Deploy to environment #761
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to environment | |
on: | |
push: | |
branches: | |
- main | |
- staging | |
workflow_dispatch: | |
inputs: | |
environment: | |
type: environment | |
description: "Choose an environment to deploy to" | |
default: dev | |
required: true | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.inputs.environment }}-${{ github.ref_name }} | |
jobs: | |
set-env: | |
name: Determine environment | |
runs-on: ubuntu-latest | |
outputs: | |
environment: ${{ steps.environment.outputs.environment }} | |
branch: ${{ steps.branch.outputs.branch }} | |
release: ${{ steps.release.outputs.release }} | |
checked-out-sha: ${{ steps.sha.outputs.checked-out-sha }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- id: sha | |
name: Set SHA | |
run: | | |
CHECKED_OUT_SHA="$(git log -1 '--format=format:%H')" | |
echo "checked-out-sha=${CHECKED_OUT_SHA}" >> $GITHUB_OUTPUT | |
- id: branch | |
name: Set branch name | |
run: | | |
GIT_REF=${{ github.ref_name }} | |
GIT_BRANCH=${GIT_REF##*/} | |
echo "branch=$GIT_BRANCH" >> $GITHUB_OUTPUT | |
- id: environment | |
name: Set default environment | |
run: | | |
BRANCH=${{ steps.branch.outputs.branch }} | |
ENVIRONMENT=${{ github.event.inputs.environment }} | |
# If no target environment is defined... | |
if [[ -z $ENVIRONMENT ]]; | |
then | |
# Then it must be a Push event trigger | |
if [[ $BRANCH == 'main' ]]; | |
then | |
# Set target environment to production | |
ENVIRONMENT='production' | |
elif [[ $BRANCH == 'staging' ]]; | |
then | |
# Set target environment to staging | |
ENVIRONMENT='staging' | |
else | |
# Only main and staging branches can auto-deploy via push trigger | |
# Exit with failure | |
echo "Only 'main' and 'staging' branches can be deployed via a push trigger" | |
exit 1 | |
fi | |
fi | |
echo "environment=${ENVIRONMENT,,}" >> $GITHUB_OUTPUT | |
- id: release | |
name: Set release name | |
run: | | |
RELEASE=${{ steps.environment.outputs.environment }}-`date +%Y-%m-%d`.${{ github.run_number }} | |
echo "release=${RELEASE}" >> $GITHUB_OUTPUT | |
deploy-image: | |
permissions: | |
id-token: write | |
contents: read | |
packages: write | |
name: Deploy '${{ needs.set-env.outputs.branch }}' to ${{ needs.set-env.outputs.environment }} | |
needs: [ set-env ] | |
strategy: | |
matrix: | |
stage: [ | |
"final", | |
"initcontainer" | |
] | |
include: | |
- stage: "final" | |
tag-prefix: "" | |
- stage: "initcontainer" | |
tag-prefix: "init-" | |
uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/[email protected] | |
with: | |
docker-image-name: 'amsd-app' | |
docker-build-target: ${{ matrix.stage }} | |
docker-build-file-name: './Dockerfile' | |
docker-tag-prefix: ${{ matrix.tag-prefix }} | |
import-without-deploy: ${{ matrix.stage == 'initcontainer' }} | |
environment: ${{ needs.set-env.outputs.environment }} | |
annotate-release: true | |
docker-build-args: | | |
COMMIT_SHA="${{ needs.set-env.outputs.checked-out-sha }}" | |
secrets: | |
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
azure-acr-client-id: ${{ secrets.ACR_CLIENT_ID }} | |
azure-acr-name: ${{ secrets.ACR_NAME }} | |
azure-aca-client-id: ${{ secrets.ACA_CLIENT_ID }} | |
azure-aca-name: ${{ secrets.ACA_CONTAINERAPP_NAME }} | |
azure-aca-resource-group: ${{ secrets.ACA_RESOURCE_GROUP }} | |
create-tag: | |
name: Tag and release | |
needs: set-env | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: Create tag | |
run: | | |
git tag ${{ needs.set-env.outputs.release }} | |
git push origin ${{ needs.set-env.outputs.release }} | |
- name: Create release | |
uses: "actions/github-script@v7" | |
with: | |
github-token: "${{ secrets.GITHUB_TOKEN }}" | |
script: | | |
try { | |
await github.rest.repos.createRelease({ | |
draft: ${{ needs.set-env.outputs.environment == 'staging' }}, | |
generate_release_notes: true, | |
name: "${{ needs.set-env.outputs.release }}", | |
owner: context.repo.owner, | |
prerelease: ${{ needs.set-env.outputs.environment == 'staging' }}, | |
repo: context.repo.repo, | |
tag_name: "${{ needs.set-env.outputs.release }}", | |
}); | |
} catch (error) { | |
core.setFailed(error.message); | |
} | |
cypress-tests: | |
name: Run Cypress Tests | |
if: needs.set-env.outputs.environment == 'staging' || needs.set-env.outputs.environment == 'dev' | |
needs: [ deploy-image, set-env ] | |
uses: ./.github/workflows/cypress-tests.yml | |
with: | |
environment: ${{ needs.set-env.outputs.environment }} | |
secrets: inherit |