Add prod device sync related secrets to tf configs (#8323) #2250
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Test | |
on: | |
push: | |
branches: | |
- main | |
env: | |
DEPLOY_ENV: test | |
NODE_VERSION: 23 | |
concurrency: | |
group: test-deploy | |
cancel-in-progress: false | |
jobs: | |
build_docker: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Build and Push backend | |
uses: ./.github/actions/build-and-push | |
with: | |
acr_registry: ${{ secrets.ACR_REPO_URL }} | |
acr_username: ${{ secrets.ACR_ADMIN_USERNAME }} | |
acr_password: ${{ secrets.ACR_ADMIN_PASWORD }} | |
build_frontend: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/build-frontend | |
name: Build front-end application | |
with: | |
azure_creds: ${{ secrets.AZURE_CREDENTIALS }} | |
client_tarball: ./client.tgz | |
deploy_env: ${{env.DEPLOY_ENV}} | |
smarty_streets_key: ${{ secrets.SMARTY_STREETS_KEY }} | |
okta_enabled: true | |
okta_url: https://hhs-prime.oktapreview.com | |
okta_client_id: 0oa1khettjHnj3EPT1d7 | |
prerelease_backend: | |
runs-on: ubuntu-latest | |
needs: [build_frontend, build_docker] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/tf-deploy | |
name: Deploy with Terraform | |
with: | |
azure_creds: ${{ secrets.AZURE_CREDENTIALS }} | |
deploy_env: ${{ env.DEPLOY_ENV }} | |
terraform_arm_client_id: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }} | |
terraform_arm_client_secret: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }} | |
terraform_arm_subscription_id: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }} | |
terraform_arm_tenant_id: ${{ secrets.TERRAFORM_ARM_TENANT_ID }} | |
okta_api_token: ${{ secrets.OKTA_API_TOKEN_NONPROD }} | |
- uses: ./.github/actions/stg-wait-for-slot-commit | |
name: Wait for correct commit to be deployed in staging slot | |
timeout-minutes: 5 | |
with: | |
deploy_env: ${{ env.DEPLOY_ENV }} | |
- uses: ./.github/actions/stg-wait-for-slot-readiness | |
name: Wait for staging deploy to be ready | |
timeout-minutes: 1 | |
with: | |
deploy_env: ${{ env.DEPLOY_ENV }} | |
deploy: | |
runs-on: ubuntu-latest | |
environment: | |
name: test | |
url: https://test.simplereport.gov | |
needs: [prerelease_backend] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Promote and deploy | |
uses: ./.github/actions/deploy-application | |
with: | |
azure_creds: ${{ secrets.AZURE_CREDENTIALS }} | |
client_tarball: client.tgz | |
deploy_env: ${{ env.DEPLOY_ENV }} | |
slack_alert: | |
runs-on: ubuntu-latest | |
if: failure() | |
needs: [deploy] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Send alert to Slack | |
uses: ./.github/actions/slack-message | |
with: | |
username: ${{ github.actor }} | |
description: | | |
:siren-gif: Deploy to ${{ env.DEPLOY_ENV }} failed. ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} :siren-gif: | |
webhook_url: ${{ secrets.SR_ALERTS_SLACK_WEBHOOK_URL }} | |
user_map: $${{ secrets.SR_ALERTS_GITHUB_SLACK_MAP }} |