From 411c9246f0c98abe12821174f09dbe2e950424a1 Mon Sep 17 00:00:00 2001
From: Marcus Aspin <maspin@unilink.com>
Date: Wed, 29 May 2024 13:46:17 +0100
Subject: [PATCH] DST-17030 Deploy UMT task definitions

---
 .github/workflows/build.yml  |  2 +-
 .github/workflows/deploy.yml | 37 ++++++++++++++++++
 task-definition.json         | 72 ++++++++++++++++++++++++++++++++++++
 3 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/deploy.yml
 create mode 100644 task-definition.json

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index dc26cbf3..29571ecf 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -55,7 +55,7 @@ jobs:
         uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: arn:aws:iam::326912278139:role/modernisation-platform-oidc-cicd
-          role-session-name: delius-user-management-${{ github.run_number }}
+          role-session-name: delius-user-management-build-${{ github.run_number }}
           aws-region: eu-west-2
 
       - name: Login to Amazon ECR
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 00000000..d8fcd024
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,37 @@
+name: Deploy
+
+on: push
+
+permissions:
+  id-token: write # Required for OIDC
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::326912278139:role/modernisation-platform-oidc-cicd
+          role-session-name: delius-user-management-deploy-${{ github.run_number }}
+          aws-region: eu-west-2
+
+      - name: Fill in the new image ID in the Amazon ECS task definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@c804dfbdd57f713b6c079302a4c01db7017a36fc
+        with:
+          task-definition: task-definition.json
+          container-name: umt
+          image: 374269020027.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management:dev
+
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a
+        with:
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: umt
+          cluster: delius-core-dev-cluster
+          wait-for-service-stability: true
\ No newline at end of file
diff --git a/task-definition.json b/task-definition.json
new file mode 100644
index 00000000..5cc81e01
--- /dev/null
+++ b/task-definition.json
@@ -0,0 +1,72 @@
+{
+  "family": "umt",
+  "containerDefinitions": [
+    {
+      "name": "umt",
+      "image": "374269020027.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management:0.0.0",
+      "cpu": 1024,
+      "memory": 4096,
+      "portMappings": [
+        {
+          "containerPort": 8080,
+          "hostPort": 8080,
+          "protocol": "tcp"
+        }
+      ],
+      "essential": true,
+      "environment": [
+      ],
+      "mountPoints": [],
+      "volumesFrom": [],
+      "secrets": [],
+      "readonlyRootFilesystem": false,
+      "logConfiguration": {
+        "logDriver": "awslogs",
+        "options": {
+          "awslogs-group": "dev-umt",
+          "awslogs-region": "eu-west-2",
+          "awslogs-stream-prefix": "dev-umt"
+        }
+      },
+      "systemControls": []
+    }
+  ],
+  "taskRoleArn": "arn:aws:iam::326912278139:role/dev-umt-ecs-task",
+  "executionRoleArn": "arn:aws:iam::326912278139:role/dev-umt-ecs-task-exec",
+  "networkMode": "awsvpc",
+  "cpu": "1024",
+  "memory": "4096",
+  "ephemeralStorage": {
+    "sizeInGiB": 30
+  },
+  "tags": [
+    {
+      "key": "owner",
+      "value": "probation-webops@digital.justice.gov.uk"
+    },
+    {
+      "key": "environment-name",
+      "value": "delius-core-development"
+    },
+    {
+      "key": "source-code",
+      "value": "https://github.com/ministryofjustice/modernisation-platform-environments"
+    },
+    {
+      "key": "application",
+      "value": "delius"
+    },
+    {
+      "key": "is-production",
+      "value": "false"
+    },
+    {
+      "key": "business-unit",
+      "value": "HMPPS"
+    },
+    {
+      "key": "infrastructure-support",
+      "value": "probation-webops@digital.justice.gov.uk"
+    }
+  ]
+}
\ No newline at end of file