From 88d1a452ec4e3664cd8491ec6a37a3a517cf79ca Mon Sep 17 00:00:00 2001 From: digorgonzola <29941279+digorgonzola@users.noreply.github.com> Date: Wed, 20 Dec 2023 20:29:08 +1100 Subject: [PATCH] github workflows: add step to sync .env files to s3 --- .github/workflows/deploy-development.yml | 7 +++++++ .github/workflows/deploy-production.yml | 11 +++++++++-- .github/workflows/deploy-staging.yml | 11 +++++++++-- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/.github/workflows/deploy-development.yml b/.github/workflows/deploy-development.yml index 882d911..527fca8 100644 --- a/.github/workflows/deploy-development.yml +++ b/.github/workflows/deploy-development.yml @@ -105,6 +105,13 @@ jobs: aws-region: ${{ vars.AWS_REGION }} role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + - name: Push container environment file to S3 + run: aws s3 sync . $bucket_path --include "$include.env" + working-directory: ./deploy/container + env: + bucket_path: ${{ vars.CONFIG_BUCKET_PATH }} + include: ${{ vars.ENVIRONMENT }} + - name: Expose github variables to shell as environment variables env: VARS_CONTEXT: ${{ toJson(vars) }} diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index d090eea..f736177 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -95,6 +95,13 @@ jobs: aws-region: ${{ vars.AWS_REGION }} role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + - name: Push container environment file to S3 + run: aws s3 sync . $bucket_path --include "$include.env" + working-directory: ./deploy/container + env: + bucket_path: ${{ vars.CONFIG_BUCKET_PATH }} + include: ${{ vars.ENVIRONMENT }} + - name: Expose github environment as shell variables env: SECRETS_CONTEXT: ${{ toJson(secrets) }} @@ -116,7 +123,7 @@ jobs: TF_INPUT: 0 TF_IN_AUTOMATION: true # get the image digest from the build job with optional override from vars context - TF_VAR_image: ${{ vars.IMAGE || needs.build_push.outputs.image_digest }} + TF_VAR_image: ${{ needs.build_push.outputs.image_digest }} - name: Terragrunt Apply uses: gruntwork-io/terragrunt-action@v2 @@ -129,4 +136,4 @@ jobs: TF_INPUT: 0 TF_IN_AUTOMATION: true # get the image digest from the build job with optional override from vars context - TF_VAR_image: ${{ vars.IMAGE || needs.build_push.outputs.image_digest }} + TF_VAR_image: ${{ needs.build_push.outputs.image_digest }} diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index d3303b4..151df70 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -77,6 +77,13 @@ jobs: aws-region: ${{ vars.AWS_REGION }} role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + - name: Push container environment file to S3 + run: aws s3 sync . $bucket_path --include "$include.env" + working-directory: ./deploy/container + env: + bucket_path: ${{ vars.CONFIG_BUCKET_PATH }} + include: ${{ vars.ENVIRONMENT }} + - name: Expose github environment as shell variables env: SECRETS_CONTEXT: ${{ toJson(secrets) }} @@ -98,7 +105,7 @@ jobs: TF_INPUT: 0 TF_IN_AUTOMATION: true # get the image digest from the build job with optional override from vars context - TF_VAR_image: ${{ vars.IMAGE || needs.build_push.outputs.image_digest }} + TF_VAR_image: ${{ needs.build_push.outputs.image_digest }} - name: Terragrunt Apply uses: gruntwork-io/terragrunt-action@v2 @@ -111,4 +118,4 @@ jobs: TF_INPUT: 0 TF_IN_AUTOMATION: true # get the image digest from the build job with optional override from vars context - TF_VAR_image: ${{ vars.IMAGE || needs.build_push.outputs.image_digest }} + TF_VAR_image: ${{ needs.build_push.outputs.image_digest }}