Skip to content

Deploy to environment #761

Deploy to environment

Deploy to environment #761

name: Deploy to environment
on:
push:
branches:
- main
- staging
workflow_dispatch:
inputs:
environment:
type: environment
description: "Choose an environment to deploy to"
default: dev
required: true
concurrency:
group: ${{ github.workflow }}-${{ github.event.inputs.environment }}-${{ github.ref_name }}
jobs:
set-env:
name: Determine environment
runs-on: ubuntu-latest
outputs:
environment: ${{ steps.environment.outputs.environment }}
branch: ${{ steps.branch.outputs.branch }}
release: ${{ steps.release.outputs.release }}
checked-out-sha: ${{ steps.sha.outputs.checked-out-sha }}
steps:
- name: Checkout
uses: actions/checkout@v4
- id: sha
name: Set SHA
run: |
CHECKED_OUT_SHA="$(git log -1 '--format=format:%H')"
echo "checked-out-sha=${CHECKED_OUT_SHA}" >> $GITHUB_OUTPUT
- id: branch
name: Set branch name
run: |
GIT_REF=${{ github.ref_name }}
GIT_BRANCH=${GIT_REF##*/}
echo "branch=$GIT_BRANCH" >> $GITHUB_OUTPUT
- id: environment
name: Set default environment
run: |
BRANCH=${{ steps.branch.outputs.branch }}
ENVIRONMENT=${{ github.event.inputs.environment }}
# If no target environment is defined...
if [[ -z $ENVIRONMENT ]];
then
# Then it must be a Push event trigger
if [[ $BRANCH == 'main' ]];
then
# Set target environment to production
ENVIRONMENT='production'
elif [[ $BRANCH == 'staging' ]];
then
# Set target environment to staging
ENVIRONMENT='staging'
else
# Only main and staging branches can auto-deploy via push trigger
# Exit with failure
echo "Only 'main' and 'staging' branches can be deployed via a push trigger"
exit 1
fi
fi
echo "environment=${ENVIRONMENT,,}" >> $GITHUB_OUTPUT
- id: release
name: Set release name
run: |
RELEASE=${{ steps.environment.outputs.environment }}-`date +%Y-%m-%d`.${{ github.run_number }}
echo "release=${RELEASE}" >> $GITHUB_OUTPUT
deploy-image:
permissions:
id-token: write
contents: read
packages: write
name: Deploy '${{ needs.set-env.outputs.branch }}' to ${{ needs.set-env.outputs.environment }}
needs: [ set-env ]
strategy:
matrix:
stage: [
"final",
"initcontainer"
]
include:
- stage: "final"
tag-prefix: ""
- stage: "initcontainer"
tag-prefix: "init-"
uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/[email protected]
with:
docker-image-name: 'amsd-app'
docker-build-target: ${{ matrix.stage }}
docker-build-file-name: './Dockerfile'
docker-tag-prefix: ${{ matrix.tag-prefix }}
import-without-deploy: ${{ matrix.stage == 'initcontainer' }}
environment: ${{ needs.set-env.outputs.environment }}
annotate-release: true
docker-build-args: |
COMMIT_SHA="${{ needs.set-env.outputs.checked-out-sha }}"
secrets:
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
azure-acr-client-id: ${{ secrets.ACR_CLIENT_ID }}
azure-acr-name: ${{ secrets.ACR_NAME }}
azure-aca-client-id: ${{ secrets.ACA_CLIENT_ID }}
azure-aca-name: ${{ secrets.ACA_CONTAINERAPP_NAME }}
azure-aca-resource-group: ${{ secrets.ACA_RESOURCE_GROUP }}
create-tag:
name: Tag and release
needs: set-env
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
- name: Create tag
run: |
git tag ${{ needs.set-env.outputs.release }}
git push origin ${{ needs.set-env.outputs.release }}
- name: Create release
uses: "actions/github-script@v7"
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
script: |
try {
await github.rest.repos.createRelease({
draft: ${{ needs.set-env.outputs.environment == 'staging' }},
generate_release_notes: true,
name: "${{ needs.set-env.outputs.release }}",
owner: context.repo.owner,
prerelease: ${{ needs.set-env.outputs.environment == 'staging' }},
repo: context.repo.repo,
tag_name: "${{ needs.set-env.outputs.release }}",
});
} catch (error) {
core.setFailed(error.message);
}
cypress-tests:
name: Run Cypress Tests
if: needs.set-env.outputs.environment == 'staging' || needs.set-env.outputs.environment == 'dev'
needs: [ deploy-image, set-env ]
uses: ./.github/workflows/cypress-tests.yml
with:
environment: ${{ needs.set-env.outputs.environment }}
secrets: inherit