diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b17e528..c8b87fd 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -8,7 +8,7 @@ on: workflow_dispatch: jobs: - deploy: + setup: runs-on: ubuntu-latest # if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: @@ -40,20 +40,30 @@ jobs: echo "AWS_SECRET_ACCESS_KEY=$aws_secret_access_key" >> "$GITHUB_OUTPUT" echo "AWS_SESSION_TOKEN=$aws_session_token" >> "$GITHUB_OUTPUT" + deploy: + needs: [setup] + runs-on: ubuntu-latest + strategy: + matrix: + project: [users-chis-civ] + steps: - name: Assume role uses: aws-actions/configure-aws-credentials@v4 with: aws-region: ${{vars.AWS_REGION}} - aws-access-key-id: ${{ steps.auth.outputs.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ steps.auth.outputs.AWS_SECRET_ACCESS_KEY }} - aws-session-token: ${{ steps.auth.outputs.AWS_SESSION_TOKEN }} + aws-access-key-id: ${{ needs.setup.outputs.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ needs.setup.outputs.AWS_SECRET_ACCESS_KEY }} + aws-session-token: ${{ needs.setup.outputs.AWS_SESSION_TOKEN }} role-skip-session-tagging: true role-to-assume: "arn:aws:iam::${{vars.AWS_ACCOUNT_NUMBER}}:role/eks-${{vars.AWS_USER}}" - uses: actions/checkout@v2 - - name: Helm upgrade + - name: Update kubeconfig run: | aws eks update-kubeconfig --name ${{vars.CLUSTER}} --region ${{vars.AWS_REGION}} helm repo add medic https://docs.communityhealthtoolkit.org/helm-charts - helm upgrade --namespace ${{vars.NAMESPACE}} --values scripts/deploy/values/users-chis-civ.yaml users-chis-civ medic/cht-user-management + + - name: Upgrade ${{ matrix.project }} + run: | + helm upgrade --namespace ${{vars.NAMESPACE}} --values scripts/deploy/values/${{matrix.project}}.yaml ${{matrix.project}} medic/cht-user-management