Skip to content

Commit

Permalink
Clean up Faltrn
Browse files Browse the repository at this point in the history
  • Loading branch information
johnake committed Dec 29, 2023
1 parent 3f56445 commit ee45055
Show file tree
Hide file tree
Showing 50 changed files with 84 additions and 840 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/actions/database-backup/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ runs:
shell: bash
id: set_kv_env_vars
run: |
tf_vars_file=terraform/aks/workspace_variables/${{ inputs.environment }}_aks.tfvars.json
tf_vars_file=terraform/aks/workspace_variables/${{ inputs.environment }}.tfvars.json
cat $tf_vars_file
INF_VAULT_NAME=$(jq -r '.inf_vault_name' ${tf_vars_file})
NAMESPACE=$(jq -r '.namespace' ${tf_vars_file})
Expand Down
77 changes: 0 additions & 77 deletions .github/workflows/actions/deploy-environment/action.yml

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ runs:

- name: Terraform init, plan & apply
shell: bash
run: make ci ${{ inputs.environment }} terraform-apply-aks
run: make ci ${{ inputs.environment }} terraform-apply
env:
ARM_ACCESS_KEY: ${{ inputs.arm-access-key }}
DOCKER_IMAGE: ${{ inputs.docker_image }}
Expand Down
57 changes: 0 additions & 57 deletions .github/workflows/actions/smoke-test-v2/action.yml

This file was deleted.

