diff --git a/.github/workflows/build-and-push-frontend.yml b/.github/workflows/build-and-push-frontend.yml deleted file mode 100644 index 2b7cc55f27..0000000000 --- a/.github/workflows/build-and-push-frontend.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: Build frontend -env: - AWS_REGION: eu-west-2 - -#Deployer role is github actions publish code signing role & ECR repo are from Prod AWS Tooling acct - -on: - push: - branches: - - main - -jobs: - build: - runs-on: ubuntu-latest - timeout-minutes: 60 - permissions: - id-token: write - contents: read - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Assume AWS DEPLOYER role in tooling acct - uses: aws-actions/configure-aws-credentials@v1-node16 - with: - role-to-assume: ${{ secrets.DEPLOYER_ROLE }} - aws-region: ${{ env.AWS_REGION }} - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - name: Login to GDS Dev Dynatrace Container Registry - uses: docker/login-action@v3 - with: - registry: khw46367.live.dynatrace.com - username: khw46367 - password: ${{ secrets.DYNATRACE_PAAS_TOKEN }} - - name: Build, tag, and push frontend - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - ECR_REPOSITORY: ${{ secrets.TOOLING_ECR_FRONTEND_REPO }} - IMAGE_TAG: ${{ github.sha }} - run: | - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - - name: Build, tag, and push basic-auth-sidecar - working-directory: basic-auth-sidecar - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - ECR_REPOSITORY: ${{ secrets.BASIC_SIDECAR_ECR_REPO }} - IMAGE_TAG: ${{ github.sha }} - run: | - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - - name: Build, tag, and push service down page - working-directory: service-down-page-config - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - ECR_REPOSITORY: ${{ secrets.SERVICE_DOWN_ECR_REPO }} - IMAGE_TAG: ${{ github.sha }} - run: | - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \ No newline at end of file diff --git a/.github/workflows/deploy-frontend.yml b/.github/workflows/deploy-frontend.yml index 206912202e..f37c751538 100644 --- a/.github/workflows/deploy-frontend.yml +++ b/.github/workflows/deploy-frontend.yml @@ -1,4 +1,4 @@ -name: Deploy frontend +name: Build and Deploy frontend env: AWS_REGION: eu-west-2 @@ -9,10 +9,10 @@ on: push: branches: - main - workflow_run: - workflows: ["Build frontend"] - types: - - completed + +concurrency: + group: "deploy-frontend" + cancel-in-progress: false jobs: pr-data: @@ -113,11 +113,68 @@ jobs: console.log(result); return result; + build: + runs-on: ubuntu-latest + timeout-minutes: 60 + permissions: + id-token: write + contents: read + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Assume AWS DEPLOYER role in tooling acct + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ secrets.DEPLOYER_ROLE }} + aws-region: ${{ env.AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + - name: Login to GDS Dev Dynatrace Container Registry + uses: docker/login-action@v3 + with: + registry: khw46367.live.dynatrace.com + username: khw46367 + password: ${{ secrets.DYNATRACE_PAAS_TOKEN }} + + - name: Generate image tag + id: image_tag + run: echo "value=${ECR_REGISTRY}/${ECR_REPOSITORY}:${{ github.sha }}" >> "${GITHUB_ENV}" + + - name: Build, tag, and push frontend + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.TOOLING_ECR_FRONTEND_REPO }} + run: | + docker build -t "${{ steps.image_tag.outputs.value }}" . + docker push "${{ steps.image_tag.outputs.value }}" + + - name: Build, tag, and push basic-auth-sidecar + working-directory: basic-auth-sidecar + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.BASIC_SIDECAR_ECR_REPO }} + run: | + docker build -t "${{ steps.image_tag.outputs.value }}" . + docker push "${{ steps.image_tag.outputs.value }}" + + - name: Build, tag, and push service down page + working-directory: service-down-page-config + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY: ${{ secrets.SERVICE_DOWN_ECR_REPO }} + IMAGE_TAG: ${{ github.sha }} + run: | + docker build -t "${{ steps.image_tag.outputs.value }}" . + docker push "${{ steps.image_tag.outputs.value }}" + deploy: - if: ${{ github.event.workflow_run.conclusion == 'success' }} runs-on: ubuntu-latest timeout-minutes: 60 - needs: pr-data + needs: + - pr-data + - build permissions: id-token: write contents: read @@ -134,11 +191,16 @@ jobs: - name: Upload frontend Terraform files working-directory: ci/terraform run: | + echo "::group::Zip up frontend terraform" zip -r frontend.zip . - S3_RESPONSE=`aws s3api put-object \ + echo "::endgroup::" + + echo "::group::Upload artifact to S3" + OBJECT_VERSION="$(aws s3api put-object \ --bucket ${{ secrets.ARTIFACT_BUCKET }} \ --key frontend.zip \ --body frontend.zip \ - --metadata '${{ toJson(fromJson(needs.pr-data.outputs.data)) }}'` - VERSION=`echo $S3_RESPONSE | jq .VersionId -r` - echo "VERSION=$VERSION" >> $GITHUB_ENV + --metadata '${{ toJson(fromJson(needs.pr-data.outputs.data)) }}' \ + --query VersionId --output text)" + echo "::endgroup::" + echo "::notice title=Final artifact uploaded to S3::object: frontend.zip, version: $OBJECT_VERSION"