Migrate gcp wif #3954
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and deploy to AKS cluster | |
on: | |
push: | |
branches: [master] | |
pull_request: | |
types: [labeled, opened, reopened, synchronize] | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: "Deploy environment" | |
required: true | |
type: choice | |
default: review | |
options: | |
- review | |
- test | |
- production | |
docker-image-tag: | |
description: "Docker image tag to deploy (optional)" | |
required: true | |
type: string | |
pull-request-number: | |
description: "Pull request number (required for review environment)" | |
required: false | |
type: string | |
concurrency: deploy-${{ github.ref }} | |
permissions: | |
packages: write | |
pull-requests: write | |
jobs: | |
build: | |
if: ${{ github.event_name != 'workflow_dispatch' }} | |
runs-on: ubuntu-latest | |
outputs: | |
docker-image-tag: ${{ steps.build-image.outputs.tag }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Build and push docker image | |
id: build-image | |
uses: DFE-Digital/github-actions/build-docker-image@master | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
target: web | |
context: . | |
snyk-token: ${{ secrets.SNYK_TOKEN }} | |
deploy_review: | |
name: Deploy to review environment | |
concurrency: deploy_review_${{ github.event.pull_request.number }} | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
needs: [build] | |
environment: | |
name: review | |
permissions: | |
pull-requests: write | |
id-token: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: ./.github/actions/deploy-environment | |
id: deploy | |
with: | |
environment: review | |
docker-image: ${{ needs.build.outputs.docker-image-tag }} | |
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }} | |
pull-request-number: ${{ github.event.pull_request.number }} | |
aks-namespace: srtl-development | |
aks-deployment: claim-additional-payments-for-teaching-review-${{ github.event.pull_request.number }} | |
prepare-database: ${{ github.event.pull_request.number != '' }} | |
- name: Post comment to Pull Request ${{ github.event.number }} | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: marocchino/sticky-pull-request-comment@v2 | |
with: | |
header: aks | |
message: | | |
### Deployments | |
| Journey | URL | | |
| ------------------- | -------------------------------------------------------------------| | |
| Additional Payments | <${{ env.APP_URL }}/additional-payments/claim> | | |
| Student Loans | <${{ env.APP_URL }}/student-loans/claim> | | |
| Further Education | <${{ env.APP_URL }}/further-education-payments/landing-page> | | |
| Early Years Payment | <${{ env.APP_URL }}/early-years-payment/landing-page> | | |
| Relocation Payments | <${{ env.APP_URL }}/get-a-teacher-relocation-payment/landing-page> | | |
| Admin | <${{ env.APP_URL }}/admin> | | |
deploy: | |
name: Deploy to ${{ matrix.environment }} | |
runs-on: ubuntu-latest | |
concurrency: deploy_${{ matrix.environment }} | |
if: github.ref == 'refs/heads/master' && github.event_name == 'push' | |
needs: [build] | |
environment: | |
name: ${{ matrix.environment }} | |
url: ${{ steps.deploy.outputs.environment_url }} | |
outputs: | |
environment_url: ${{ steps.deploy.outputs.environment_url }} | |
strategy: | |
max-parallel: 1 | |
matrix: | |
environment: [test, production] | |
permissions: | |
id-token: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: azure/login@v2 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- uses: ./.github/actions/deploy-environment | |
id: deploy | |
with: | |
environment: ${{ matrix.environment }} | |
docker-image: ${{ needs.build.outputs.docker-image-tag }} | |
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }} | |
aks-namespace: srtl-${{ matrix.environment }} | |
aks-deployment: claim-additional-payments-for-teaching-${{ matrix.environment }} | |
- name: Install Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- name: Run smoke tests | |
shell: bash | |
run: bundle exec rspec spec/smoke -t smoke:true -b | |
env: | |
RAILS_ENV: test | |
SMOKE_TEST_APP_HOST: ${{ vars.SMOKE_TEST_APP_HOST }} | |
BASIC_AUTH_USERNAME: ${{ secrets.BASIC_AUTH_USERNAME }} | |
BASIC_AUTH_PASSWORD: ${{ secrets.BASIC_AUTH_PASSWORD }} | |
- name: Notify on failure | |
if: failure() | |
uses: rtCamp/action-slack-notify@master | |
env: | |
SLACK_COLOR: failure | |
SLACK_TITLE: Failure deploying release to ${{ matrix.environment }} | |
SLACK_MESSAGE: | |
Failure deploying release to ${{ matrix.environment }} - Docker tag ${{ needs.build.outputs.docker-image-tag | |
}} | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} | |
manual_deploy: | |
name: Deploy to ${{ inputs.environment }} | |
if: ${{ github.event_name == 'workflow_dispatch' }} | |
runs-on: ubuntu-latest | |
concurrency: deploy_${{ inputs.environment }} | |
environment: | |
name: ${{ inputs.environment }} | |
url: ${{ steps.deploy_manual.outputs.environment_url }} | |
outputs: | |
environment_url: ${{ steps.deploy_manual.outputs.environment_url }} | |
permissions: | |
id-token: write | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: azure/login@v2 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- name: Set env vars | |
shell: bash | |
run: | | |
if [ ${{ inputs.environment }} == 'review' ]; then | |
AKS_NAMESPACE=srtl-development | |
AKS_DEPLOYMENT=claim-additional-payments-for-teaching-review-${{ inputs.pull-request-number }} | |
else | |
AKS_NAMESPACE=srtl-${{ inputs.environment }} | |
AKS_DEPLOYMENT=claim-additional-payments-for-teaching-${{ inputs.environment }} | |
fi | |
echo "AKS_NAMESPACE=$AKS_NAMESPACE" >> $GITHUB_ENV | |
echo "AKS_DEPLOYMENT=$AKS_DEPLOYMENT" >> $GITHUB_ENV | |
- uses: ./.github/actions/deploy-environment | |
id: deploy_manual | |
with: | |
environment: ${{ inputs.environment }} | |
docker-image: ${{ inputs.docker-image-tag }} | |
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }} | |
aks-namespace: ${{ env.AKS_NAMESPACE }} | |
aks-deployment: ${{ env.AKS_DEPLOYMENT }} | |
pull-request-number: ${{ inputs.pull-request-number }} | |
- name: Install Ruby | |
if: ${{ inputs.environment != 'review' }} | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- name: Run smoke tests | |
if: ${{ inputs.environment != 'review' }} | |
shell: bash | |
run: bundle exec rspec spec/smoke -t smoke:true -b | |
env: | |
RAILS_ENV: test | |
SMOKE_TEST_APP_HOST: ${{ vars.SMOKE_TEST_APP_HOST }} | |
BASIC_AUTH_USERNAME: ${{ secrets.BASIC_AUTH_USERNAME }} | |
BASIC_AUTH_PASSWORD: ${{ secrets.BASIC_AUTH_PASSWORD }} |