Deploy application to sandbox-beta #67
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy application | |
| run-name: Deploy application to ${{ inputs.environment }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: Deployment environment | |
| required: true | |
| type: choice | |
| options: | |
| - qa | |
| - test | |
| - preview | |
| - training | |
| - production | |
| - sandbox-alpha | |
| - sandbox-beta | |
| server_types: | |
| description: Server types to deploy | |
| required: true | |
| type: choice | |
| options: | |
| - all | |
| - web | |
| - good-job | |
| default: all | |
| git_sha_to_deploy: | |
| description: The git commit SHA to deploy. | |
| required: false | |
| type: string | |
| workflow_call: | |
| inputs: | |
| environment: | |
| required: true | |
| type: string | |
| server_types: | |
| required: true | |
| type: string | |
| git_sha_to_deploy: | |
| description: The git commit SHA to deploy. | |
| required: true | |
| type: string | |
| permissions: { } | |
| concurrency: | |
| group: deploy-mavis-${{ inputs.environment }} | |
| env: | |
| aws-role: ${{ inputs.environment == 'production' | |
| && 'arn:aws:iam::820242920762:role/GithubDeployMavisAndInfrastructure' | |
| || 'arn:aws:iam::393416225559:role/GithubDeployMavisAndInfrastructure' }} | |
| web_codedeploy_application: mavis-${{ inputs.environment }} | |
| web_codedeploy_group: blue-green-group-${{ inputs.environment }} | |
| cluster_name: mavis-${{ inputs.environment }} | |
| good_job_service: mavis-${{ inputs.environment }}-good-job | |
| web_service: mavis-${{ inputs.environment }}-web | |
| jobs: | |
| prepare-deployment: | |
| name: Prepare deployment | |
| runs-on: ubuntu-latest | |
| environment: ${{ inputs.environment }} | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Get image digest from ECR | |
| id: get-image-digest | |
| run: | | |
| # Get AWS account ID and construct repository URI | |
| AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text) | |
| REPOSITORY_URI="${AWS_ACCOUNT_ID}.dkr.ecr.eu-west-2.amazonaws.com/mavis/webapp" | |
| # Get the image digest for the git SHA | |
| IMAGE_DIGEST=$(aws ecr describe-images \ | |
| --repository-name mavis/webapp \ | |
| --image-ids imageTag=${{ inputs.git_sha_to_deploy || github.sha }} \ | |
| --query 'imageDetails[0].imageDigest' \ | |
| --output text) | |
| NEW_IMAGE_URI="${REPOSITORY_URI}@${IMAGE_DIGEST}" | |
| echo "new-image-uri=${NEW_IMAGE_URI}" >> $GITHUB_OUTPUT | |
| echo "New image URI: ${NEW_IMAGE_URI}" | |
| - name: Populate web task definition | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| id: render-web-task-definition | |
| run: | | |
| ./script/populate_task_definition.sh ${{ inputs.environment }} web \ | |
| -i "${{ steps.get-image-digest.outputs.new-image-uri }}" \ | |
| -o web-task-definition.json | |
| cat web-task-definition.json | |
| - name: Populate good-job task definition | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| id: render-good-job-task-definition | |
| run: | | |
| ./script/populate_task_definition.sh ${{ inputs.environment }} good-job \ | |
| -i "${{ steps.get-image-digest.outputs.new-image-uri }}" \ | |
| -o good-job-task-definition.json | |
| cat good-job-task-definition.json | |
| - name: Make artifact for web task definition | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-web-task-definition | |
| path: web-task-definition.json | |
| - name: Make artifact for good-job task definition | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-good-job-task-definition | |
| path: good-job-task-definition.json | |
| outputs: | |
| new-image-uri: ${{ steps.get-image-digest.outputs.new-image-uri }} | |
| deploy-web: | |
| name: Deploy web service | |
| runs-on: ubuntu-latest | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| needs: prepare-deployment | |
| environment: ${{ inputs.environment }} | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Download web task definition artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }} | |
| name: ${{ inputs.environment }}-web-task-definition | |
| - name: Register web task definition | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ runner.temp }}/web-task-definition.json | |
| - name: Create appspec.yml | |
| run: | | |
| cp config/templates/appspec.yaml.tpl appspec.yaml | |
| sed -i 's|<TASK_DEFINITION_ARN>|${{ needs.prepare-deployment.outputs.web-task-definition-arn }}|g' appspec.yaml | |
| - name: Deploy web service with CodeDeploy | |
| id: deploy-web-service | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ runner.temp }}/web-task-definition.json | |
| codedeploy-appspec: appspec.yaml | |
| cluster: ${{ env.cluster_name }} | |
| service: ${{ env.web_service }} | |
| codedeploy-application: ${{ env.web_codedeploy_application }} | |
| codedeploy-deployment-group: ${{ env.web_codedeploy_group }} | |
| - name: Wait for deployment to complete | |
| run: | | |
| echo "Waiting for CodeDeploy deployment ${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }} to complete..." | |
| aws deploy wait deployment-successful --deployment-id "${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }}" | |
| echo "Deployment successful" | |
| deploy-good-job: | |
| name: Deploy good-job service | |
| runs-on: ubuntu-latest | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| needs: prepare-deployment | |
| environment: ${{ inputs.environment }} | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Download good-job task definition artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-good-job-task-definition | |
| path: ${{ runner.temp }} | |
| - name: Deploy good-job service | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ runner.temp }}/good-job-task-definition.json | |
| cluster: ${{ env.cluster_name }} | |
| service: ${{ env.good_job_service }} | |
| force-new-deployment: true | |
| wait-for-service-stability: true |