Skip to content
This repository has been archived by the owner on Dec 12, 2024. It is now read-only.

Commit

Permalink
FS-3797 Fix workflow following review
Browse files Browse the repository at this point in the history
  • Loading branch information
@robk-dluhc
robk-dluhc committed Nov 29, 2023
1 parent 88a226f commit 40deb6f
Showing 1 changed file with 155 additions and 32 deletions.
187 changes: 155 additions & 32 deletions .github/workflows/copilot_deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,23 +141,18 @@ jobs:
run: |
copilot svc deploy --env ${{ matrix.value }} --app pre-award
sandbox_deploy:
dev_deploy:
if: ${{ needs.copilot_environments_workflow_setup.outputs.pre_matrix != '' && toJson(fromJson(needs.copilot_environments_workflow_setup.outputs.pre_matrix)) != '[]' }}
concurrency:
group: 'fsd-preaward-copilot-sandbox-${{ matrix.value }}'
group: 'fsd-preaward-copilot-sandbox-dev'
cancel-in-progress: false
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
needs: [ tag_version, pre_deploy_tests, paketo_build, copilot_environments_workflow_setup ]
runs-on: ubuntu-latest
continue-on-error: true
strategy:
max-parallel: 1
matrix:
value: ${{ fromJSON(needs.copilot_environments_workflow_setup.outputs.pre_matrix) }}
fail-fast: false
environment: ${{ matrix.value }}
environment: dev
steps:
- name: Git clone the repository
uses: actions/checkout@v4
Expand All @@ -171,7 +166,7 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy
role-session-name: ACCOUNT_STORE_${{ matrix.value }}_COPILOT_${{ steps.currentdatetime.outputs.datetime }}
role-session-name: ACCOUNT_STORE_DEV_COPILOT_${{ steps.currentdatetime.outputs.datetime }}
aws-region: eu-west-2

- name: Install AWS Copilot CLI
Expand All @@ -182,7 +177,7 @@ jobs:
- name: confirm copilot env
shell: bash
run: |
if [ $(copilot env ls) != "${{ matrix.value }}" ]; then
if [ $(copilot env ls) != "dev" ]; then
echo $(copilot env ls)
exit 1
fi
Expand All @@ -198,42 +193,34 @@ jobs:
- name: Run database migrations
run: scripts/migration-task-script.py ${{ matrix.value }} fsd-account-store

- name: Copilot ${{ matrix.value }} deploy
- name: Copilot dev deploy
id: deploy_build
run: |
copilot svc deploy --env ${{ matrix.value }} --app pre-award
copilot svc deploy --env dev --app pre-award
# Can we realistically run E2E at this stage, or just plump for application on the grounds it checks account-store is operational?
post_deploy_tests:
needs: sandbox_deploy
if: inputs.environment == 'test' || inputs.environment == 'dev' || inputs.environment == ''
post_dev_deploy_tests:
needs: dev_deploy
secrets:
FSD_GH_APP_ID: ${{ secrets.FSD_GH_APP_ID }}
FSD_GH_APP_KEY: ${{ secrets.FSD_GH_APP_KEY }}
uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main
with:
run_performance_tests: ${{ inputs.run_performance_tests || false }}
run_e2e_tests: ${{ inputs.run_e2e_tests || true }}
app_name: application
environment: ${{ inputs.environment == '' && 'test' || inputs.environment }}
environment: dev

release_deploy:
test_deploy:
if: ${{ needs.copilot_environments_workflow_setup.outputs.post_matrix != '' && toJson(fromJson(needs.copilot_environments_workflow_setup.outputs.post_matrix)) != '[]' }}
concurrency:
group: 'fsd-preaward-copilot-release-${{ matrix.value }}'
group: 'fsd-preaward-copilot-release-test'
cancel-in-progress: false
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
needs: [ tag_version, post_deploy_tests, paketo_build, copilot_environments_workflow_setup ]
needs: [ tag_version, post_dev_deploy_tests, paketo_build, copilot_environments_workflow_setup ]
runs-on: ubuntu-latest
continue-on-error: true
strategy:
max-parallel: 1
matrix:
value: ${{ fromJSON(needs.copilot_environments_workflow_setup.outputs.post_matrix) }}
fail-fast: false
environment: ${{ matrix.value }}
environment: test
steps:
- name: Git clone the repository
uses: actions/checkout@v4
Expand All @@ -247,7 +234,7 @@ jobs:
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy
role-session-name: ACCOUNT_STORE_${{ matrix.value }}_COPILOT_${{ steps.currentdatetime.outputs.datetime }}
role-session-name: ACCOUNT_STORE_TEST_COPILOT_${{ steps.currentdatetime.outputs.datetime }}
aws-region: eu-west-2

