deploy #185
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy | |
on: | |
workflow_run: | |
workflows: | |
- check | |
types: | |
- completed | |
branches: | |
- master | |
# Ensures that only one deploy task per branch/environment will run at a time. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: false | |
jobs: | |
org-formation: | |
if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
permissions: | |
id-token: write | |
contents: read | |
runs-on: ubuntu-latest | |
steps: | |
- name: Get role session name | |
uses: bhowell2/[email protected] | |
id: role-session-name | |
with: | |
value: GitHubActions-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} | |
length_from_end: 64 | |
- uses: actions/checkout@v3 | |
- name: Assume AWS Role | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-region: us-east-1 | |
role-to-assume: arn:aws:iam::531805629419:role/sagebase-github-oidc-sage-bionetworks-it | |
role-session-name: ${{ steps.role-session-name.outputs.substring }} | |
role-duration-seconds: 1200 | |
- name: Use Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: Cache node modules | |
uses: actions/cache@v3 | |
env: | |
cache-name: cache-node-modules | |
with: | |
# npm cache files are stored in `~/.npm` on Linux/macOS | |
path: ~/.npm | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
${{ runner.os }}-build- | |
${{ runner.os }}- | |
- name: Install dependencies | |
run: npm install | |
- name: Generate AWS CDK bootstrap template | |
run: npm run generate-cdk-bootstrap-template | |
- name: Add EnableKeyRotation property to CDK assets key | |
run: npm run patch-cdk-bootstrap-template | |
- name: Validate ofn templates | |
run: npm run validate-tasks | |
- name: Validate with print-task | |
run: npm run print-tasks-failfast | |
- name: Deploy with ofn | |
run: npm run ci-perform-tasks-parallel | |
# Map a step output to a job output | |
outputs: | |
role-session-name: ${{ steps.role-session-name.outputs.substring }} | |
sceptre-organizations: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::531805629419:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/organizations" | |
sceptre-admincentral: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::745159704268:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/admincentral" | |
sceptre-itsandbox: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::804034162148:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/itsandbox" | |
sceptre-scicomp: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::055273631518:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/scicomp" | |
sceptre-strides: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::423819316185:role/github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/strides" | |
sceptre-strides-ampad-workflows: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::751556145034:role/github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/strides-ampad-workflows" | |
sceptre-scipooldev: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::465877038949:role/sagebase-github-oidc-sage-bionetworks-it" | |
working-dir: "sceptre/scipool" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
sceptre-command: "sceptre launch develop --prune --yes" | |
sceptre-scipoolprod: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-scipool.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::237179673806:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/scipool" | |
sceptre-stridespool: | |
needs: [org-formation, sceptre-strides] | |
uses: "./.github/workflows/aws-scipool.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::423819316185:role/github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/scipool" | |
sceptre-command: "sceptre launch strides --prune --yes" | |
sceptre-bmgfki: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-scipool.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::464102568320:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/scipool" | |
sceptre-command: "sceptre launch bmgfki --prune --yes" | |
sceptre-sageit-staging: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::797640923903:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/sageit" | |
sceptre-command: "sceptre launch staging --prune --yes" | |
sceptre-sageit-prod: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::797640923903:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/sageit" | |
sceptre-logcentral: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::231505186444:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/logcentral" | |
sceptre-synapsedev: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::449435941126:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/synapsedev" | |
sceptre-synapseprod: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::325565585839:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/synapseprod" | |
sceptre-bridgedev: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::420786776710:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/bridge" | |
sceptre-command: "sceptre launch develop --prune --yes" | |
sceptre-bridgeprod: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::649232250620:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/bridge" | |
sceptre-imagecentral: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::867686887310:role/sagebase-github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/imagecentral" | |
sceptre-aws-opendata: | |
needs: [org-formation] | |
uses: "./.github/workflows/aws-deploy.yaml" | |
with: | |
role-to-assume: "arn:aws:iam::373143421983:role/github-oidc-sage-bionetworks-it" | |
role-session-name: ${{ needs.org-formation.outputs.role-session-name }} | |
working-dir: "sceptre/aws-opendata" |