Correcting key documentation #119
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Deploy | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| - main | |
| - prod | |
| jobs: | |
| #TODO: Get rid of set-output | |
| # https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ | |
| PrepareEnvironment: | |
| name: Prepare Environment | |
| runs-on: ubuntu-latest | |
| outputs: | |
| environment: ${{ steps.set_env.outputs.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set Environment Name | |
| id: set_env | |
| working-directory: ./iac/scripts | |
| run: | | |
| # Install jq | |
| sudo apt-get install -y jq | |
| chmod +x get-branch-environment.sh | |
| # Call the script and save the output to a variable | |
| environment_name=$(./get-branch-environment.sh \ | |
| ../../.github/branch-environment-map.json \ | |
| ) | |
| # Set the output | |
| echo "::set-output name=environment::[\"$environment_name\"]" | |
| - name: Print environment output | |
| run: echo "${{ steps.set_env.outputs.environment }}" | |
| BuildAndPush: | |
| name: Build and Push Docker Image | |
| needs: PrepareEnvironment | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| environment: ${{fromJson(needs.PrepareEnvironment.outputs.environment)}} | |
| environment: ${{ matrix.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Build and Push Docker Image | |
| uses: ./.github/actions/container-build | |
| with: | |
| aws_region: ${{ vars.AWS_REGION }} | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| ecr_url: ${{ vars.ECR_URL }} | |
| RunTerraform: | |
| name: Run Terraform | |
| needs: | |
| - PrepareEnvironment | |
| - BuildAndPush | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| environment: ${{fromJson(needs.PrepareEnvironment.outputs.environment)}} | |
| environment: ${{ matrix.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| #TODO: Add dynamic action outputs for being able | |
| # to get values from terraform output so that we can present | |
| # them in the summary | |
| - name: Run Terraform Action | |
| id: terraform_action | |
| uses: ./.github/actions/run-terraform | |
| with: | |
| aws_region: ${{ vars.AWS_REGION }} | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| terraform_dir: ./iac/terraform/app | |
| init_options: | | |
| -backend-config="backend-${{ matrix.environment }}.hcl" | |
| # TODO: Add reusable input for plan_and_apply_options | |
| plan_options: | | |
| -var="environment=${{ matrix.environment }}" \ | |
| -var="app_version=${{ github.sha }}" \ | |
| -var="container_image=${{ vars.ECR_URL }}:${{ github.sha }}" \ | |
| -var="database_password=${{ secrets.RDS_MASTER_PASSWORD }}" | |
| apply_options: | | |
| -var="environment=${{ matrix.environment }}" \ | |
| -var="app_version=${{ github.sha }}" \ | |
| -var="container_image=${{ vars.ECR_URL }}:${{ github.sha }}" \ | |
| -var="database_password=${{ secrets.RDS_MASTER_PASSWORD }}" \ | |
| -auto-approve | |
| - name: Tag the deployment | |
| working-directory: ./iac/scripts | |
| run: | | |
| chmod +x ./deployment-tagger.sh | |
| ./deployment-tagger.sh tag \ | |
| --current \ | |
| --date | |
| - name: Add to build summary | |
| shell: bash | |
| run: | | |
| terraform_output='${{ steps.terraform_action.outputs.terraform_output }}' | |
| lb_url=$(echo "$terraform_output" | jq -r '.lb_url.value') | |
| echo "LB URL: $lb_url" | |
| echo "🌐 [Application URL]($lb_url/metadata)" >> $GITHUB_STEP_SUMMARY | |
| PromotionPR: | |
| if: ${{ needs.PrepareEnvironment.outputs.environment != '["prod"]' }} | |
| name: Create promotion PR | |
| needs: | |
| - PrepareEnvironment | |
| - RunTerraform | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| environment: ${{fromJson(needs.PrepareEnvironment.outputs.environment)}} | |
| environment: ${{ matrix.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Create promotion PR | |
| working-directory: ./iac/scripts | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| echo "Installing jq..." | |
| sudo apt-get install -y jq | |
| chmod +x get-branch-promotions.sh | |
| # Check if the command was successful | |
| echo "Getting promotion path..." | |
| branch_promoting_to=$( | |
| ./get-branch-promotions.sh \ | |
| ../../.github/branch-promotion-map.json \ | |
| ) | |
| # Check if the command was successful | |
| if [ $? -ne 0 ]; then | |
| echo "No branch to promote. Exiting gracefully." | |
| exit 0 | |
| fi | |
| current_branch=$(git rev-parse --abbrev-ref HEAD) | |
| echo "Current branch: $current_branch" | |
| echo "Checking if the PR already exists for branch: ${branch_promoting_to}" | |
| pr_number=$(gh pr list --base "$branch_promoting_to" --json number --jq '.[0].number') | |
| echo "PR number: $pr_number" | |
| if [ -n "$pr_number" ]; then | |
| # Checkout the PR branch and update it if the PR already exists | |
| echo "Updating the existing PR ($pr_number)" | |
| gh pr checkout "$pr_number" | |
| git merge "$current_branch" --no-edit | |
| git push | |
| else | |
| # Create a new PR if it doesn't exist | |
| echo "Creating a new PR..." | |
| echo "Creating PR..." | |
| gh pr \ | |
| create \ | |
| --title "Merge $current_branch into $branch_promoting_to" \ | |
| --body "Changes bellow:" \ | |
| --head "$current_branch" \ | |
| --base "$branch_promoting_to" | |
| echo "PR created" | |
| fi | |
| pr_number=$(gh pr list --base "$branch_promoting_to" --json number --jq '.[0].number') | |
| pr_url="https://github.com/${{ github.repository }}/pull/${pr_number}" | |
| pr_md_link="[Promote these changes to $branch_promoting_to]($pr_url)" | |
| echo "🚀 $pr_md_link" >> $GITHUB_STEP_SUMMARY |