Deploy Dev #1263
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Dev | |
on: | |
workflow_dispatch: | |
env: | |
DEPLOY_ENV: dev | |
NODE_VERSION: 18 | |
concurrency: | |
group: dev-deploy | |
jobs: | |
build-docker: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./backend | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to ACR | |
run: docker login ${{ secrets.ACR_REPO_URL }} -u ${{ secrets.ACR_ADMIN_USERNAME }} -p ${{ secrets.ACR_ADMIN_PASWORD }} | |
- name: Build and push Docker images | |
run: ./build_and_push.sh | |
build-db-client-docker: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./ops/services/container_instances/db_client/image | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to ACR | |
run: docker login ${{ secrets.ACR_REPO_URL }} -u ${{ secrets.ACR_ADMIN_USERNAME }} -p ${{ secrets.ACR_ADMIN_PASWORD }} | |
- name: Build and push Docker images | |
run: ./build_and_push.sh | |
prerelease-backend: | |
runs-on: ubuntu-latest | |
needs: [build-docker, build-db-client-docker] | |
defaults: | |
run: | |
working-directory: ./ops | |
env: # all Azure interaction is through Terraform | |
ARM_CLIENT_ID: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }} | |
ARM_CLIENT_SECRET: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }} | |
ARM_SUBSCRIPTION_ID: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }} | |
ARM_TENANT_ID: ${{ secrets.TERRAFORM_ARM_TENANT_ID }} | |
OKTA_API_TOKEN: ${{ secrets.OKTA_API_TOKEN_NONPROD }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: azure/login@v1 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- uses: hashicorp/[email protected] | |
with: | |
terraform_version: 1.3.3 | |
- name: Build ReportStream function app | |
uses: ./.github/actions/build-reportstream-functions | |
with: | |
deploy-env: ${{env.DEPLOY_ENV}} | |
- name: Terraform Init | |
run: make init-${{ env.DEPLOY_ENV }} | |
- name: Terraform deploy (infrastructure and staging slot) | |
run: make deploy-${{ env.DEPLOY_ENV }} | |
- name: Wait for correct commit to be deployed in staging slot | |
timeout-minutes: 5 | |
run: make wait-for-${{ env.DEPLOY_ENV }}-slot-commit | |
- name: Wait for staging deploy to be ready | |
timeout-minutes: 1 | |
run: make wait-for-${{ env.DEPLOY_ENV }}-slot-readiness | |
build-frontend: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/[email protected] | |
with: | |
node-version: ${{env.NODE_VERSION}} | |
- name: Use cache for node_modules | |
uses: actions/[email protected] | |
with: | |
path: | | |
./frontend/node_modules | |
key: npm-${{env.NODE_VERSION}}-${{ hashFiles('frontend/yarn.lock', 'frontend/package.json') }} | |
- uses: azure/login@v1 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- uses: ./.github/actions/build-frontend | |
name: Build front-end application | |
with: | |
deploy-env: ${{env.DEPLOY_ENV}} | |
smarty-streets-key: ${{ secrets.SMARTY_STREETS_KEY }} | |
client-tarball: ./client.tgz | |
okta-enabled: true | |
okta-url: https://hhs-prime.oktapreview.com | |
okta-client-id: 0oa1khbp5n2wTfe281d7 | |
- name: Save compiled frontend application | |
uses: actions/upload-artifact@v3 | |
if: success() | |
with: | |
name: frontend-tarball | |
path: client.tgz | |
retention-days: 1 | |
deploy: | |
runs-on: ubuntu-latest | |
environment: | |
name: Dev | |
url: https://dev.simplereport.gov | |
needs: [build-frontend, prerelease-backend] | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: azure/login@v1 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- name: Retrieve frontend build | |
uses: actions/download-artifact@v3 | |
with: | |
name: frontend-tarball | |
- name: Promote and deploy | |
uses: ./.github/actions/deploy-application | |
with: | |
client-tarball: client.tgz | |
deploy-env: ${{ env.DEPLOY_ENV }} | |
- name: Sendgrid maintenance banner deploy | |
uses: ./.github/actions/maintenance-banner-deploy | |
with: | |
active: "true" | |
header: "Dev Notice:" | |
message: "This environment has email delivery enabled. Do not use real email addresses." | |
env: ${{ env.DEPLOY_ENV }} |