From 078fe8d414f716df52dfec6e8997bdf92d291b5c Mon Sep 17 00:00:00 2001
From: Stefan Hattrell <29941279+digorgonzola@users.noreply.github.com>
Date: Thu, 1 Feb 2024 11:53:39 +1100
Subject: [PATCH] github: add trigger job to staging/prod workflows

---
 .github/workflows/build-production.yml | 73 ++++++++++++-------------
 .github/workflows/build-staging.yml    | 74 ++++++++++++--------------
 2 files changed, 66 insertions(+), 81 deletions(-)

diff --git a/.github/workflows/build-production.yml b/.github/workflows/build-production.yml
index ee4bf25..6772ca3 100644
--- a/.github/workflows/build-production.yml
+++ b/.github/workflows/build-production.yml
@@ -9,10 +9,13 @@ permissions:
   id-token: write
   contents: read
 
+env:
+  environment_name: production
+
 jobs:
   build_push:
     runs-on: ubuntu-latest
-    environment: production
+    environment: ${{ env.environment_name }}
     outputs:
       image_digest: ${{ steps.build_and_push.outputs.digest }}
     steps:
@@ -50,49 +53,39 @@ jobs:
       - name: Push Image Digest to SSM
         run: |
           aws ssm put-parameter \
-            --name "/apps/sample-django-app/production/image_digest" \
+            --name "/apps/sample-django-app/${{ env.environment_name }}/image_digest" \
             --type "String" \
             --value "$digest" \
             --overwrite
         env:
           digest: ${{ steps.build_and_push.outputs.digest }}
 
-# Optional deployment job if you want to update the task immediately
-# However, the appdeploy repository is configured to run drift jobs on an hourly basis
-# See: https://terrateam.io/docs/features/drift-detection
+  trigger_deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate App Token
+        uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ vars.DEPLOY_APP_ID }}
+          private-key: ${{ secrets.DEPLOY_APP_PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+          repositories: "appdeploy"
 
-#  deploy:
-#    runs-on: ubuntu-latest
-#    environment: production
-#    needs: [build_push]
-#    steps:
-#      - name: Configure AWS Credentials
-#        uses: aws-actions/configure-aws-credentials@v4
-#        with:
-#          audience: sts.amazonaws.com
-#          aws-region: ${{ vars.AWS_REGION }}
-#          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-#
-#      - name: Get Currently Running Task Definition
-#        id: get-current-task-definition
-#        run: |
-#          aws ecs describe-task-definition \
-#            --task-definition ${{ vars.FAMILY }} \
-#            --query taskDefinition > task-definition.json
-#
-#      - name: Update Task Definition with Image Digest
-#        id: update-api-image-tag
-#        uses: aws-actions/amazon-ecs-render-task-definition@v1
-#        with:
-#          task-definition: task-definition.json
-#          container-name: app
-#          image: ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}@${{ needs.build_push.outputs.image_digest }}
-#
-#      - name: Deploy to Amazon ECS service
-#        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-#        with:
-#          task-definition: ${{ steps.update-api-image-tag.outputs.task-definition }}
-#          service: ${{ vars.FAMILY }}
-#          cluster: ${{ vars.CLUSTER }}
-#          force-new-deployment: true
-#          wait-for-service-stability: true
+      - name: Trigger Deploy Workflow
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ steps.app-token.outputs.token }}
+          retries: 3
+          retry-exempt-status-codes: 204
+          script: |
+            github.rest.actions.createWorkflowDispatch({
+              owner: 'aodn',
+              repo: 'appdeploy',
+              workflow_id: 'deploy.yml',
+              ref: 'main',
+              inputs: {
+                app_name: 'sample-django-app',
+                environment: '${{ env.environment_name }}'
+              }
+            })
diff --git a/.github/workflows/build-staging.yml b/.github/workflows/build-staging.yml
index e71db4a..96b1911 100644
--- a/.github/workflows/build-staging.yml
+++ b/.github/workflows/build-staging.yml
@@ -13,10 +13,13 @@ permissions:
   id-token: write
   contents: read
 
+env:
+  environment_name: staging
+
 jobs:
   build_push:
     runs-on: ubuntu-latest
-    environment: staging
+    environment: ${{ env.environment_name }}
     outputs:
       image_digest: ${{ steps.build_and_push.outputs.digest }}
     steps:
@@ -54,50 +57,39 @@ jobs:
       - name: Push Image Digest to SSM
         run: |
           aws ssm put-parameter \
-            --name "/apps/sample-django-app/staging/image_digest" \
+            --name "/apps/sample-django-app/${{ env.environment_name }}/image_digest" \
             --type "String" \
             --value "$digest" \
             --overwrite
         env:
           digest: ${{ steps.build_and_push.outputs.digest }}
 
+  trigger_deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate App Token
+        uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ vars.DEPLOY_APP_ID }}
+          private-key: ${{ secrets.DEPLOY_APP_PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+          repositories: "appdeploy"
 
-# Optional deployment job if you want to update the task immediately
-# However, the appdeploy repository is configured to run drift jobs on an hourly basis
-# See: https://terrateam.io/docs/features/drift-detection
-
-#  deploy:
-#    runs-on: ubuntu-latest
-#    environment: staging
-#    needs: [build_push]
-#    steps:
-#      - name: Configure AWS Credentials
-#        uses: aws-actions/configure-aws-credentials@v4
-#        with:
-#          audience: sts.amazonaws.com
-#          aws-region: ${{ vars.AWS_REGION }}
-#          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-#
-#      - name: Get Currently Running Task Definition
-#        id: get-current-task-definition
-#        run: |
-#          aws ecs describe-task-definition \
-#            --task-definition ${{ vars.FAMILY }} \
-#            --query taskDefinition > task-definition.json
-#
-#      - name: Update Task Definition with Image Digest
-#        id: update-api-image-tag
-#        uses: aws-actions/amazon-ecs-render-task-definition@v1
-#        with:
-#          task-definition: task-definition.json
-#          container-name: app
-#          image: ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}@${{ needs.build_push.outputs.image_digest }}
-#
-#      - name: Deploy to Amazon ECS service
-#        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-#        with:
-#          task-definition: ${{ steps.update-api-image-tag.outputs.task-definition }}
-#          service: ${{ vars.FAMILY }}
-#          cluster: ${{ vars.CLUSTER }}
-#          force-new-deployment: true
-#          wait-for-service-stability: true
+      - name: Trigger Deploy Workflow
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ steps.app-token.outputs.token }}
+          retries: 3
+          retry-exempt-status-codes: 204
+          script: |
+            github.rest.actions.createWorkflowDispatch({
+              owner: 'aodn',
+              repo: 'appdeploy',
+              workflow_id: 'deploy.yml',
+              ref: 'main',
+              inputs: {
+                app_name: 'sample-django-app',
+                environment: '${{ env.environment_name }}'
+              }
+            })