Skip to content

Commit

Permalink
update staging/production workflows
Browse files Browse the repository at this point in the history
  • Loading branch information
@digorgonzola
digorgonzola committed Dec 29, 2023
1 parent d539677 commit 42ef6b7
Show file tree
Hide file tree
Showing 3 changed files with 158 additions and 115 deletions.
71 changes: 60 additions & 11 deletions .github/workflows/deploy-production.yml → .github/workflows/build-production.yml
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,20 @@
name: Deploy Production
name: Build, Test and Push - Production

on:
release:
types:
- published
workflow_dispatch:

permissions:
id-token: write
contents: read

jobs:
build_push:
build_test_push:
runs-on: ubuntu-latest
environment: production
outputs:
image_digest: ${{ steps.build_and_push.outputs.digest || steps.get_digest_from_tagged_image.outputs.image_tag }}
image_digest: ${{ steps.build_and_push.outputs.digest }}
steps:
- name: Checkout
uses: actions/checkout@v4
Expand All @@ -26,6 +25,30 @@ jobs:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Setup Docker Structure Test
run: >
curl -LO
https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64
&& chmod +x container-structure-test-linux-amd64 && sudo mv container-structure-test-linux-amd64
/usr/local/bin/container-structure-test
- name: Set Image Tag
id: set_image_tag
run: |
tag=${{ github.ref_name }}
echo "image_tag=${tag//\v/}" >> $GITHUB_OUTPUT
- name: Build Docker Image
uses: docker/build-push-action@v5
with:
context: .
load: true
tags: ${{ vars.ECR_REPOSITORY }}:${{ steps.set_image_tag.outputs.image_tag }}

- name: Test Docker Image
run: |
container-structure-test test --image ${{ vars.ECR_REPOSITORY }}:${{ steps.set_image_tag.outputs.image_tag }} --config tests/config.yaml
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
Expand All @@ -38,12 +61,6 @@ jobs:
with:
registry: ${{ vars.ECR_REGISTRY }}

- name: Set Image Tag
id: set_image_tag
run: |
tag=${{ github.ref_name }}
echo "image_tag=${tag//\v/}" >> $GITHUB_OUTPUT
- name: Build and Push Docker Image
if: ${{ github.event_name != 'workflow_dispatch' }}
id: build_and_push
Expand Down Expand Up @@ -73,7 +90,7 @@ jobs:
tf_version: '1.5.7'
tg_version: '0.54.0'
tg_dir: './deploy/tg'
needs: [build_push]
needs: [build_test_push]
steps:
- name: Checkout
uses: actions/checkout@v4
Expand Down Expand Up @@ -120,3 +137,35 @@ jobs:
TF_IN_AUTOMATION: true
# get the image digest from the build job with optional override from vars context
TF_VAR_image: ${{ vars.IMAGE || needs.build_push.outputs.image_digest }}

trigger_deploy:
runs-on: ubuntu-latest
needs: [build_test_push]
steps:
- name: Generate App Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.DEPLOY_APP_ID }}
private-key: ${{ secrets.DEPLOY_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: "appdeploy"

- name: Trigger Deploy Workflow
uses: actions/github-script@v7
with:
github-token: ${{ steps.app-token.outputs.token }}
retries: 3
retry-exempt-status-codes: 204
script: |
github.rest.actions.createWorkflowDispatch({
owner: 'aodn',
repo: 'appdeploy',
workflow_id: 'deploy.yml',
ref: 'main',
inputs: {
app_name: 'sample-django-app',
environment: 'production',
image_tag: '${{ needs.build_test_push.outputs.image_digest }}',
}
})
98 changes: 98 additions & 0 deletions .github/workflows/build-staging.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
name: Build, Test and Push - Staging

on:
push:
branches:
- master

permissions:
id-token: write
contents: read

jobs:
build_test_push:
runs-on: ubuntu-latest
environment: staging
outputs:
image_digest: ${{ steps.build_and_push.outputs.digest }}
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Setup Docker Structure Test
run: >
curl -LO
https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64
&& chmod +x container-structure-test-linux-amd64 && sudo mv container-structure-test-linux-amd64
/usr/local/bin/container-structure-test
- name: Build Docker Image
uses: docker/build-push-action@v5
with:
context: .
load: true
tags: ${{ vars.ECR_REPOSITORY }}:latest

- name: Test Docker Image
run: |
container-structure-test test --image ${{ vars.ECR_REPOSITORY }}:latest --config tests/config.yaml
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
audience: sts.amazonaws.com
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}

- name: Login to ECR
uses: docker/login-action@v3
with:
registry: ${{ vars.ECR_REGISTRY }}

- name: Build and Push Docker Image
id: build_and_push
uses: docker/build-push-action@v5
with:
context: .
# Only building for AMD64 for now
# platforms: linux/amd64,linux/arm64
push: true
tags: ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}:latest

trigger_deploy:
runs-on: ubuntu-latest
needs: [build_test_push]
steps:
- name: Generate App Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.DEPLOY_APP_ID }}
private-key: ${{ secrets.DEPLOY_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: "appdeploy"

- name: Trigger Deploy Workflow
uses: actions/github-script@v7
with:
github-token: ${{ steps.app-token.outputs.token }}
retries: 3
retry-exempt-status-codes: 204
script: |
github.rest.actions.createWorkflowDispatch({
owner: 'aodn',
repo: 'appdeploy',
workflow_id: 'deploy.yml',
ref: 'main',
inputs: {
app_name: 'sample-django-app',
environment: 'staging',
image_tag: '${{ needs.build_test_push.outputs.image_digest }}',
}
})
104 changes: 0 additions & 104 deletions .github/workflows/deploy-staging.yml
View file

This file was deleted.

0 comments on commit 42ef6b7

Please sign in to comment.