Deploy application to sandbox-beta #68
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy application | |
| run-name: Deploy application to ${{ inputs.environment }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: Deployment environment | |
| required: true | |
| type: choice | |
| options: | |
| - qa | |
| - test | |
| - preview | |
| - training | |
| - production | |
| - sandbox-alpha | |
| - sandbox-beta | |
| server_types: | |
| description: Server types to deploy | |
| required: true | |
| type: choice | |
| options: | |
| - all | |
| - web | |
| - good-job | |
| default: all | |
| git_sha_to_deploy: | |
| description: The git commit SHA to deploy. | |
| required: false | |
| type: string | |
| workflow_call: | |
| inputs: | |
| environment: | |
| required: true | |
| type: string | |
| server_types: | |
| required: true | |
| type: string | |
| git_sha_to_deploy: | |
| description: The git commit SHA to deploy. | |
| required: true | |
| type: string | |
| permissions: { } | |
| concurrency: | |
| group: deploy-mavis-${{ inputs.environment }} | |
| env: | |
| aws-role: ${{ inputs.environment == 'production' | |
| && 'arn:aws:iam::820242920762:role/GithubDeployMavisAndInfrastructure' | |
| || 'arn:aws:iam::393416225559:role/GithubDeployMavisAndInfrastructure' }} | |
| web_codedeploy_application: mavis-${{ inputs.environment }} | |
| web_codedeploy_group: blue-green-group-${{ inputs.environment }} | |
| cluster_name: mavis-${{ inputs.environment }} | |
| good_job_service: mavis-${{ inputs.environment }}-good-job | |
| web_service: mavis-${{ inputs.environment }}-web | |
| jobs: | |
| prepare-deployment: | |
| name: Prepare deployment | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Setup python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: 3.12.3 | |
| cache: pip | |
| - name: Install Python dependencies | |
| run: python3 -m pip install -r script/requirements.txt | |
| - name: Populate web task definition | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| id: create-web-task-definition | |
| run: | | |
| python3 script/populate_task_definition.py ${{ inputs.environment }} web \ | |
| -i "${{ inputs.git_sha_to_deploy || github.sha }}" \ | |
| -o web-task-definition.json | |
| cat web-task-definition.json | |
| - name: Populate good-job task definition | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| id: create-good-job-task-definition | |
| run: | | |
| python3 script/populate_task_definition.py ${{ inputs.environment }} good-job \ | |
| -i "${{ inputs.git_sha_to_deploy || github.sha }}" \ | |
| -o good-job-task-definition.json | |
| cat good-job-task-definition.json | |
| - name: Populate SSM parameters for web service | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| run: | | |
| python3 script/populate_ssm_parameters.py ${{ inputs.environment }} web | |
| - name: Make artifact for web task definition | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-web-task-definition | |
| path: web-task-definition.json | |
| - name: Populate SSM parameters for good-job service | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| run: | | |
| python3 script/populate_ssm_parameters.py ${{ inputs.environment }} good-job | |
| - name: Make artifact for good-job task definition | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-good-job-task-definition | |
| path: good-job-task-definition.json | |
| approve-deployments: | |
| name: Approve deployments | |
| runs-on: ubuntu-latest | |
| needs: prepare-deployment | |
| environment: ${{ inputs.environment }} | |
| steps: | |
| - run: echo "Proceeding with deployment to ${{ inputs.environment }} environment" | |
| deploy-web: | |
| name: Deploy web service | |
| runs-on: ubuntu-latest | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| needs: [ prepare-deployment, approve-deployments ] | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Download web task definition artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }} | |
| name: ${{ inputs.environment }}-web-task-definition | |
| - name: Register web task definition | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ runner.temp }}/web-task-definition.json | |
| - name: Create appspec.yml | |
| run: | | |
| cp config/templates/appspec.yaml.tpl appspec.yaml | |
| sed -i 's|<TASK_DEFINITION_ARN>||g' appspec.yaml | |
| - name: Deploy web service with CodeDeploy | |
| id: deploy-web-service | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ runner.temp }}/web-task-definition.json | |
| codedeploy-appspec: appspec.yaml | |
| cluster: ${{ env.cluster_name }} | |
| service: ${{ env.web_service }} | |
| codedeploy-application: ${{ env.web_codedeploy_application }} | |
| codedeploy-deployment-group: ${{ env.web_codedeploy_group }} | |
| - name: Wait for deployment to complete | |
| run: | | |
| echo "Waiting for CodeDeploy deployment ${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }} to complete..." | |
| aws deploy wait deployment-successful --deployment-id "${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }}" | |
| echo "Deployment successful" | |
| deploy-good-job: | |
| name: Deploy good-job service | |
| runs-on: ubuntu-latest | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| needs: [ prepare-deployment, approve-deployments ] | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Download good-job task definition artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-good-job-task-definition | |
| path: ${{ runner.temp }} | |
| - name: Deploy good-job service | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ runner.temp }}/good-job-task-definition.json | |
| cluster: ${{ env.cluster_name }} | |
| service: ${{ env.good_job_service }} | |
| force-new-deployment: true | |
| wait-for-service-stability: true |