Skip to content
Deploy application

Deploy application to sandbox-alpha #84

Sign in to view logs

Deploy application to sandbox-alpha

Deploy application to sandbox-alpha #84

Workflow file for this run

.github/workflows/deploy-application.yml at 3daccb7
name: Deploy application
run-name: Deploy application to ${{ inputs.environment }}
on:
workflow_dispatch:
inputs:
environment:
description: Deployment environment
required: true
type: choice
options:
- qa
- test
- preview
- training
- production
- sandbox-alpha
- sandbox-beta
server_types:
description: Server types to deploy
required: true
type: choice
options:
- all
- web
- good-job
default: all
git_sha_to_deploy:
description: The git commit SHA to deploy.
required: false
type: string
workflow_call:
inputs:
environment:
required: true
type: string
server_types:
required: true
type: string
git_sha_to_deploy:
description: The git commit SHA to deploy.
required: true
type: string
app_version:
description: The git ref to deploy (branch, tag, or commit SHA).
required: false
type: string
permissions: {}
concurrency:
group: deploy-mavis-${{ inputs.environment }}
env:
aws-role: ${{ inputs.environment == 'production'
&& 'arn:aws:iam::820242920762:role/GithubDeployMavisAndInfrastructure'
|| 'arn:aws:iam::393416225559:role/GithubDeployMavisAndInfrastructure' }}
aws_account_id: ${{ inputs.environment == 'production' && '820242920762' || '393416225559' }}
cluster_name: mavis-${{ inputs.environment }}
app_version: ${{ inputs.app_version == '' && 'unknown' || inputs.app_version }}
jobs:
prepare-deployment:
name: Prepare deployment
runs-on: ubuntu-latest
permissions:
id-token: write
outputs:
web-task-definition-path: ${{ steps.create-web-task-definition.outputs.task-definition }}
good-job-task-definition-path: ${{ steps.create-good-job-task-definition.outputs.task-definition }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.aws-role }}
aws-region: eu-west-2
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: 3.12.3
cache: pip
- name: Install Python dependencies
run: python3 -m pip install -r script/requirements.txt
- name: Get image digest
id: get-image-digest
run: |
digest=$(aws ecr describe-images \
--repository-name mavis/webapp \
--image-ids imageTag=${{ inputs.git_sha_to_deploy || github.sha }} \
--query 'imageDetails[0].imageDigest' \
--output text)
echo "digest=$digest" >> $GITHUB_OUTPUT
- name: Parse environment variables
id: parse-environment-variables
run: |
parsed_env_vars=$(yq -r '.environments.${{ inputs.environment }} | to_entries | .[] | .key + "=" + .value' config/container_variables.yml)
echo "parsed_env_vars=$parsed_env_vars" >> $GITHUB_OUTPUT
- name: Populate web task definition
if: ${{ inputs.server_types == 'web' || inputs.server_types == 'all' }}
id: create-web-task-definition
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition-family: "mavis-web-task-definition-${{ inputs.environment }}"
container-name: "application"
image: "${{ env.aws_account_id }}.dkr.ecr.eu-west-2.amazonaws.com/mavis/webapp@${{ steps.get-image-digest.outputs.digest }}"
environment-variables: ${{ steps.parse-environment-variables.outputs.parsed_env_vars }}
- name: Populate good-job task definition
if: ${{ inputs.server_types == 'good-job' || inputs.server_types == 'all' }}
id: create-good-job-task-definition
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition-family: "mavis-good-job-task-definition-${{ inputs.environment }}"
container-name: "application"
image: "${{ env.aws_account_id }}.dkr.ecr.eu-west-2.amazonaws.com/mavis/webapp@${{ steps.get-image-digest.outputs.digest }}"
environment-variables: ${{ steps.parse-environment-variables.outputs.parsed_env_vars }}
- name: Populate SSM parameters for web service
if: ${{ inputs.server_types == 'web' || inputs.server_types == 'all' }}
run: |
python3 script/populate_ssm_parameters.py ${{ inputs.environment }} web --app-version ${{ env.app_version }}
- name: Populate SSM parameters for good-job service
if: ${{ inputs.server_types == 'good-job' || inputs.server_types == 'all' }}
run: |
python3 script/populate_ssm_parameters.py ${{ inputs.environment }} good-job --app-version ${{ env.app_version }}
- name: Upload artifact for web task definition
if: ${{ inputs.server_types == 'web' || inputs.server_types == 'all' }}
uses: actions/upload-artifact@v4
with:
name: ${{ inputs.environment }}-web-task-definition
path: ${{ steps.create-web-task-definition.outputs.task-definition }}
- name: Upload artifact for good-job task definition
if: ${{ inputs.server_types == 'good-job' || inputs.server_types == 'all' }}
uses: actions/upload-artifact@v4
with:
name: ${{ inputs.environment }}-good-job-task-definition
path: ${{ steps.create-good-job-task-definition.outputs.task-definition }}
approve-deployments:
name: Wait for approval if required
runs-on: ubuntu-latest
needs: prepare-deployment
environment: ${{ inputs.environment }}
steps:
- run: echo "Proceeding with deployment to ${{ inputs.environment }} environment"
deploy-web:
name: Deploy web service
runs-on: ubuntu-latest
if: ${{ inputs.server_types == 'web' || inputs.server_types == 'all' }}
needs: [ prepare-deployment, approve-deployments ]
permissions:
id-token: write
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.aws-role }}
aws-region: eu-west-2
- name: Checkout code
uses: actions/checkout@v4
- name: Download web task definition artifact
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}
name: ${{ inputs.environment }}-web-task-definition
- name: Register web task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
with:
task-definition: ${{ needs.prepare-deployment.outputs.web-task-definition-path }}
- name: Create appspec.yml
run: |
cp config/templates/appspec.yaml.tpl appspec.yaml
sed -i 's|<TASK_DEFINITION_ARN>||g' appspec.yaml
- name: Deploy web service with CodeDeploy
id: deploy-web-service
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
with:
task-definition: ${{ needs.prepare-deployment.outputs.web-task-definition-path }}
codedeploy-appspec: appspec.yaml
cluster: ${{ env.cluster_name }}
service: mavis-${{ inputs.environment }}-web
codedeploy-application: mavis-${{ inputs.environment }}
codedeploy-deployment-group: blue-green-group-${{ inputs.environment }}
- name: Wait for deployment to complete
run: |
echo "Waiting for CodeDeploy deployment ${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }} to complete..."
aws deploy wait deployment-successful --deployment-id "${{ steps.deploy-web-service.outputs.codedeploy-deployment-id }}"
echo "Deployment successful"
deploy-good-job:
name: Deploy good-job service
runs-on: ubuntu-latest
if: ${{ inputs.server_types == 'good-job' || inputs.server_types == 'all' }}
needs: [ prepare-deployment, approve-deployments ]
permissions:
id-token: write
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.aws-role }}
aws-region: eu-west-2
- name: Download good-job task definition artifact
uses: actions/download-artifact@v4
with:
name: ${{ inputs.environment }}-good-job-task-definition
path: ${{ runner.temp }}
- name: Deploy good-job service
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
with:
task-definition: ${{ needs.prepare-deployment.outputs.good-job-task-definition-path }}
cluster: ${{ env.cluster_name }}
service: mavis-${{ inputs.environment }}-good-job
force-new-deployment: true
wait-for-service-stability: true