-
Notifications
You must be signed in to change notification settings - Fork 3
117 lines (109 loc) · 3.56 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: Release
on:
workflow_call:
inputs:
infra-changed:
description: 'Infrastructure was modified'
type: boolean
required: true
app-changed:
description: 'App code was modified'
type: boolean
required: true
publish-envs:
description: 'The environments to publish to, needs to be a json array with names and roles, e.g. `[{name: "Staging", role: "arn:aws:iam::account:role/role-name"}`'
type: string
default: >
[
{
name: "Staging",
role: "${{vars.AWS_ROLE_STAGING}}"
},
{
name: "Prod",
role: "${{vars.AWS_ROLE_PROD}}"
}
]
task-definition-name:
description: 'The complete name of the ECS task'
type: string
default: ''
container-name:
description: 'The complete name of the ECS task container'
type: string
default: ''
task-name:
description: 'The name of the ECS task (used if inputs.task-definition-name is not defined)'
type: string
default: ${{ vars.IMAGE_NAME }}
task-name-stage:
description: 'The environment of the ECS task (used if inputs.task-definition-name is not defined)'
type: string
default: 'prod'
image-name:
description: 'The name of the image to publish'
type: string
default: ${{ vars.IMAGE_NAME }}
aws-region:
description: 'The AWS region to deploy to'
type: string
default: ${{ vars.AWS_REGION }}
aws-role-arn:
description: 'The ARN of the AWS role to assume to retrieve the ECS task information'
type: string
default: ${{vars.AWS_ROLE_PROD}}
run-label:
description: 'The run label to use for the actions'
type: string
default: 'ubuntu-latest'
secrets:
RELEASE_PAT:
required: true
outputs:
version:
description: 'The version of the release'
value: ${{ jobs.select_version.outputs.version }}
permissions:
contents: write
id-token: write
packages: write
jobs:
release_app:
name: Release
if: ${{ inputs.app-changed }}
secrets: inherit
uses: ./.github/workflows/release-app.yml
with:
publish-envs: ${{ inputs.publish-envs }}
image-name: ${{ inputs.image-name }}
aws-region: ${{ inputs.aws-region }}
run-label: ${{ inputs.run-label }}
get_deployed_version:
name: Lookup Version
if: ${{ !inputs.app-changed }}
secrets: inherit
uses: ./.github/workflows/release-get_deployed_version.yml
with:
task-definition-name: ${{ inputs.task-definition-name }}
container-name: ${{ inputs.container-name }}
task-name: ${{ inputs.task-name }}
task-name-stage: ${{ inputs.task-name-stage }}
aws-region: ${{ inputs.aws-region }}
aws-role-arn: ${{ inputs.aws-role-arn }}
run-label: ${{ inputs.run-label }}
select_version:
name: Select Version
needs: [ release_app, get_deployed_version ]
if: ${{ always() && !cancelled() && !failure() }}
runs-on: ${{ inputs.run-label }}
steps:
- name: Select target version
id: select_version
run: |
if [ "${{ inputs.app-changed }}" == "true" ]; then
echo "version=${{ needs.release_app.outputs.version }}" >> "$GITHUB_OUTPUT"
else
echo "version=${{ needs.get_deployed_version.outputs.version }}" >> "$GITHUB_OUTPUT"
fi
outputs:
version: ${{ steps.select_version.outputs.version }}