deploy #224
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| on: | |
| workflow_run: | |
| workflows: | |
| - check | |
| types: | |
| - completed | |
| branches: | |
| - master | |
| # Ensures that only one deploy task per branch/environment will run at a time. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| org-formation: | |
| if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get role session name | |
| uses: bhowell2/github-substring-action@1.0.2 | |
| id: role-session-name | |
| with: | |
| value: GitHubActions-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} | |
| length_from_end: 64 | |
| - uses: actions/checkout@v3 | |
| - name: Assume AWS Role | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: us-east-1 | |
| role-to-assume: arn:aws:iam::531805629419:role/sagebase-github-oidc-sage-bionetworks-it | |
| role-session-name: ${{ steps.role-session-name.outputs.substring }} | |
| role-duration-seconds: 1200 | |
| - name: Use Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: Cache node modules | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-node-modules | |
| with: | |
| # npm cache files are stored in `~/.npm` on Linux/macOS | |
| path: ~/.npm | |
| key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-${{ env.cache-name }}- | |
| ${{ runner.os }}-build- | |
| ${{ runner.os }}- | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Generate AWS CDK bootstrap template | |
| run: npm run generate-cdk-bootstrap-template | |
| - name: Add EnableKeyRotation property to CDK assets key | |
| run: npm run patch-cdk-bootstrap-template | |
| - name: Validate ofn templates | |
| run: npm run validate-tasks | |
| - name: Validate with print-task | |
| run: npm run print-tasks-failfast | |
| - name: Deploy with ofn | |
| run: npm run ci-perform-tasks-parallel | |
| # Map a step output to a job output | |
| outputs: | |
| role-session-name: ${{ steps.role-session-name.outputs.substring }} | |
| sceptre-organizations: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::531805629419:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/organizations" | |
| sceptre-admincentral: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::745159704268:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/admincentral" | |
| sceptre-itsandbox: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::804034162148:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/itsandbox" | |
| sceptre-scicomp: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::055273631518:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/scicomp" | |
| sceptre-strides: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::423819316185:role/github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/strides" | |
| sceptre-strides-ampad-workflows: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::751556145034:role/github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/strides-ampad-workflows" | |
| sceptre-scipooldev: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::465877038949:role/sagebase-github-oidc-sage-bionetworks-it" | |
| working-dir: "sceptre/scipool" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| sceptre-command: "sceptre launch develop --prune --yes" | |
| sceptre-scipoolprod: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-scipool.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::237179673806:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/scipool" | |
| sceptre-stridespool: | |
| needs: [org-formation, sceptre-strides] | |
| uses: "./.github/workflows/aws-scipool.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::423819316185:role/github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/scipool" | |
| sceptre-command: "sceptre launch strides --prune --yes" | |
| sceptre-bmgfki: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-scipool.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::464102568320:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/scipool" | |
| sceptre-command: "sceptre launch bmgfki --prune --yes" | |
| sceptre-sageit-staging: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::797640923903:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/sageit" | |
| sceptre-command: "sceptre launch staging --prune --yes" | |
| sceptre-sageit-prod: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::797640923903:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/sageit" | |
| sceptre-logcentral: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::231505186444:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/logcentral" | |
| sceptre-synapsedev: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::449435941126:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/synapsedev" | |
| sceptre-synapseprod: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::325565585839:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/synapseprod" | |
| sceptre-bridgedev: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::420786776710:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/bridge" | |
| sceptre-command: "sceptre launch develop --prune --yes" | |
| sceptre-bridgeprod: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::649232250620:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/bridge" | |
| sceptre-imagecentral: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::867686887310:role/sagebase-github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/imagecentral" | |
| sceptre-aws-opendata: | |
| needs: [org-formation] | |
| uses: "./.github/workflows/aws-deploy.yaml" | |
| with: | |
| role-to-assume: "arn:aws:iam::373143421983:role/github-oidc-sage-bionetworks-it" | |
| role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
| working-dir: "sceptre/aws-opendata" |