Created aks deploy workflow for the project

WHY: The aks deploy workflow is necessary for automatic deployment HOW: The aks deploy workflow is embedded in the existing paas workflow
DFE-Digital · Sep 18, 2023 · d14ab00 · d14ab00
1 parent eb65f70
commit d14ab00
Show file tree

Hide file tree

Showing 2 changed files with 143 additions and 43 deletions.
diff --git a/.github/workflows/actions/deploy_v2/action.yml b/.github/workflows/actions/deploy_v2/action.yml
@@ -0,0 +1,82 @@
+name: Deploy to AKS
+description: deploys application
+inputs:
+  environment:
+    description: Environment to deploy to
+    required: true
+  sha:
+    description: Commit sha to be deployed
+    required: true
+  azure-credentials:
+    description: Credentials for azure
+    required: true
+  pr:
+    description: Pull Request Reference
+    required: false
+
+outputs:
+  deploy-url:
+    value: ${{ steps.set_env_var.outputs.deploy_url }}
+runs:
+  using: composite
+  steps:
+    - name: Set Environment variables
+      id: set_env_var
+      shell: bash
+      run: |
+        echo  ls terraform
+        envtolower=`echo "${{ inputs.environment }} " | awk '{ print tolower($1) }'`
+        tf_vars_file=terraform/aks/config/$envtolower.tfvars.json
+        echo " tf_vars_file is $tf_vars_file"
+        terraform_version=$(awk '/{/{f=/^terraform/;next}f' terraform/aks/terraform.tf | grep -o [0-9\.]*)
+        echo "cluster=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
+        echo "aks_app_environment=$(jq -r '.environment' ${tf_vars_file})" >> $GITHUB_ENV
+        echo "TERRAFORM_VERSION=$terraform_version" >> $GITHUB_ENV
+        echo "namespace=$(jq -r '.namespace' ${tf_vars_file})" >> $GITHUB_ENV
+        if [[ $cluster == 'production' ]]; then
+              echo "deploy_url=https://getintoteachingapi-${{ env.aks_app_environment }}.teacherservices.cloud" >> $GITHUB_OUTPUT
+            else
+              echo "deploy_url=https://getintoteachingapi-${{ env.aks_app_environment }}.${cluster}.teacherservices.cloud" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Use Terraform ${{ env.TERRAFORM_VERSION }}
+      uses: hashicorp/setup-terraform@v2
+      with:
+        terraform_version: ${{ env.TERRAFORM_VERSION }}
+
+    - uses: DFE-Digital/github-actions/set-arm-environment-variables@master
+      with:
+        azure-credentials: ${{ inputs.azure-credentials }}
+
+    - name: Print Sha
+      id: print-sha-environment
+      shell: bash
+      run: |
+        echo "${{ inputs.sha }}"
+        echo "the passed in environment is ${{ inputs.environment  }}"
+        echo terraform version
+
+    - name: Terraform init, plan & apply
+      if: ${{ inputs.environment }} == "Review"
+      shell: bash
+      run: |
+        envtolower=`echo "${{ inputs.environment }} " | awk '{ print tolower($1) }'`
+        envval="${envtolower}_aks"
+        echo "envval is ${envval}"
+        echo "running in Review"
+        make ci ${envval} terraform-plan-aks PR_NUMBER=${{ inputs.pr }}
+      env:
+        IMAGE_TAG: ${{ inputs.sha }}
+
+
+    - name: Terraform init, plan & apply
+      if: ${{ inputs.environment }} != "Review"
+      shell: bash
+      run: |
+        envtolower=`echo "${{ inputs.environment }} " | awk '{ print tolower($1) }'`
+        envval="${envtolower}_aks"
+        echo "envval is ${envval}"
+        echo "not running in Review"
+        make ci ${envval} terraform-plan-aks
+      env:
+        IMAGE_TAG: ${{ inputs.sha }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -3,7 +3,7 @@ on:
   workflow_dispatch:
   pull_request:
   push:
-    branches: [ master ]
+    branches: [ feature/1123457-workflow ]
 
 permissions:
   contents: write
@@ -345,12 +345,12 @@ jobs:
       release_tag: ${{steps.tag_version.outputs.pr_number}}
     steps:
       - name: Set matrix environments (Push to master)
-        if: github.event_name == 'push' && github.ref == 'refs/heads/master'
-        run: echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Development\" , \"Staging\",\"Production\"]}" >> $GITHUB_ENV
+        # if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+        run: echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Development\"]}" >> $GITHUB_ENV
 
-      - name: Set matrix environments ( Review)
-        if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master'
-        run: echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Review\"]}" >> $GITHUB_ENV
+      # - name: Set matrix environments ( Review)
+        # if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master'
+        # run: echo "MATRIX_ENVIRONMENTS={\"environment\":[\"Review_aks\"]}" >> $GITHUB_ENV
 
       - name: Generate Tag from PR Number
         if: github.event_name == 'push' && github.ref == 'refs/heads/master'
@@ -420,49 +420,67 @@ jobs:
         with:
             creds: ${{ secrets.AZURE_CREDENTIALS }}
 