39 changes: 26 additions & 13 deletions .github/workflows/actions/smoke-test/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,23 +22,36 @@ runs:
- name: Set environment variables
shell: bash
run: |
tf_vars_file=terraform/paas/workspace_variables/${{ inputs.environment }}.tfvars.json
echo "KEY_VAULT_NAME=$(jq -r '.key_vault_name' ${tf_vars_file})" >> $GITHUB_ENV
echo "PAAS_SPACE=$(jq -r '.paas_space' ${tf_vars_file})" >> $GITHUB_ENV
tf_vars_file=terraform/aks/workspace_variables/${{ inputs.environment }}.tfvars.json
echo "APP_KEY_VAULT=$(jq -r '.app_key_vault' ${tf_vars_file})" >> $GITHUB_ENV
- uses: DfE-Digital/keyvault-yaml-secret@v1
id: keyvault-yaml-secret
- name: Retrieve Secrets from KV
uses: azure/CLI@v1
id: retrieve-secrets
with:
keyvault: ${{ env.KEY_VAULT_NAME }}
secret: INFRASTRUCTURE
key: HOSTING_DOMAIN,GOVUK_NOTIFY_API_KEY,SUPPORT_USERNAME,SUPPORT_PASSWORD
inlineScript: |
HOSTING_DOMAIN=$(az keyvault secret show --name HOSTING-DOMAIN --vault-name "${{ env.APP_KEY_VAULT}}" --query 'value' -o tsv)
echo "::add-mask::$HOSTING_DOMAIN"
echo "HOSTING_DOMAIN=$HOSTING_DOMAIN" >> $GITHUB_OUTPUT
GOVUK_NOTIFY_API_KEY=$(az keyvault secret show --name GOVUK-NOTIFY-API-KEY --vault-name "${{ env.APP_KEY_VAULT}}" --query 'value' -o tsv)
echo "::add-mask::$GOVUK_NOTIFY_API_KEY"
echo "GOVUK_NOTIFY_API_KEY=$GOVUK_NOTIFY_API_KEY" >> $GITHUB_OUTPUT
HOSTING_ENVIRONMENT_NAME=$(az keyvault secret show --name HOSTING-ENVIRONMENT-NAME --vault-name "${{ env.APP_KEY_VAULT}}" --query 'value' -o tsv)
echo "::add-mask::$HOSTING_ENVIRONMENT_NAME"
echo "HOSTING_ENVIRONMENT_NAME=$HOSTING_ENVIRONMENT_NAME" >> $GITHUB_OUTPUT
SUPPORT_USERNAME=$(az keyvault secret show --name SUPPORT-USERNAME --vault-name "${{ env.APP_KEY_VAULT}}" --query 'value' -o tsv)
echo "::add-mask::$SUPPORT_USERNAME"
echo "SUPPORT_USERNAME=$SUPPORT_USERNAME" >> $GITHUB_OUTPUT
SUPPORT_PASSWORD=$(az keyvault secret show --name SUPPORT-PASSWORD --vault-name "${{ env.APP_KEY_VAULT}}" --query 'value' -o tsv)
echo "::add-mask::$SUPPORT_PASSWORD"
echo "SUPPORT_PASSWORD=$SUPPORT_PASSWORD" >> $GITHUB_OUTPUT
- name: Run deployment smoke test
shell: bash
run: bin/smoke
env:
HOSTING_DOMAIN: ${{ steps.keyvault-yaml-secret.outputs.HOSTING_DOMAIN }}
RAILS_ENV: ${{ steps.keyvault-yaml-secret.outputs.HOSTING_ENVIRONMENT_NAME }}
GOVUK_NOTIFY_API_KEY: ${{ steps.keyvault-yaml-secret.outputs.GOVUK_NOTIFY_API_KEY }}
SUPPORT_USERNAME: ${{ steps.keyvault-yaml-secret.outputs.SUPPORT_USERNAME }}
SUPPORT_PASSWORD: ${{ steps.keyvault-yaml-secret.outputs.SUPPORT_PASSWORD }}
HOSTING_DOMAIN: ${{ steps.retrieve-secrets.outputs.HOSTING_DOMAIN }}
RAILS_ENV: ${{ steps.retrieve-secrets.outputs.HOSTING_ENVIRONMENT_NAME }}
GOVUK_NOTIFY_API_KEY: ${{ steps.retrieve-secrets.outputs.GOVUK_NOTIFY_API_KEY }}
SUPPORT_USERNAME: ${{ steps.retrieve-secrets.outputs.SUPPORT_USERNAME }}
SUPPORT_PASSWORD: ${{ steps.retrieve-secrets.outputs.SUPPORT_PASSWORD }}
4 changes: 2 additions & 2 deletions .github/workflows/aks-db-backup.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ jobs:
matrix:
environment: [development, test, preproduction, production]
environment:
name: ${{matrix.environment}}_aks
concurrency: ${{matrix.environment}}_${{github.event.number}}_aks
name: ${{matrix.environment}}
concurrency: ${{matrix.environment}}_${{github.event.number}}
steps:
- name: Check out the repo
uses: actions/checkout@v4
Expand Down
65 changes: 19 additions & 46 deletions .github/workflows/build-and-deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ env:
jobs:
docker:
name: Docker build and push
if: contains(github.event.pull_request.labels.*.name, 'deploy') || contains(github.event.pull_request.labels.*.name, 'deploy_v2') || github.event_name != 'pull_request'
if: contains(github.event.pull_request.labels.*.name, 'deploy') || github.event_name != 'pull_request'
runs-on: ubuntu-latest
outputs:
docker_image: ${{ steps.dockerimage.outputs.docker_image_tag }}
Expand All @@ -44,37 +44,10 @@ jobs:

steps:
- uses: actions/checkout@v3
- uses: ./.github/workflows/actions/deploy-environment
- uses: ./.github/workflows/actions/deploy
id: deploy
with:
environment_name: review
docker_image: ${{ needs.docker.outputs.docker_image }}
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}
terraform_vars: workspace_variables/review.tfvars.json
pr_id: ${{ github.event.pull_request.number }}

