release-infrastructure #87
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Put action within a raw block so that the curly bracket expressions aren't picked up by the cookiecutter | ||
| # | ||
| name: release-infrastructure | ||
| on: | ||
| push: | ||
| tags: | ||
| - release-dev-** | ||
| - release-preprod-** | ||
| workflow_run: | ||
| workflows: [build-push] | ||
| types: [completed] | ||
| branches: [main] | ||
| jobs: | ||
| set-vars: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| app-name: ${{ steps.export.outputs.app-name }} | ||
| ec2-instance-type: ${{ steps.export.outputs.ec2-instance-type }} | ||
| version: ${{ steps.export.outputs.version }} | ||
| repo: ${{ steps.export.outputs.repo }} | ||
| infra-config-repo: ${{ steps.export.outputs.infra-config-repo }} | ||
| environment: ${{ steps.env-var.outputs.environment }} | ||
| ecr-repo: ${{ steps.export.outputs.ecr-repo }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - id: export | ||
| run: | | ||
| . ./.github/.github.env | ||
| echo "ec2-instance-type=${EC2_INSTANCE_TYPE}" >> $GITHUB_OUTPUT | ||
| echo "app-name=${APP_NAME}" >> $GITHUB_OUTPUT | ||
| echo "aws-region=${AWS_REGION}" >> $GITHUB_OUTPUT | ||
| echo "version=${VERSION}" >> $GITHUB_OUTPUT | ||
| echo "data-path=${DATA_PATH}" >> $GITHUB_OUTPUT | ||
| echo "repo=${REPO}" >> $GITHUB_OUTPUT | ||
| echo "infra-config-repo=${INFRA_CONFIG_REPO}" >> $GITHUB_OUTPUT | ||
| echo "ecr-repo=${ECR_REPO}" >> $GITHUB_OUTPUT | ||
| echo "::add-mask::${AWS_REGION}" | ||
| - id: env-var | ||
| run: | | ||
| # prod env from main branch | ||
| if [[ "${{ github.ref_name }}" == main ]]; then | ||
| export ENVIRONMENT=prod | ||
| else | ||
| export ENVIRONMENT=$(echo ${{ github.ref_name }} | awk -F- '{ print $2 }') | ||
| fi | ||
| echo "environment=${ENVIRONMENT}" | ||
| echo "environment=${ENVIRONMENT}" >> $GITHUB_OUTPUT | ||
| start-runner: | ||
| uses: i-dot-ai/i-dot-ai-core-github-actions/.github/workflows/start-runner.yml@main | ||
| needs: set-vars | ||
| permissions: write-all | ||
| with: | ||
| EC2_INSTANCE_TYPE: ${{ needs.set-vars.outputs.ec2-instance-type }} | ||
| RUNNER_SIZE: ${{ needs.set-vars.outputs.runner-size }} | ||
| ENVIRONMENT: ${{ needs.set-vars.outputs.environment }} | ||
| USE_OIDC: true | ||
| secrets: | ||
| AWS_GITHUBRUNNER_USER_ACCESS_KEY: ${{ secrets.AWS_GITHUBRUNNER_USER_ACCESS_KEY }} | ||
| AWS_GITHUBRUNNER_USER_SECRET_ID: ${{ secrets.AWS_GITHUBRUNNER_USER_SECRET_ID }} | ||
| AWS_GITHUBRUNNER_PAT: ${{ secrets.AWS_GITHUBRUNNER_PAT}} | ||
| AWS_REGION: ${{ secrets.AWS_REGION }} | ||
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | ||
| apply-infra: | ||
| needs: | ||
| - set-vars | ||
| - start-runner | ||
| permissions: write-all | ||
| uses: i-dot-ai/i-dot-ai-core-github-actions/.github/workflows/apply-terraform.yml@main | ||
|
Check warning on line 77 in .github/workflows/release.yml
|
||
| with: | ||
| APP_NAME: ${{ needs.set-vars.outputs.app-name }} | ||
| RUNNER_LABEL: ${{ needs.start-runner.outputs.label }} | ||
| ENVIRONMENT: ${{ needs.set-vars.outputs.environment }} | ||
| ECR_REPO: ${{ needs.set-vars.outputs.ecr-repo }} | ||
| PUBLIC_INFRA_DEPLOYMENT: false | ||
| IMAGE_TAG: ${{ github.sha }} | ||
| USE_OIDC: true | ||
| secrets: | ||
| AWS_GITHUBRUNNER_PAT: ${{ secrets.AWS_GITHUBRUNNER_PAT }} | ||
| AWS_GITHUBRUNNER_PAT_USER: ${{ secrets.AWS_GITHUBRUNNER_PAT_USER }} | ||
| AWS_REGION: ${{ secrets.AWS_REGION }} | ||
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | ||
| notify-slack: | ||
| uses: i-dot-ai/i-dot-ai-core-github-actions/.github/workflows/slack-notify.yml@main | ||
| needs: | ||
| - set-vars | ||
| - start-runner | ||
| - apply-infra | ||
| with: | ||
| RUNNER_LABEL: ${{ needs.start-runner.outputs.label }} | ||
| WORKFLOW_PASSED: "${{ needs.apply-infra.result == 'success' }}" | ||
| SUCCESS_PAYLOAD: '{"blocks":[{"type":"header","text":{"type":"plain_text","text":":airplane: ${{ github.repository }} - Deployment to ${{ needs.set-vars.outputs.environment }} Succeeded :large_green_circle:"}},{"type":"section","text":{"type":"mrkdwn","text":"${{ github.sha }} successfully deployed to ${{ needs.set-vars.outputs.environment }}"}}]}' | ||
| FAILURE_PAYLOAD: '{"blocks":[{"type":"header","text":{"type":"plain_text","text":":x: ${{ github.repository }} - Deployment to ${{ needs.set-vars.outputs.environment }} Failed :x:"}},{"type":"section","text":{"type":"mrkdwn","text":"${{ github.sha }} failed to deploy to ${{ needs.set-vars.outputs.environment }}"}}]}' | ||
| secrets: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | ||
| stop-runner: | ||
| needs: | ||
| - set-vars | ||
| - start-runner | ||
| - apply-infra | ||
| - notify-slack | ||
| permissions: write-all | ||
| uses: i-dot-ai/i-dot-ai-core-github-actions/.github/workflows/stop-runner.yml@main | ||
|
Check warning on line 113 in .github/workflows/release.yml
|
||
| if: needs.start-runner.outputs.use-persisted == 0 && always() | ||
| with: | ||
| RUNNER_LABEL: ${{ needs.start-runner.outputs.label }} | ||
| EC2_INSTANCE_ID: ${{ needs.start-runner.outputs.ec2-instance-id }} | ||
| ENVIRONMENT: ${{ needs.set-vars.outputs.environment }} | ||
| USE_OIDC: true | ||
| secrets: | ||
| AWS_GITHUBRUNNER_USER_ACCESS_KEY: ${{ secrets.AWS_GITHUBRUNNER_USER_ACCESS_KEY }} | ||
| AWS_GITHUBRUNNER_USER_SECRET_ID: ${{ secrets.AWS_GITHUBRUNNER_USER_SECRET_ID }} | ||
| AWS_GITHUBRUNNER_PAT: ${{ secrets.AWS_GITHUBRUNNER_PAT }} | ||
| AWS_REGION: ${{ secrets.AWS_REGION }} | ||
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | ||
| # | ||
