Deploy application to sandbox-beta #75
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy application | |
| run-name: Deploy application to ${{ inputs.environment }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: Deployment environment | |
| required: true | |
| type: choice | |
| options: | |
| - qa | |
| - test | |
| - preview | |
| - training | |
| - production | |
| - sandbox-alpha | |
| - sandbox-beta | |
| server_types: | |
| description: Server types to deploy | |
| required: true | |
| type: choice | |
| options: | |
| - all | |
| - web | |
| - good-job | |
| default: all | |
| git_sha_to_deploy: | |
| description: The git commit SHA to deploy. | |
| required: false | |
| type: string | |
| workflow_call: | |
| inputs: | |
| environment: | |
| required: true | |
| type: string | |
| server_types: | |
| required: true | |
| type: string | |
| git_sha_to_deploy: | |
| description: The git commit SHA to deploy. | |
| required: true | |
| type: string | |
| permissions: {} | |
| concurrency: | |
| group: deploy-mavis-${{ inputs.environment }} | |
| env: | |
| aws-role: ${{ inputs.environment == 'production' | |
| && 'arn:aws:iam::820242920762:role/GithubDeployMavisAndInfrastructure' | |
| || 'arn:aws:iam::393416225559:role/GithubDeployMavisAndInfrastructure' }} | |
| web_codedeploy_application: mavis-${{ inputs.environment }} | |
| web_codedeploy_group: blue-green-group-${{ inputs.environment }} | |
| cluster_name: mavis-${{ inputs.environment }} | |
| good_job_service: mavis-${{ inputs.environment }}-good-job | |
| web_service: mavis-${{ inputs.environment }}-web | |
| jobs: | |
| prepare-deployment: | |
| name: Prepare deployment | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| outputs: | |
| web-task-definition-path: ${{ steps.create-web-task-definition.outputs.task-definition }} | |
| good-job-task-definition-path: ${{ steps.create-good-job-task-definition.outputs.task-definition }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Get image digest | |
| run: echo "TODO Get image digest via aws cli" # TODO Get image digest via aws cli | |
| - name: Populate web task definition | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| id: create-web-task-definition | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: config/environments/${{ inputs.environment }}-web-task-definition.json | |
| container-name: "application" | |
| image: "393416225559.dkr.ecr.eu-west-2.amazonaws.com/mavis/webapp@sha256:2410fc166875d955e92df0bd685744afe98b9cbbb3a54bbb739f41f80b632d32" | |
| - name: Populate good-job task definition | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| id: create-good-job-task-definition | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: config/environments/${{ inputs.environment }}-good-job-task-definition.json | |
| container-name: "application" | |
| image: "393416225559.dkr.ecr.eu-west-2.amazonaws.com/mavis/webapp@sha256:2410fc166875d955e92df0bd685744afe98b9cbbb3a54bbb739f41f80b632d32" | |
| - name: Upload artifact for web task definition | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-web-task-definition | |
| path: ${{ steps.create-web-task-definition.outputs.task-definition }} | |
| - name: Upload artifact for good-job task definition | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-good-job-task-definition | |
| path: ${{ steps.create-good-job-task-definition.outputs.task-definition }} | |
| approve-deployments: | |
| name: Wait for approval if required | |
| runs-on: ubuntu-latest | |
| needs: prepare-deployment | |
| environment: ${{ inputs.environment }} | |
| steps: | |
| - run: echo "Proceeding with deployment to ${{ inputs.environment }} environment" | |
| deploy-web: | |
| name: Deploy web service | |
| runs-on: ubuntu-latest | |
| if: inputs.server_types == 'web' || inputs.server_types == 'all' | |
| needs: [ prepare-deployment, approve-deployments ] | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Download web task definition artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }} | |
| name: ${{ inputs.environment }}-web-task-definition | |
| - name: Register web task definition | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ needs.prepare-deployment.outputs.web-task-definition-path }} | |
| - name: Create appspec.yml | |
| run: | | |
| cp config/templates/appspec.yaml.tpl appspec.yaml | |
| sed -i 's|<TASK_DEFINITION_ARN>||g' appspec.yaml | |
| - name: Deploy web service with CodeDeploy | |
| id: deploy-web-service | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ needs.prepare-deployment.outputs.web-task-definition-path }} | |
| codedeploy-appspec: appspec.yaml | |
| cluster: ${{ env.cluster_name }} | |
| service: ${{ env.web_service }} | |
| codedeploy-application: ${{ env.web_codedeploy_application }} | |
| codedeploy-deployment-group: ${{ env.web_codedeploy_group }} | |
| - name: Wait for deployment to complete | |
| run: | | |
| echo "Waiting for CodeDeploy deployment ${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }} to complete..." | |
| aws deploy wait deployment-successful --deployment-id "${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }}" | |
| echo "Deployment successful" | |
| deploy-good-job: | |
| name: Deploy good-job service | |
| runs-on: ubuntu-latest | |
| if: inputs.server_types == 'good-job' || inputs.server_types == 'all' | |
| needs: [ prepare-deployment, approve-deployments ] | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ env.aws-role }} | |
| aws-region: eu-west-2 | |
| - name: Download good-job task definition artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ inputs.environment }}-good-job-task-definition | |
| path: ${{ runner.temp }} | |
| - name: Deploy good-job service | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v2 | |
| with: | |
| task-definition: ${{ needs.prepare-deployment.outputs.good-job-task-definition-path }} | |
| cluster: ${{ env.cluster_name }} | |
| service: ${{ env.good_job_service }} | |
| force-new-deployment: true | |
| wait-for-service-stability: true |