Skip to content

Commit

Permalink
ATO-762: Testing [deploy].
Browse files Browse the repository at this point in the history
  • Loading branch information
@kalpaitch
kalpaitch committed Jul 22, 2024
1 parent b451dce commit 0bd9869
Showing 1 changed file with 183 additions and 0 deletions.
183 changes: 183 additions & 0 deletions .github/workflows/deploy-prod.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,183 @@
name: Deploy to production
run-name: Deploy to production [${{ github.head_ref || github.ref_name }}]

on:
push:
branches:
- main-fake

permissions:
id-token: write
contents: read

jobs:
build-frontend:
if: github.event_name == 'merge_group'
name: Build frontend
runs-on: ubuntu-latest
outputs:
artifact-name: ${{ steps.build.outputs.artifact-id }}
steps:
- name: Pull repository
id: checkout
uses: actions/checkout@v4

- name: Build
id: build
uses: ./.github/actions/build-frontend
with:
artifact-name: frontend-build-production

push-frontend:
if: github.event_name == 'merge_group'
name: Push image
needs: build-frontend
runs-on: ubuntu-latest
timeout-minutes: 20
environment:
name: production
url: ${{ steps.push.outputs.pipeline-url }}
outputs:
pipeline-url: ${{ steps.push.outputs.pipeline-url }}
steps:
- name: Pull repository
id: checkout
uses: actions/checkout@v4

- name: Push
id: push
uses: ./.github/actions/push-frontend
with:
deployment-role-arn: ${{ vars.FRONTEND_DEPLOYMENT_ROLE_ARN }}
artifact-bucket-name: ${{ vars.FRONTEND_DEPLOYMENT_ARTIFACTS_BUCKET }}
pipeline-name: ${{ vars.FRONTEND_PIPELINE_NAME }}
artifact-name: ${{ needs.build-frontend.outputs.artifact-name }}
dynatrace-pass-token: ${{ secrets.DYNATRACE_PAAS_TOKEN }}
container-repository-name: ${{ vars.FRONTEND_CONTAINER_REPOSITORY_NAME }}
test-container-repository-name: ${{ vars.FRONTEND_TEST_CONTAINER_REPOSITORY_NAME }}

build-dynamo:
if: github.event_name == 'merge_group'
name: Build dynamodb
runs-on: ubuntu-latest
outputs:
artifact-name: ${{ steps.build.outputs.artifact-name }}
cache-key: ${{ steps.build.outputs.cache-key }}
steps:
- name: Build
id: build
uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024
with:
template: backend/dynamodb/cognito.template.yml
base-dir: backend/dynamodb
source-dir: backend/dynamodb
cache-name: dynamodb-infra
artifact-name: dynamodb-infrastructure
pull-repository: true

deploy-dynamodb:
if: github.event_name == 'merge_group'
name: Deploy dynamodb
runs-on: ubuntu-latest
environment:
name: production
url: ${{ steps.deploy.outputs.pipeline-url }}
outputs:
pipeline-url: ${{ steps.deploy.outputs.pipeline-url }}
steps:
- name: Deploy
id: deploy
uses: govuk-one-login/github-actions/secure-pipelines/deploy-application@db4b3614f5f863f56a5356052262878ecec83b31 # 22/07/2024
timeout-minutes: 15
with:
aws-role-arn: ${{ vars.DYNAMODB_DEPLOYMENT_ROLE_ARN }}
artifact-bucket-name: ${{ vars.DYNAMODB_DEPLOYMENT_ARTIFACTS_BUCKET }}
signing-profile-name: ${{ vars.SIGNING_PROFILE_NAME }}
pipeline-name: ${{ vars.DYNAMODB_PIPELINE_NAME }}
artifact-name: ${{ needs.build-dynamodb.outputs.artifact-name }}
template: .aws-sam/build/template.yaml

build-cognito:
if: github.event_name == 'merge_group'
name: Build cognito
runs-on: ubuntu-latest
outputs:
artifact-name: ${{ steps.build.outputs.artifact-name }}
cache-key: ${{ steps.build.outputs.cache-key }}
steps:
- name: Build
id: build
uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024
with:
template: backend/cognito/cognito.template.yml
manifest: backend/cognito/package.json
base-dir: backend/cognito
source-dir: backend/cognito
cache-name: cognito-infra
artifact-name: cognito-infrastructure
pull-repository: true

deploy-cognito:
if: github.event_name == 'merge_group'
name: Deploy cognito
runs-on: ubuntu-latest
environment:
name: production
url: ${{ steps.deploy.outputs.pipeline-url }}
outputs:
pipeline-url: ${{ steps.deploy.outputs.pipeline-url }}
steps:
- name: Deploy
id: deploy
uses: govuk-one-login/github-actions/secure-pipelines/deploy-application@db4b3614f5f863f56a5356052262878ecec83b31 # 22/07/2024
timeout-minutes: 15
with:
aws-role-arn: ${{ vars.COGNITO_DEPLOYMENT_ROLE_ARN }}
artifact-bucket-name: ${{ vars.COGNITO_DEPLOYMENT_ARTIFACTS_BUCKET }}
signing-profile-name: ${{ vars.SIGNING_PROFILE_NAME }}
pipeline-name: ${{ vars.COGNITO_PIPELINE_NAME }}
artifact-name: ${{ needs.build-cognito.outputs.artifact-name }}
template: .aws-sam/build/template.yaml

build-api:
if: github.event_name == 'merge_group'
name: Build api
runs-on: ubuntu-latest
outputs:
artifact-name: ${{ steps.build.outputs.artifact-name }}
cache-key: ${{ steps.build.outputs.cache-key }}
steps:
- name: Build
id: build
uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024
with:
template: backend/api/api.template.yml
manifest: backend/api/package.json
base-dir: backend/api
source-dir: backend/api
additional-artifact-paths: backend/api/state-machines
cache-name: api-infra
artifact-name: api-infrastructure
pull-repository: true

deploy-api:
if: github.event_name == 'merge_group'
name: Deploy api
runs-on: ubuntu-latest
environment:
name: production
url: ${{ steps.deploy.outputs.pipeline-url }}
outputs:
pipeline-url: ${{ steps.deploy.outputs.pipeline-url }}
steps:
- name: Deploy
id: deploy
uses: govuk-one-login/github-actions/secure-pipelines/deploy-application@db4b3614f5f863f56a5356052262878ecec83b31 # 22/07/2024
timeout-minutes: 15
with:
aws-role-arn: ${{ vars.API_DEPLOYMENT_ROLE_ARN }}
artifact-bucket-name: ${{ vars.API_DEPLOYMENT_ARTIFACTS_BUCKET }}
signing-profile-name: ${{ vars.SIGNING_PROFILE_NAME }}
pipeline-name: ${{ vars.API_PIPELINE_NAME }}
artifact-name: ${{ needs.build-api.outputs.artifact-name }}
template: .aws-sam/build/template.yaml

0 comments on commit 0bd9869

Please sign in to comment.