From 0bd986958d7bcfd576f1899c3ad7fb90f87c0b7e Mon Sep 17 00:00:00 2001 From: Andrew Hughes-Onslow Date: Tue, 23 Jul 2024 00:27:25 +0100 Subject: [PATCH 1/4] ATO-762: Testing [deploy]. --- .github/workflows/deploy-prod.yml | 183 ++++++++++++++++++++++++++++++ 1 file changed, 183 insertions(+) create mode 100644 .github/workflows/deploy-prod.yml diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml new file mode 100644 index 000000000..1f787bb7a --- /dev/null +++ b/.github/workflows/deploy-prod.yml @@ -0,0 +1,183 @@ +name: Deploy to production +run-name: Deploy to production [${{ github.head_ref || github.ref_name }}] + +on: + push: + branches: + - main-fake + +permissions: + id-token: write + contents: read + +jobs: + build-frontend: + if: github.event_name == 'merge_group' + name: Build frontend + runs-on: ubuntu-latest + outputs: + artifact-name: ${{ steps.build.outputs.artifact-id }} + steps: + - name: Pull repository + id: checkout + uses: actions/checkout@v4 + + - name: Build + id: build + uses: ./.github/actions/build-frontend + with: + artifact-name: frontend-build-production + + push-frontend: + if: github.event_name == 'merge_group' + name: Push image + needs: build-frontend + runs-on: ubuntu-latest + timeout-minutes: 20 + environment: + name: production + url: ${{ steps.push.outputs.pipeline-url }} + outputs: + pipeline-url: ${{ steps.push.outputs.pipeline-url }} + steps: + - name: Pull repository + id: checkout + uses: actions/checkout@v4 + + - name: Push + id: push + uses: ./.github/actions/push-frontend + with: + deployment-role-arn: ${{ vars.FRONTEND_DEPLOYMENT_ROLE_ARN }} + artifact-bucket-name: ${{ vars.FRONTEND_DEPLOYMENT_ARTIFACTS_BUCKET }} + pipeline-name: ${{ vars.FRONTEND_PIPELINE_NAME }} + artifact-name: ${{ needs.build-frontend.outputs.artifact-name }} + dynatrace-pass-token: ${{ secrets.DYNATRACE_PAAS_TOKEN }} + container-repository-name: ${{ vars.FRONTEND_CONTAINER_REPOSITORY_NAME }} + test-container-repository-name: ${{ vars.FRONTEND_TEST_CONTAINER_REPOSITORY_NAME }} + + build-dynamo: + if: github.event_name == 'merge_group' + name: Build dynamodb + runs-on: ubuntu-latest + outputs: + artifact-name: ${{ steps.build.outputs.artifact-name }} + cache-key: ${{ steps.build.outputs.cache-key }} + steps: + - name: Build + id: build + uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024 + with: + template: backend/dynamodb/cognito.template.yml + base-dir: backend/dynamodb + source-dir: backend/dynamodb + cache-name: dynamodb-infra + artifact-name: dynamodb-infrastructure + pull-repository: true + + deploy-dynamodb: + if: github.event_name == 'merge_group' + name: Deploy dynamodb + runs-on: ubuntu-latest + environment: + name: production + url: ${{ steps.deploy.outputs.pipeline-url }} + outputs: + pipeline-url: ${{ steps.deploy.outputs.pipeline-url }} + steps: + - name: Deploy + id: deploy + uses: govuk-one-login/github-actions/secure-pipelines/deploy-application@db4b3614f5f863f56a5356052262878ecec83b31 # 22/07/2024 + timeout-minutes: 15 + with: + aws-role-arn: ${{ vars.DYNAMODB_DEPLOYMENT_ROLE_ARN }} + artifact-bucket-name: ${{ vars.DYNAMODB_DEPLOYMENT_ARTIFACTS_BUCKET }} + signing-profile-name: ${{ vars.SIGNING_PROFILE_NAME }} + pipeline-name: ${{ vars.DYNAMODB_PIPELINE_NAME }} + artifact-name: ${{ needs.build-dynamodb.outputs.artifact-name }} + template: .aws-sam/build/template.yaml + + build-cognito: + if: github.event_name == 'merge_group' + name: Build cognito + runs-on: ubuntu-latest + outputs: + artifact-name: ${{ steps.build.outputs.artifact-name }} + cache-key: ${{ steps.build.outputs.cache-key }} + steps: + - name: Build + id: build + uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024 + with: + template: backend/cognito/cognito.template.yml + manifest: backend/cognito/package.json + base-dir: backend/cognito + source-dir: backend/cognito + cache-name: cognito-infra + artifact-name: cognito-infrastructure + pull-repository: true + + deploy-cognito: + if: github.event_name == 'merge_group' + name: Deploy cognito + runs-on: ubuntu-latest + environment: + name: production + url: ${{ steps.deploy.outputs.pipeline-url }} + outputs: + pipeline-url: ${{ steps.deploy.outputs.pipeline-url }} + steps: + - name: Deploy + id: deploy + uses: govuk-one-login/github-actions/secure-pipelines/deploy-application@db4b3614f5f863f56a5356052262878ecec83b31 # 22/07/2024 + timeout-minutes: 15 + with: + aws-role-arn: ${{ vars.COGNITO_DEPLOYMENT_ROLE_ARN }} + artifact-bucket-name: ${{ vars.COGNITO_DEPLOYMENT_ARTIFACTS_BUCKET }} + signing-profile-name: ${{ vars.SIGNING_PROFILE_NAME }} + pipeline-name: ${{ vars.COGNITO_PIPELINE_NAME }} + artifact-name: ${{ needs.build-cognito.outputs.artifact-name }} + template: .aws-sam/build/template.yaml + + build-api: + if: github.event_name == 'merge_group' + name: Build api + runs-on: ubuntu-latest + outputs: + artifact-name: ${{ steps.build.outputs.artifact-name }} + cache-key: ${{ steps.build.outputs.cache-key }} + steps: + - name: Build + id: build + uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024 + with: + template: backend/api/api.template.yml + manifest: backend/api/package.json + base-dir: backend/api + source-dir: backend/api + additional-artifact-paths: backend/api/state-machines + cache-name: api-infra + artifact-name: api-infrastructure + pull-repository: true + + deploy-api: + if: github.event_name == 'merge_group' + name: Deploy api + runs-on: ubuntu-latest + environment: + name: production + url: ${{ steps.deploy.outputs.pipeline-url }} + outputs: + pipeline-url: ${{ steps.deploy.outputs.pipeline-url }} + steps: + - name: Deploy + id: deploy + uses: govuk-one-login/github-actions/secure-pipelines/deploy-application@db4b3614f5f863f56a5356052262878ecec83b31 # 22/07/2024 + timeout-minutes: 15 + with: + aws-role-arn: ${{ vars.API_DEPLOYMENT_ROLE_ARN }} + artifact-bucket-name: ${{ vars.API_DEPLOYMENT_ARTIFACTS_BUCKET }} + signing-profile-name: ${{ vars.SIGNING_PROFILE_NAME }} + pipeline-name: ${{ vars.API_PIPELINE_NAME }} + artifact-name: ${{ needs.build-api.outputs.artifact-name }} + template: .aws-sam/build/template.yaml From b8c6ba5580e3c81893f36d7ad718de6e7c0d4b3b Mon Sep 17 00:00:00 2001 From: Andrew Hughes-Onslow Date: Tue, 23 Jul 2024 10:05:05 +0100 Subject: [PATCH 2/4] ATO-762: Updating tests. --- .../build-backend-component/action.yml | 47 +++++++++++++++++++ .github/workflows/test.yml | 14 ++---- 2 files changed, 51 insertions(+), 10 deletions(-) create mode 100644 .github/actions/build-backend-component/action.yml diff --git a/.github/actions/build-backend-component/action.yml b/.github/actions/build-backend-component/action.yml new file mode 100644 index 000000000..58511ec0b --- /dev/null +++ b/.github/actions/build-backend-component/action.yml @@ -0,0 +1,47 @@ +name: "Build application" +description: "Build and compile all the assets required to run the application in the container" +inputs: + component: + description: "The backend component to build" + required: true + artifact-name: + description: "The artifact name to store the build cache under" + required: true + default: backend-build +outputs: + artifact-id: + description: "The artifact id for the artifact that was just uploaded or empty if the artifact upload failed." + value: ${{ steps.upload.outputs.artifact-id }} +runs: + using: composite + steps: + - name: Pull repository + id: checkout + uses: actions/checkout@v4 + + - name: Install Node + id: node + uses: actions/setup-node@v4 + with: + cache: npm + node-version: 18 + + - name: Install Node dependencies + id: install + shell: bash + working-directory: backend/${{ inputs.component }} + run: npm install --include-workspace-root + + - name: Archive distribution artifact + id: upload + uses: actions/upload-artifact@v4 + with: + name: ${{ inputs.artifact-name }}-${{ inputs.component }} + retention-days: 7 + path: | + express/dist + express/resources + express/src/views + express/assets/images + express/package*.json + express/manifest.