 '--format=format:%H'); else echo ${{ github.sha }}; fi)" >> $GITHUB_ENV
+          echo "additional-tag=$(if [[ ${{ inputs.environment }} == 'production' ]]; then echo ${{ inputs.release_tag }}-${{ env.timestamp }}; else echo ${{ env.timestamp }}; fi)" >> $GITHUB_ENV
+
+      - name: Add environment tag to existing image
+        id: update-image-tags
+        env:
+          registry: ${{ steps.ecr-login.outputs.registry }}
+          commit_tag: ${{ env.commit-tag }}
+          readable_tag: ${{ inputs.environment }}-${{ env.additional-tag }}
+        run: |
+          manifest=$(aws ecr batch-get-image --repository-name $repository --image-ids imageTag=$commit_tag --output text --query images[].imageManifest)
+          aws ecr put-image --repository-name $repository --image-tag $readable_tag --image-manifest "$manifest"
+          echo "image=$registry/$repository:$readable_tag" >> $GITHUB_ENV