-
Notifications
You must be signed in to change notification settings - Fork 7
59 lines (52 loc) · 1.31 KB
/
deploy-production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
---
name: Deploy to Production Environment
on:
push:
tags:
- v1.*
jobs:
testing:
uses: ./.github/workflows/testing-from-ghcr.yml
secrets: inherit
linting:
uses: ./.github/workflows/linting.yml
secrets: inherit
# up to date scan of the staging instance
scan-staging:
name: ZAP scan of the staging site
uses: ./.github/workflows/zap-scan.yml
with:
url: "https://fac-staging.app.cloud.gov/"
deploy-infrastructure-production:
name: Deploy infrastructure (production)
needs:
- testing
- scan-staging
uses: ./.github/workflows/terraform-apply-env.yml
with:
environment: "production"
autoapprove: false
secrets: inherit
new-relic-record:
name: Record deployment to New Relic
needs:
- deploy-infrastructure-production
uses: ./.github/workflows/new-relic-deployment.yml
with:
environment: "production"
secrets: inherit
deploy-production:
name: Deploy application
needs:
- deploy-infrastructure-production
uses: ./.github/workflows/deploy-application.yml
with:
environment: "production"
secrets: inherit
scan-production-post-deploy:
name: Zap Scan
needs:
- deploy-production
uses: ./.github/workflows/zap-scan.yml
with:
url: "https://app.fac.gov/"