Skip to content

Commit

Permalink
separated deployments
Browse files Browse the repository at this point in the history
  • Loading branch information
Tope Emmanuel committed Sep 18, 2023
1 parent d14ab00 commit 3df402c
Show file tree
Hide file tree
Showing 2 changed files with 150 additions and 65 deletions.
13 changes: 5 additions & 8 deletions .github/workflows/actions/deploy_v2/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,7 @@ runs:
shell: bash
run: |
echo ls terraform
envtolower=`echo "${{ inputs.environment }} " | awk '{ print tolower($1) }'`
tf_vars_file=terraform/aks/config/$envtolower.tfvars.json
tf_vars_file=terraform/aks/config/${{ inputs.environment }}.tfvars.json
echo " tf_vars_file is $tf_vars_file"
terraform_version=$(awk '/{/{f=/^terraform/;next}f' terraform/aks/terraform.tf | grep -o [0-9\.]*)
echo "cluster=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
Expand Down Expand Up @@ -57,11 +56,10 @@ runs:
echo terraform version
- name: Terraform init, plan & apply
if: ${{ inputs.environment }} == "Review"
if: ${{ inputs.environment }} == "review"
shell: bash
run: |
envtolower=`echo "${{ inputs.environment }} " | awk '{ print tolower($1) }'`
envval="${envtolower}_aks"
envval="${{ inputs.environment }}_aks"
echo "envval is ${envval}"
echo "running in Review"
make ci ${envval} terraform-plan-aks PR_NUMBER=${{ inputs.pr }}
Expand All @@ -70,11 +68,10 @@ runs:


- name: Terraform init, plan & apply
if: ${{ inputs.environment }} != "Review"
if: ${{ inputs.environment }} != "review"
shell: bash
run: |
envtolower=`echo "${{ inputs.environment }} " | awk '{ print tolower($1) }'`
envval="${envtolower}_aks"
envval="${{ inputs.environment }}_aks"
echo "envval is ${envval}"
echo "not running in Review"
make ci ${envval} terraform-plan-aks
Expand Down
202 changes: 145 additions & 57 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -342,15 +342,20 @@ jobs:
runs-on: ubuntu-latest
outputs:
matrix_environments: ${{ env.MATRIX_ENVIRONMENTS }}
matrix_aks_environments: ${{ env.MATRIX_AKS_ENVIRONMENTS }}
release_tag: ${{steps.tag_version.outputs.pr_number}}
steps:
- name: Set matrix environments (Push to master)
# if: github.event_name == 'push' && github.ref == 'refs/heads/master'
run: echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Development\"]}" >> $GITHUB_ENV
run: |
echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Development\" , \"Staging\",\"Production\"]}" >> $GITHUB_ENV
echo "MATRIX__AKS_ENVIRONMENTS={\"environment\":[\"development\"]}" >> $GITHUB_ENV
# - name: Set matrix environments ( Review)
# if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master'
# run: echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Review_aks\"]}" >> $GITHUB_ENV
- name: Set matrix environments ( Review)
if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master'
run: |
echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Review\"]}" >> $GITHUB_ENV
echo "MATRIX__AKS_ENVIRONMENTS={\"environment\":[\"review_aks\"]}" >> $GITHUB_ENV
- name: Generate Tag from PR Number
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
Expand Down Expand Up @@ -379,8 +384,10 @@ jobs:
PR_NUMBER: ${{ steps.tag_version.outputs.pr_number }}
RELEASE_ID: ${{ steps.release.outputs.id }}
TOKEN: ${{secrets.GITHUB_TOKEN}}
# start existing deployment

deployments:
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
name: Deployments
strategy:
max-parallel: 1
Expand Down Expand Up @@ -420,61 +427,142 @@ jobs:
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}

# - uses: DfE-Digital/keyvault-yaml-secret@v1
# id: keyvault-yaml-secret
# with:
# keyvault: ${{ secrets.KEY_VAULT}}
# secret: SE-INFRA-SECRETS
# key: SLACK-WEBHOOK , SLACK-RELEASE-NOTE-WEBHOOK , PAAS-USERNAME , PAAS-PASSWORD
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

# - name: Login to Cloud Foundry
# if: matrix.environment == 'Review'
# run: cf login -a api.london.cloud.service.gov.uk -u ${{steps.keyvault-yaml-secret.outputs.PAAS-USERNAME}} -p "${{steps.keyvault-yaml-secret.outputs.PAAS-PASSWORD}}" -s get-into-teaching

# - name: Get Static Route
# if: matrix.environment == 'Review'
# run: |
# cf delete-orphaned-routes -f
# STATIC_ROUTE=$( ${GITHUB_WORKSPACE}/script/get_next_mapping.sh ${{env.REVIEW_APPLICATION}}-${{github.event.number}} )
# echo "STATIC_ROUTE=${STATIC_ROUTE}" >> $GITHUB_ENV

# - name: Trigger Deployment to ${{matrix.environment}}
# if: matrix.environment == 'Review'
# uses: ./.github/workflows/actions/deploy
# with:
# environment: ${{matrix.environment}}
# sha: ${{ github.sha }}
# pr: ${{github.event.number}}
# static: ${{env.STATIC_ROUTE}}
# AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
# KEY_VAULT: ${{ secrets.KEY_VAULT }}
# ARM_ACCESS_KEY: ${{ secrets.ARM_ACCESS_KEY }}
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

# - name: Trigger Deployment to ${{matrix.environment}}_aks
# if: matrix.environment == 'review_aks'
# uses: ./.github/workflows/actions/deploy_v2
# with:
# environment: ${{matrix.environment}}
# sha: ${{ github.sha }}
# azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
# pr: ${{github.event.number}}