- name: Post sticky pull request comment
if: github.event_name == 'pull_request'
uses: marocchino/sticky-pull-request-comment@v2
with:
message: |
Review app deployed to ${{ steps.deploy.outputs.environment_url }}
deploy_v2_review:
name: Deploy to review_aks environment
concurrency: deploy_v2_review_${{ github.event.pull_request.number }}
needs: [docker]
runs-on: ubuntu-latest
if: contains(github.event.pull_request.labels.*.name, 'deploy_v2')
environment:
name: review_aks

steps:
- uses: actions/checkout@v3
- uses: ./.github/workflows/actions/deploy_v2
id: deploy_v2
with:
environment: review_aks
environment: review
docker_image: ${{ needs.docker.outputs.docker_image }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
arm-access-key: ${{ secrets.ARM_ACCESS_KEY }}
Expand All @@ -85,9 +58,9 @@ jobs:
uses: marocchino/sticky-pull-request-comment@v2
with:
message: |
AKS review app deployed to ${{ steps.deploy_v2.outputs.environment_url }}
AKS review app deployed to ${{ steps.deploy.outputs.environment_url }}
deploy_v2_nonprod:
deploy_nonprod:
name: Deploy to ${{ matrix.environment }} environment
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
Expand All @@ -96,7 +69,7 @@ jobs:
strategy:
max-parallel: 1
matrix:
environment: [development_aks, test_aks, preproduction_aks]
environment: [development, test, preproduction]
environment:
name: ${{ matrix.environment }}
url: ${{ steps.deploy.outputs.environment_url }}
Expand All @@ -105,38 +78,38 @@ jobs:

steps:
- uses: actions/checkout@v3
- uses: ./.github/workflows/actions/deploy_v2
id: deploy_v2
- uses: ./.github/workflows/actions/deploy
id: deploy
with:
environment: ${{ matrix.environment }}
docker_image: ${{ needs.docker.outputs.docker_image }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
arm-access-key: ${{ secrets.ARM_ACCESS_KEY }}
- uses: ./.github/workflows/actions/smoke-test-v2
- uses: ./.github/workflows/actions/smoke-test
id: smoke-test
with:
environment: ${{ matrix.environment }}
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}

deploy_v2_production:
name: Deploy to production_aks environment
deploy_production:
name: Deploy to production environment
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
environment:
name: production_aks
url: ${{ steps.deploy_v2.outputs.environment_url }}
concurrency: deploy_production_aks
needs: [docker, deploy_v2_nonprod]
name: production
url: ${{ steps.deploy.outputs.environment_url }}
concurrency: deploy_production
needs: [docker, deploy_nonprod]

outputs:
environment_url: ${{ steps.deploy_v2.outputs.environment_url }}
environment_url: ${{ steps.deploy.outputs.environment_url }}

steps:
- uses: actions/checkout@v3
- uses: ./.github/workflows/actions/deploy_v2
id: deploy_v2
- uses: ./.github/workflows/actions/deploy
id: deploy
with:
environment: production_aks
environment: production
docker_image: ${{ needs.docker.outputs.docker_image }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
arm-access-key: ${{ secrets.ARM_ACCESS_KEY }}
20 changes: 10 additions & 10 deletions .github/workflows/deploy_aks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@ on:
workflow_dispatch:
inputs:
environment:
description: "Deploy environment ( development_aks, test, preprod or production )"
description: "Deploy environment ( development, test, preprod or production )"
required: true
default: development_aks
default: development
type: choice
options:
- development_aks
- development
sha:
description: Commit sha to be deployed
required: true
Expand All @@ -20,11 +20,11 @@ env:
CONTAINER_REGISTRY: ghcr.io

jobs:
deploy_v2_environment:
name: Deploy to development_aks environment
deploy_environment:
name: Deploy to development environment
runs-on: ubuntu-latest
environment:
name: development_aks
name: development
steps:
- uses: actions/checkout@v3

Expand All @@ -37,16 +37,16 @@ jobs:
INPUT_GITHUB_SHA: 588bfd4567e53f6b809d5ed107dc70b3d040710a
shell: bash

- uses: ./.github/workflows/actions/deploy_v2
- uses: ./.github/workflows/actions/deploy
id: deploy
with:
environment: development_aks
environment: development
docker_image: ${{ steps.image.outputs.tag }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
arm-access-key: ${{ secrets.ARM_ACCESS_KEY }}

- uses: ./.github/workflows/actions/smoke-test-v2
- uses: ./.github/workflows/actions/smoke-test
id: smoke-test
with:
environment: development_aks
environment: development
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}
Loading

0 comments on commit ee45055

Please sign in to comment.