Skip to content

CI/CD deploy

CI/CD deploy #5

name: "CI/CD deploy"
on:
workflow_dispatch:
inputs:
tag:
description: "This is the tag that is going to be deployed"
required: true
default: "latest"
environment:
description: "The environment you want to deploy to"
type: environment
required: true
jobs:
metadata:
name: "Set CI/CD metadata"
runs-on: ubuntu-latest
timeout-minutes: 1
outputs:
build_datetime: ${{ steps.variables.outputs.build_datetime }}
build_timestamp: ${{ steps.variables.outputs.build_timestamp }}
build_epoch: ${{ steps.variables.outputs.build_epoch }}
nodejs_version: ${{ steps.variables.outputs.nodejs_version }}
python_version: ${{ steps.variables.outputs.python_version }}
terraform_version: ${{ steps.variables.outputs.terraform_version }}
version: ${{ steps.variables.outputs.version }}
tag: ${{ steps.variables.outputs.tag }}
steps:
- name: "Checkout code"
uses: actions/checkout@v4
- name: "Set CI/CD variables"
id: variables
run: |
datetime=$(date -u +'%Y-%m-%dT%H:%M:%S%z')
echo "build_datetime=$datetime" >> $GITHUB_OUTPUT
echo "build_timestamp=$(date --date=$datetime -u +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
echo "build_epoch=$(date --date=$datetime -u +'%s')" >> $GITHUB_OUTPUT
echo "nodejs_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT
echo "python_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT
echo "terraform_version=$(grep "^terraform" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT
# TODO: Get the version, but it may not be the .version file as this should come from the CI/CD Pull Request Workflow
echo "version=$(head -n 1 .version 2> /dev/null || echo unknown)" >> $GITHUB_OUTPUT
echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
- name: "List variables"
run: |
export BUILD_DATETIME="${{ steps.variables.outputs.build_datetime }}"
export BUILD_TIMESTAMP="${{ steps.variables.outputs.build_timestamp }}"
export BUILD_EPOCH="${{ steps.variables.outputs.build_epoch }}"
export NODEJS_VERSION="${{ steps.variables.outputs.nodejs_version }}"
export PYTHON_VERSION="${{ steps.variables.outputs.python_version }}"
export TERRAFORM_VERSION="${{ steps.variables.outputs.terraform_version }}"
export VERSION="${{ steps.variables.outputs.version }}"
export TAG="${{ steps.variables.outputs.tag }}"
make list-variables
deploy:
name: "Deploy to an environment"
runs-on: ubuntu-latest
needs: [metadata]
timeout-minutes: 10
environment: ${{ inputs.environment }}
permissions:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE }}
role-session-name: deploy_${{ env.environment }}
aws-region: ${{ vars.AWS_REGION }}
- name: List S3 buckets
run: |
echo "Deploying to ${environment}"
echo "TODO Run terraform here"
# TODO: More jobs or/and steps here
# success:
# name: "Success notification"
# runs-on: ubuntu-latest
# needs: [deploy]
# steps:
# - name: "Check prerequisites for notification"
# id: check
# run: echo "secret_exist=${{ secrets.TEAMS_NOTIFICATION_WEBHOOK_URL != '' }}" >> $GITHUB_OUTPUT
# - name: "Notify on deployment to an environment"
# if: steps.check.outputs.secret_exist == 'true'
# uses: nhs-england-tools/[email protected]
# with:
# github-token: ${{ secrets.GITHUB_TOKEN }}
# teams-webhook-url: ${{ secrets.TEAMS_NOTIFICATION_WEBHOOK_URL }}
# message-title: "Notification title"
# message-text: "This is a notification body"
# link: ${{ github.event.pull_request.html_url }}