# - name: Trigger Deployment to ${{matrix.environment}}
# if: matrix.environment != 'Review' && (!contains(matrix.environment,'aks'))
# uses: ./.github/workflows/actions/deploy
# with:
# environment: ${{matrix.environment}}
# sha: ${{ github.sha }}
# AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
# KEY_VAULT: ${{ secrets.KEY_VAULT }}
# ARM_ACCESS_KEY: ${{ secrets.ARM_ACCESS_KEY }}
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: DfE-Digital/keyvault-yaml-secret@v1
id: keyvault-yaml-secret
with:
keyvault: ${{ secrets.KEY_VAULT}}
secret: SE-INFRA-SECRETS
key: SLACK-WEBHOOK , SLACK-RELEASE-NOTE-WEBHOOK , PAAS-USERNAME , PAAS-PASSWORD
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Login to Cloud Foundry
if: matrix.environment == 'Review'
run: cf login -a api.london.cloud.service.gov.uk -u ${{steps.keyvault-yaml-secret.outputs.PAAS-USERNAME}} -p "${{steps.keyvault-yaml-secret.outputs.PAAS-PASSWORD}}" -s get-into-teaching

- name: Get Static Route
if: matrix.environment == 'Review'
run: |
cf delete-orphaned-routes -f
STATIC_ROUTE=$( ${GITHUB_WORKSPACE}/script/get_next_mapping.sh ${{env.REVIEW_APPLICATION}}-${{github.event.number}} )
echo "STATIC_ROUTE=${STATIC_ROUTE}" >> $GITHUB_ENV
- name: Trigger Deployment to ${{matrix.environment}}
if: matrix.environment == 'Review'
uses: ./.github/workflows/actions/deploy
with:
environment: ${{matrix.environment}}
sha: ${{ github.sha }}
pr: ${{github.event.number}}
static: ${{env.STATIC_ROUTE}}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
KEY_VAULT: ${{ secrets.KEY_VAULT }}
ARM_ACCESS_KEY: ${{ secrets.ARM_ACCESS_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Trigger Deployment to ${{matrix.environment}}
if: matrix.environment != 'Review'
uses: ./.github/workflows/actions/deploy
with:
environment: ${{matrix.environment}}
sha: ${{ github.sha }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
KEY_VAULT: ${{ secrets.KEY_VAULT }}
ARM_ACCESS_KEY: ${{ secrets.ARM_ACCESS_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Determine DfE Sign In Message
uses: haya14busa/action-cond@v1
id: dsiMessage
with:
cond: ${{ env.STATIC_ROUTE != '' }}
if_true: ':white_check_mark: DfE sign in route obtained: https://${{env.STATIC_ROUTE}}.london.cloudapps.digital'
if_false: ':warning: **DfE sign in route pool exhausted (close some open PRs!)**'

- name: Post sticky pull request comment
if: matrix.environment == 'Review'
uses: marocchino/sticky-pull-request-comment@v2
with:
recreate: true
message: |
Review app deployed to https://${{env.REVIEW_APPLICATION}}-${{github.event.number}}.${{env.DOMAIN}}
${{ steps.dsiMessage.outputs.value }}
- name: Add Review Label
if: matrix.environment == 'Review' && contains(github.event.pull_request.user.login, 'dependabot') == false
uses: actions-ecosystem/action-add-labels@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
labels: Review

- name: Get Release Id from Tag
id: tag_id
uses: DFE-Digital/github-actions/DraftReleaseByTag@master
with:
TAG: ${{needs.prepare.outputs.release_tag}}
TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Publish Release
if: matrix.environment == 'Production' && steps.tag_id.outputs.release_id
uses: eregon/publish-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
release_id: ${{steps.tag_id.outputs.release_id}}

- name: Slack Release Notification
if: matrix.environment == 'Production' && steps.tag_id.outputs.release_id
uses: rtCamp/action-slack-notify@master
env:
SLACK_COLOR: ${{env.SLACK_SUCCESS}}
SLACK_TITLE: "Release Published: ${{steps.tag_id.outputs.release_name}}"
SLACK_MESSAGE: ${{ fromJson( steps.tag_id.outputs.release_body) }}
SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK-RELEASE-NOTE-WEBHOOK }}
MSG_MINIMAL: true

- name: Slack Notification
if: failure() && matrix.environment == 'Production'
uses: rtCamp/action-slack-notify@master
env:
SLACK_COLOR: ${{env.SLACK_ERROR}}
SLACK_TITLE: Failure in Post-Development Deploy
SLACK_MESSAGE: Failure with initialising ${{matrix.environment}} deployment for ${{env.APPLICATION}}
SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK-WEBHOOK }}

deployments_aks:
name: Deployments
strategy:
max-parallel: 1
matrix: ${{fromJSON(needs.prepare.outputs.matrix_aks_environments)}}
environment:
name: ${{matrix.environment}}_aks
concurrency: ${{matrix.environment}}_${{github.event.number}}
needs: [ prepare ]
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v3

- name: set-up-environment
uses: DFE-Digital/github-actions/set-up-environment@master

- name: Set environment variable
run: |
REFERENCE=${{github.ref}}
echo "REFERENCE=${REFERENCE}" >> $GITHUB_ENV
- name: Set Review specific variables
if: matrix.environment == 'review'
run: |
REFERENCE=${{github.event.pull_request.head.ref}}
echo "REFERENCE=${REFERENCE}" >> $GITHUB_ENV
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}

- name: Trigger Deployment to ${{matrix.environment}}
if: (matrix.environment != 'Review')
# if: (matrix.environment != 'Review')
uses: ./.github/workflows/actions/deploy_v2
with:
environment: ${{matrix.environment}}
Expand Down

0 comments on commit 3df402c

Please sign in to comment.