- name: Install AWS Copilot CLI
Expand All @@ -258,7 +245,7 @@ jobs:
- name: confirm copilot env
shell: bash
run: |
if [ $(copilot env ls) != "${{ matrix.value }}" ]; then
if [ $(copilot env ls) != "test" ]; then
echo $(copilot env ls)
exit 1
fi
Expand All @@ -272,9 +259,145 @@ jobs:
yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-account-store:${{ github.ref_name == 'main' && 'latest' || needs.tag_version.outputs.version_to_tag }}"' copilot/fsd-account-store/manifest.yml
- name: Run database migrations
run: scripts/migration-task-script.py ${{ matrix.value }} fsd-account-store
run: scripts/migration-task-script.py test fsd-account-store

- name: Copilot ${{ matrix.value }} deploy
- name: Copilot test deploy
id: deploy_build
run: |
copilot svc deploy --env ${{ matrix.value }} --app pre-award
copilot svc deploy --env test --app pre-award
post_test_deploy_tests:
needs: test_deploy
secrets:
FSD_GH_APP_ID: ${{ secrets.FSD_GH_APP_ID }}
FSD_GH_APP_KEY: ${{ secrets.FSD_GH_APP_KEY }}
uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main
with:
run_performance_tests: ${{ inputs.run_performance_tests || false }}
run_e2e_tests: ${{ inputs.run_e2e_tests || true }}
environment: test

uat_deploy:
if: ${{ needs.copilot_environments_workflow_setup.outputs.post_matrix != '' && toJson(fromJson(needs.copilot_environments_workflow_setup.outputs.post_matrix)) != '[]' }}
concurrency:
group: 'fsd-preaward-copilot-release-uat'
cancel-in-progress: false
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
needs: [ tag_version, post_test_deploy_tests, paketo_build, copilot_environments_workflow_setup ]
runs-on: ubuntu-latest
continue-on-error: true
environment: uat
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- name: Get current date
shell: bash
id: currentdatetime
run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT

- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy
role-session-name: ACCOUNT_STORE_UAT_COPILOT_${{ steps.currentdatetime.outputs.datetime }}
aws-region: eu-west-2

- name: Install AWS Copilot CLI
shell: bash
run: |
curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot
- name: confirm copilot env
shell: bash
run: |
if [ $(copilot env ls) != "uat" ]; then
echo $(copilot env ls)
exit 1
fi
- name: Inject Git SHA into manifest
run: |
yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-account-store/manifest.yml
- name: Inject replacement image into manifest
run: |
yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-account-store:${{ github.ref_name == 'main' && 'latest' || needs.tag_version.outputs.version_to_tag }}"' copilot/fsd-account-store/manifest.yml
- name: Run database migrations
run: scripts/migration-task-script.py uat fsd-account-store

- name: Copilot uat deploy
id: deploy_build
run: |
copilot svc deploy --env uat --app pre-award
post_uat_deploy_tests:
needs: uat_deploy
secrets:
FSD_GH_APP_ID: ${{ secrets.FSD_GH_APP_ID }}
FSD_GH_APP_KEY: ${{ secrets.FSD_GH_APP_KEY }}
uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main
with:
run_performance_tests: ${{ inputs.run_performance_tests || false }}
run_e2e_tests: ${{ inputs.run_e2e_tests || true }}
environment: uat

production_deploy:
if: ${{ needs.copilot_environments_workflow_setup.outputs.post_matrix != '' && toJson(fromJson(needs.copilot_environments_workflow_setup.outputs.post_matrix)) != '[]' }}
concurrency:
group: 'fsd-preaward-copilot-release-production'
cancel-in-progress: false
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
needs: [ tag_version, post_uat_deploy_tests, paketo_build, copilot_environments_workflow_setup ]
runs-on: ubuntu-latest
continue-on-error: true
environment: production
steps:
- name: Git clone the repository
uses: actions/checkout@v4

- name: Get current date
shell: bash
id: currentdatetime
run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT

- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy
role-session-name: ACCOUNT_STORE_PRODUCTION_COPILOT_${{ steps.currentdatetime.outputs.datetime }}
aws-region: eu-west-2

- name: Install AWS Copilot CLI
shell: bash
run: |
curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot
- name: confirm copilot env
shell: bash
run: |
if [ $(copilot env ls) != "production" ]; then
echo $(copilot env ls)
exit 1
fi
- name: Inject Git SHA into manifest
run: |
yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-account-store/manifest.yml
- name: Inject replacement image into manifest
run: |
yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-account-store:${{ github.ref_name == 'main' && 'latest' || needs.tag_version.outputs.version_to_tag }}"' copilot/fsd-account-store/manifest.yml
- name: Run database migrations
run: scripts/migration-task-script.py production fsd-account-store

- name: Copilot production deploy
id: deploy_build
run: |
copilot svc deploy --env production --app pre-award

0 comments on commit 40deb6f

Please sign in to comment.