update github production workflow

aodn · Jan 1, 2024 · 21473d1 · 21473d1
1 parent 124112b
commit 21473d1
Showing 1 changed file with 3 additions and 69 deletions.
diff --git a/.github/workflows/build-production.yml b/.github/workflows/build-production.yml
@@ -1,9 +1,9 @@
 name: Build, Test and Push - Production
 
 on:
-  release:
-      types:
-        - published
+  push:
+    tags:
+      - prod
 
 permissions:
   id-token: write
@@ -72,72 +72,6 @@ jobs:
           push: true
           tags: ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}:${{ steps.set_image_tag.outputs.image_tag }}
 
-      # For manually triggered runs, grab the image digest from the already built image
-      - name: Get Digest from Tagged Image
-        if: ${{ github.event_name == 'workflow_dispatch' }}
-        id: get_digest_from_tagged_image
-        run: |
-          image_digest=$(aws ecr describe-images \
-            --repository-name ${{ vars.ECR_REPOSITORY }} \
-            --image-ids imageTag=${{ steps.set_image_tag.outputs.image_tag }} \
-            | jq -r '.imageDetails[].imageDigest')
-          echo "image_digest=$image_digest" >> $GITHUB_OUTPUT
-
-  production_deploy:
-    runs-on: ubuntu-latest
-    environment: production
-    env:
-      tf_version: '1.5.7'
-      tg_version: '0.54.0'
-      tg_dir: './deploy/tg'
-    needs: [build_test_push]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          audience: sts.amazonaws.com
-          aws-region: ${{ vars.AWS_REGION }}
-          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
-
-      - name: Expose github environment as shell variables
-        env:
-          SECRETS_CONTEXT: ${{ toJson(secrets) }}
-          VARS_CONTEXT: ${{ toJson(vars) }}
-        run: |
-          EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
-          to_envs() { jq -r "to_entries[] | \"\(.key)<<$EOF\n\(.value)\n$EOF\n\""; }
-          echo "$VARS_CONTEXT" | to_envs >> $GITHUB_ENV
-          echo "$SECRETS_CONTEXT" | to_envs >> $GITHUB_ENV
-
-      - name: Terragrunt Plan
-        uses: gruntwork-io/terragrunt-action@v2
-        with:
-          tf_version: ${{ env.tf_version }}
-          tg_version: ${{ env.tg_version }}
-          tg_dir: ${{ env.tg_dir }}
-          tg_command: 'run-all plan -out=tf.plan'
-        env:
-          TF_INPUT: 0
-          TF_IN_AUTOMATION: true
-          # get the image digest from the build job with optional override from vars context
-          TF_VAR_image: ${{ vars.IMAGE || needs.build_test_push.outputs.image_digest }}
-
-      - name: Terragrunt Apply
-        uses: gruntwork-io/terragrunt-action@v2
-        with:
-          tf_version: ${{ env.tf_version }}
-          tg_version: ${{ env.tg_version }}
-          tg_dir: ${{ env.tg_dir }}
-          tg_command: '--terragrunt-non-interactive --terragrunt-log-level info run-all apply -auto-approve tf.plan'
-        env:
-          TF_INPUT: 0
-          TF_IN_AUTOMATION: true
-          # get the image digest from the build job with optional override from vars context
-          TF_VAR_image: ${{ vars.IMAGE || needs.build_test_push.outputs.image_digest }}
-
   trigger_deploy:
     runs-on: ubuntu-latest
     needs: [build_test_push]