-      - uses: DfE-Digital/keyvault-yaml-secret@v1
-        id:  keyvault-yaml-secret
-        with:
-          keyvault: ${{ secrets.KEY_VAULT}}
-          secret: SE-INFRA-SECRETS
-          key: SLACK-WEBHOOK , SLACK-RELEASE-NOTE-WEBHOOK , PAAS-USERNAME , PAAS-PASSWORD
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Login to Cloud Foundry
-        if: matrix.environment == 'Review'
-        run: cf login -a api.london.cloud.service.gov.uk -u ${{steps.keyvault-yaml-secret.outputs.PAAS-USERNAME}} -p "${{steps.keyvault-yaml-secret.outputs.PAAS-PASSWORD}}" -s get-into-teaching
-
-      - name: Get Static Route
-        if: matrix.environment == 'Review'
-        run: |
-              cf delete-orphaned-routes -f
-              STATIC_ROUTE=$( ${GITHUB_WORKSPACE}/script/get_next_mapping.sh ${{env.REVIEW_APPLICATION}}-${{github.event.number}} )
-              echo "STATIC_ROUTE=${STATIC_ROUTE}" >> $GITHUB_ENV
+      # - uses: DfE-Digital/keyvault-yaml-secret@v1
+      #   id:  keyvault-yaml-secret
+      #   with:
+      #     keyvault: ${{ secrets.KEY_VAULT}}
+      #     secret: SE-INFRA-SECRETS
+      #     key: SLACK-WEBHOOK , SLACK-RELEASE-NOTE-WEBHOOK , PAAS-USERNAME , PAAS-PASSWORD
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      # - name: Login to Cloud Foundry
+      #   if: matrix.environment == 'Review'
+      #   run: cf login -a api.london.cloud.service.gov.uk -u ${{steps.keyvault-yaml-secret.outputs.PAAS-USERNAME}} -p "${{steps.keyvault-yaml-secret.outputs.PAAS-PASSWORD}}" -s get-into-teaching
+
+      # - name: Get Static Route
+      #   if: matrix.environment == 'Review'
+      #   run: |
+      #         cf delete-orphaned-routes -f
+      #         STATIC_ROUTE=$( ${GITHUB_WORKSPACE}/script/get_next_mapping.sh ${{env.REVIEW_APPLICATION}}-${{github.event.number}} )
+      #         echo "STATIC_ROUTE=${STATIC_ROUTE}" >> $GITHUB_ENV
+
+      # - name: Trigger Deployment to ${{matrix.environment}}
+      #   if: matrix.environment == 'Review'
+      #   uses: ./.github/workflows/actions/deploy
+      #   with:
+      #     environment: ${{matrix.environment}}
+      #     sha:  ${{ github.sha }}
+      #     pr:   ${{github.event.number}}
+      #     static:  ${{env.STATIC_ROUTE}}
+      #     AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+      #     KEY_VAULT:         ${{ secrets.KEY_VAULT }}
+      #     ARM_ACCESS_KEY:    ${{ secrets.ARM_ACCESS_KEY }}
+      #     GITHUB_TOKEN:      ${{ secrets.GITHUB_TOKEN }}
+
+      # - name: Trigger Deployment to ${{matrix.environment}}_aks
+      #   if: matrix.environment == 'review_aks'
+      #   uses: ./.github/workflows/actions/deploy_v2
+      #   with:
+      #     environment: ${{matrix.environment}}
+      #     sha:  ${{ github.sha }}
+      #     azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
+      #     pr:   ${{github.event.number}}
+
+      # - name: Trigger Deployment to ${{matrix.environment}}
+      #   if: matrix.environment != 'Review' && (!contains(matrix.environment,'aks'))
+      #   uses: ./.github/workflows/actions/deploy
+      #   with:
+      #     environment: ${{matrix.environment}}
+      #     sha:  ${{ github.sha }}
+      #     AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+      #     KEY_VAULT:         ${{ secrets.KEY_VAULT }}
+      #     ARM_ACCESS_KEY:    ${{ secrets.ARM_ACCESS_KEY }}
+      #     GITHUB_TOKEN:      ${{ secrets.GITHUB_TOKEN }}
 
       - name: Trigger Deployment to ${{matrix.environment}}
-        if: matrix.environment == 'Review'
-        uses: ./.github/workflows/actions/deploy
+        if: (matrix.environment != 'Review')
+        uses: ./.github/workflows/actions/deploy_v2
         with:
           environment: ${{matrix.environment}}
           sha:  ${{ github.sha }}
+          azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
           pr:   ${{github.event.number}}
-          static:  ${{env.STATIC_ROUTE}}
-          AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
-          KEY_VAULT:         ${{ secrets.KEY_VAULT }}
-          ARM_ACCESS_KEY:    ${{ secrets.ARM_ACCESS_KEY }}
-          GITHUB_TOKEN:      ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Trigger Deployment to ${{matrix.environment}}
-        if: matrix.environment != 'Review'
-        uses: ./.github/workflows/actions/deploy
-        with:
-          environment: ${{matrix.environment}}
-          sha:  ${{ github.sha }}
-          AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
-          KEY_VAULT:         ${{ secrets.KEY_VAULT }}
-          ARM_ACCESS_KEY:    ${{ secrets.ARM_ACCESS_KEY }}
-          GITHUB_TOKEN:      ${{ secrets.GITHUB_TOKEN }}
 
       - name: Determine DfE Sign In Message
         uses: haya14busa/action-cond@v1