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b2d321c68..74dd2a9ba 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -70,11 +70,8 @@ jobs: id: checkout uses: actions/checkout@v4 - - name: Build - id: build - uses: ./.github/actions/build-frontend - with: - artifact-name: frontend-build-sonar + - name: Install Node dependencies + run: npm install - name: Generate coverage report run: npm run test:cov @@ -97,11 +94,8 @@ jobs: id: checkout uses: actions/checkout@v4 - - name: Build - id: build - uses: ./.github/actions/build-frontend - with: - artifact-name: frontend-build-tests + - name: Install Node dependencies + run: npm install - name: Run unit tests id: run-tests From 1633dcbed0ebcc8ac76ee86e5ed517786ca3f757 Mon Sep 17 00:00:00 2001 From: Andrew Hughes-Onslow Date: Tue, 23 Jul 2024 10:10:27 +0100 Subject: [PATCH 3/4] ATO-762: [deploy] Removing unecessary service. --- .../build-backend-component/action.yml | 47 ------------ .github/workflows/deploy-branch.yml | 74 ++++++++++++------- backend/api/api.template.yml | 44 +++++------ 3 files changed, 70 insertions(+), 95 deletions(-) delete mode 100644 .github/actions/build-backend-component/action.yml diff --git a/.github/actions/build-backend-component/action.yml b/.github/actions/build-backend-component/action.yml deleted file mode 100644 index 58511ec0b..000000000 --- a/.github/actions/build-backend-component/action.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: "Build application" -description: "Build and compile all the assets required to run the application in the container" -inputs: - component: - description: "The backend component to build" - required: true - artifact-name: - description: "The artifact name to store the build cache under" - required: true - default: backend-build -outputs: - artifact-id: - description: "The artifact id for the artifact that was just uploaded or empty if the artifact upload failed." - value: ${{ steps.upload.outputs.artifact-id }} -runs: - using: composite - steps: - - name: Pull repository - id: checkout - uses: actions/checkout@v4 - - - name: Install Node - id: node - uses: actions/setup-node@v4 - with: - cache: npm - node-version: 18 - - - name: Install Node dependencies - id: install - shell: bash - working-directory: backend/${{ inputs.component }} - run: npm install --include-workspace-root - - - name: Archive distribution artifact - id: upload - uses: actions/upload-artifact@v4 - with: - name: ${{ inputs.artifact-name }}-${{ inputs.component }} - retention-days: 7 - path: | - express/dist - express/resources - express/src/views - express/assets/images - express/package*.json - express/manifest.yml diff --git a/.github/workflows/deploy-branch.yml b/.github/workflows/deploy-branch.yml index 03cd18ade..e8f10f3df 100644 --- a/.github/workflows/deploy-branch.yml +++ b/.github/workflows/deploy-branch.yml @@ -19,9 +19,11 @@ permissions: jobs: build-frontend-dependencies: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Build frontend runs-on: ubuntu-latest + environment: + name: demo outputs: artifact-name: ${{ steps.build.outputs.artifact-id }} steps: @@ -36,15 +38,15 @@ jobs: artifact-name: frontend-build-demo push-frontend-image: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Push frontend image needs: build-frontend-dependencies runs-on: ubuntu-latest - outputs: - image-uri: ${{ steps.push-image.outputs.image-uri }} environment: name: demo url: ${{ steps.push-image.outputs.image-url }} + outputs: + image-uri: ${{ steps.push-image.outputs.image-uri }} steps: - name: Login to GDS Dev Dynatrace Container Registry uses: docker/login-action@v3 @@ -61,19 +63,19 @@ jobs: aws-role-arn: ${{ vars.DEPLOYMENT_ROLE_ARN }} repository: ${{ vars.FRONTEND_CONTAINER_REPOSITORY_NAME }} image-tags: "${{ github.head_ref || github.ref_name }}" - dockerfile: Dockerfile + dockerfile: infrastructure/frontend/Dockerfile artifact-name: frontend-build-demo artifact-path: dist build-frontend-infrastructure: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Build frontend infrastructure needs: push-frontend-image runs-on: ubuntu-latest + environment: + name: demo outputs: template: ${{ steps.replace-placeholders.outputs.template }} - environment: - name: development steps: - name: Pull repository id: checkout @@ -104,7 +106,7 @@ jobs: path: .aws-sam/build deploy-frontend: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy frontend needs: [ build-frontend-infrastructure, deploy-api, deploy-cognito, deploy-dynamodb ] runs-on: ubuntu-latest @@ -156,10 +158,12 @@ jobs: printf "🌐 Deployment URL\n%s" "$url" >> "$GITHUB_STEP_SUMMARY" echo "url=$url" >> "$GITHUB_OUTPUT" - build-dynamo: - if: contains(github.event.head_commit.message, '[deploy]') == true + build-dynamodb: +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Build dynamodb runs-on: ubuntu-latest + environment: + name: demo outputs: artifact-name: ${{ steps.build.outputs.artifact-name }} cache-key: ${{ steps.build.outputs.cache-key }} @@ -168,18 +172,21 @@ jobs: id: build uses: govuk-one-login/github-actions/sam/build-application@6144f39407b01c9b25b39537b3956deca9e32620 # 22/02/2024 with: - template: backend/dynamodb/cognito.template.yml + template: backend/dynamodb/dynamodb.template.yml base-dir: backend/dynamodb source-dir: backend/dynamodb - cache-name: dynamodb-infra - artifact-name: dynamodb-infrastructure + cache-name: backend-dynamodb-infra + artifact-name: backend-dynamodb-infrastructure pull-repository: true deploy-dynamodb: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy dynamodb - needs: build-dynamo + needs: build-dynamodb runs-on: ubuntu-latest + environment: + name: demo + url: ${{ steps.deploy.outputs.stack-url }} outputs: stack-name: ${{ steps.build.outputs.stack-name }} stack-url: ${{ steps.build.outputs.stack-url }} @@ -202,6 +209,8 @@ jobs: disable-rollback: false stack-name-prefix: preview-dynamodb artifact-name: ${{ needs.build-dynamodb.outputs.artifact-name }} + artifact-path: .aws-sam/build + template: .aws-sam/build/template.yaml cache-name: ${{ needs.build-dynamodb.outputs.cache-key }} s3-prefix: sse-preview tags: |- @@ -214,9 +223,11 @@ jobs: DeploymentName=${{ steps.get-deployment-name.outputs.pretty-branch-name }} build-cognito: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Build cognito runs-on: ubuntu-latest + environment: + name: demo outputs: artifact-name: ${{ steps.build.outputs.artifact-name }} cache-key: ${{ steps.build.outputs.cache-key }} @@ -229,15 +240,18 @@ jobs: manifest: backend/cognito/package.json base-dir: backend/cognito source-dir: backend/cognito - cache-name: cognito-infra - artifact-name: cognito-infrastructure + cache-name: backend-cognito-infra + artifact-name: backend-cognito-infrastructure pull-repository: true deploy-cognito: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy cognito needs: build-cognito runs-on: ubuntu-latest + environment: + name: demo + url: ${{ steps.deploy.outputs.stack-url }} outputs: stack-name: ${{ steps.build.outputs.stack-name }} stack-url: ${{ steps.build.outputs.stack-url }} @@ -259,7 +273,9 @@ jobs: delete-failed-stack: true disable-rollback: false stack-name-prefix: preview-cognito - artifact-name: backend-cognito-infrastructure + artifact-name: ${{ needs.build-cognito.outputs.artifact-name }} + artifact-path: .aws-sam/build + template: .aws-sam/build/template.yaml cache-name: ${{ needs.build-cognito.outputs.cache-key }} s3-prefix: sse-preview tags: |- @@ -272,9 +288,11 @@ jobs: DeploymentName=${{ steps.get-deployment-name.outputs.pretty-branch-name }} build-api: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Build api runs-on: ubuntu-latest + environment: + name: demo outputs: artifact-name: ${{ steps.build.outputs.artifact-name }} cache-key: ${{ steps.build.outputs.cache-key }} @@ -288,15 +306,18 @@ jobs: base-dir: backend/api source-dir: backend/api additional-artifact-paths: backend/api/state-machines - cache-name: api-infra - artifact-name: api-infrastructure + cache-name: backend-api-infra + artifact-name: backend-api-infrastructure pull-repository: true deploy-api: - if: contains(github.event.head_commit.message, '[deploy]') == true +# if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy api needs: build-api runs-on: ubuntu-latest + environment: + name: demo + url: ${{ steps.deploy.outputs.stack-url }} outputs: stack-name: ${{ steps.build.outputs.stack-name }} stack-url: ${{ steps.build.outputs.stack-url }} @@ -318,7 +339,8 @@ jobs: delete-failed-stack: true disable-rollback: false stack-name-prefix: preview-api - artifact-name: backend-api-infrastructure + artifact-name: ${{ needs.build-api.outputs.artifact-name }} + template: .aws-sam/build/template.yaml cache-name: ${{ needs.build-api.outputs.cache-key }} s3-prefix: sse-preview tags: |- diff --git a/backend/api/api.template.yml b/backend/api/api.template.yml index 310b55f0e..0edd87253 100644 --- a/backend/api/api.template.yml +++ b/backend/api/api.template.yml @@ -366,7 +366,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/get-user.getUserHandler + Handler: src/handlers/dynamodb/get-user.getUserHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -401,7 +401,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/put-user.putUserHandler + Handler: src/handlers/dynamodb/put-user.putUserHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -436,7 +436,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/update-user.updateUserHandler + Handler: src/handlers/dynamodb/update-user.updateUserHandler Description: Updates user data in DynamoDB CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active @@ -474,7 +474,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/get-services.getServicesHandler + Handler: src/handlers/dynamodb/get-services.getServicesHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -509,7 +509,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/get-session-count.getSessionCountHandler + Handler: src/handlers/dynamodb/get-session-count.getSessionCountHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -544,7 +544,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/global-sign-out.globalSignOutHandler + Handler: src/handlers/dynamodb/global-sign-out.globalSignOutHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -579,7 +579,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/put-service.putServiceHandler + Handler: src/handlers/dynamodb/put-service.putServiceHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -609,7 +609,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/get-service-clients.getServiceClientsHandler + Handler: src/handlers/dynamodb/get-service-clients.getServiceClientsHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -644,7 +644,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/put-service-client.putServiceClientHandler + Handler: src/handlers/dynamodb/put-service-client.putServiceClientHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -673,7 +673,7 @@ Resources: # AWS SDK v3 dependencies are already included in the lambda runtime - "@aws-sdk/*" Properties: - Handler: backend/api/src/handlers/dynamodb/update-service.updateServiceHandler + Handler: src/handlers/dynamodb/update-service.updateServiceHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -704,7 +704,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/update-service-client.updateServiceClientHandler + Handler: src/handlers/dynamodb/update-service-client.updateServiceClientHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -734,7 +734,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/put-service-user.putServiceUserHandler + Handler: src/handlers/dynamodb/put-service-user.putServiceUserHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -765,7 +765,7 @@ Resources: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: Description: Assumes a cross-account role and invokes the Auth register Lambda - Handler: backend/api/src/handlers/auth/register-client.registerClientHandler + Handler: src/handlers/auth/register-client.registerClientHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -794,7 +794,7 @@ Resources: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: Description: Updates a client using an HTTP endpoint - Handler: backend/api/src/handlers/auth/update-client.updateClientInRegistryHandler + Handler: src/handlers/auth/update-client.updateClientInRegistryHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -824,7 +824,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/step-functions/new-service.newServiceHandler + Handler: src/handlers/step-functions/new-service.newServiceHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -860,7 +860,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/step-functions/new-client.newClientHandler + Handler: src/handlers/step-functions/new-client.newClientHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -896,7 +896,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/step-functions/update-client.doUpdateClientHandler + Handler: src/handlers/step-functions/update-client.doUpdateClientHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -931,7 +931,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/step-functions/update-service.doUpdateServiceHandler + Handler: src/handlers/step-functions/update-service.doUpdateServiceHandler Description: Updates service data in DynamoDB and Client Registry CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active @@ -1008,7 +1008,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/logging/sqs-service.sendSQSMessageToTxMAHandler + Handler: src/handlers/logging/sqs-service.sendSQSMessageToTxMAHandler Description: Sends a message to the TxMA SQS CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Policies: @@ -1230,7 +1230,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/dynamo-db-service.getDynamoDBEntriesHandler + Handler: src/handlers/dynamodb/dynamo-db-service.getDynamoDBEntriesHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -1265,7 +1265,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/dynamo-db-service.deleteDynamoDBClientEntriesHandler + Handler: src/handlers/dynamodb/dynamo-db-service.deleteDynamoDBClientEntriesHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: @@ -1300,7 +1300,7 @@ Resources: External: - "@aws-sdk/*" # AWS SDK v3 dependencies are already included in the lambda runtime Properties: - Handler: backend/api/src/handlers/dynamodb/dynamo-db-service.deleteDynamoDBServiceEntriesHandler + Handler: src/handlers/dynamodb/dynamo-db-service.deleteDynamoDBServiceEntriesHandler CodeSigningConfigArn: !If [ UseCodeSigning, !Ref CodeSigningConfigArn, !Ref AWS::NoValue ] Tracing: Active Policies: From 7bf3cc162411bd82be68171eb4106a9d5cefdc04 Mon Sep 17 00:00:00 2001 From: Andrew Hughes-Onslow Date: Tue, 23 Jul 2024 11:51:19 +0100 Subject: [PATCH 4/4] ATO-762: [deploy] Enabling deployment tag trigger. --- .github/workflows/deploy-branch.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploy-branch.yml b/.github/workflows/deploy-branch.yml index e8f10f3df..e7f749ab9 100644 --- a/.github/workflows/deploy-branch.yml +++ b/.github/workflows/deploy-branch.yml @@ -19,7 +19,7 @@ permissions: jobs: build-frontend-dependencies: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Build frontend runs-on: ubuntu-latest environment: @@ -38,7 +38,7 @@ jobs: artifact-name: frontend-build-demo push-frontend-image: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Push frontend image needs: build-frontend-dependencies runs-on: ubuntu-latest @@ -68,7 +68,7 @@ jobs: artifact-path: dist build-frontend-infrastructure: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Build frontend infrastructure needs: push-frontend-image runs-on: ubuntu-latest @@ -106,7 +106,7 @@ jobs: path: .aws-sam/build deploy-frontend: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy frontend needs: [ build-frontend-infrastructure, deploy-api, deploy-cognito, deploy-dynamodb ] runs-on: ubuntu-latest @@ -145,7 +145,6 @@ jobs: sse:deployment-source=github-actions sse:lifecycle=temporary parameters: |- - Environment=demo DeploymentName=${{ steps.get-deployment-name.outputs.pretty-branch-name }} - name: Get deployment URL @@ -159,7 +158,7 @@ jobs: echo "url=$url" >> "$GITHUB_OUTPUT" build-dynamodb: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Build dynamodb runs-on: ubuntu-latest environment: @@ -180,7 +179,7 @@ jobs: pull-repository: true deploy-dynamodb: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy dynamodb needs: build-dynamodb runs-on: ubuntu-latest @@ -223,7 +222,7 @@ jobs: DeploymentName=${{ steps.get-deployment-name.outputs.pretty-branch-name }} build-cognito: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Build cognito runs-on: ubuntu-latest environment: @@ -245,7 +244,7 @@ jobs: pull-repository: true deploy-cognito: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy cognito needs: build-cognito runs-on: ubuntu-latest @@ -288,7 +287,7 @@ jobs: DeploymentName=${{ steps.get-deployment-name.outputs.pretty-branch-name }} build-api: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Build api runs-on: ubuntu-latest environment: @@ -311,7 +310,7 @@ jobs: pull-repository: true deploy-api: -# if: contains(github.event.head_commit.message, '[deploy]') == true + if: contains(github.event.head_commit.message, '[deploy]') == true name: Deploy api needs: build-api runs-on: ubuntu-latest