Deploy to dev on merge to main (#12)

* Deploy to dev on merge to main Also splits out `generate-tag` into a reusable workflow rather than duplicating between the two workflows. #minor * Use GITHUB_REF rather than GITHUB_EVENT_NAME This is a more reliable way of detecting main-pushes (e.g. it allows workflow dispatch to work) #patch
ministryofjustice · Oct 24, 2023 · 3a62ad2 · 3a62ad2
1 parent c6d3804
commit 3a62ad2
Show file tree

Hide file tree

Showing 3 changed files with 104 additions and 36 deletions.
diff --git a/.github/workflows/generate-tag.yml b/.github/workflows/generate-tag.yml
@@ -0,0 +1,40 @@
+name: "[Job] Generate tag"
+
+on:
+  workflow_call:
+    outputs:
+      tag:
+        description: "Semver tag of this commit/deployment"
+        value: ${{ jobs.generate_tag.outputs.tag }}
+
+jobs:
+  generate_tag:
+    runs-on: ubuntu-latest
+    outputs:
+      tag: ${{ steps.bump_version.outputs.tag }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: "0"
+      - name: Extract branch name
+        run: |
+          if [ "$GITHUB_REF" == "refs/heads/main" ]; then
+            echo BRANCH_NAME=main >> $GITHUB_ENV
+          else
+            branch=${{ github.head_ref }}
+            branch=${branch//-}
+            branch=${branch//_}
+            branch=${branch//\/}
+            echo BRANCH_NAME=${branch} >> $GITHUB_ENV
+          fi
+      - name: Bump version
+        id: bump_version
+        uses: anothrNick/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          INITIAL_VERSION: 0.0.0
+          DEFAULT_BUMP: minor
+          PRERELEASE: true
+          PRERELEASE_SUFFIX: ${{ env.BRANCH_NAME }}
+          RELEASE_BRANCHES: main
+          WITH_V: true
diff --git a/.github/workflows/workflow-main.yml b/.github/workflows/workflow-main.yml
@@ -0,0 +1,57 @@
+name: Main pipeline Workflow
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  generate-tag:
+    name: Generate tag
+    uses: ./.github/workflows/generate-tag.yml
+
+  build:
+    name: Build, Scan & Push Images
+    needs: [generate-tag]
+    uses: ./.github/workflows/build-push-images.yml
+    with:
+      docker_tag: ${{ needs.generate-tag.outputs.tag }}
+    secrets:
+      aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+  deploy-dev-account:
+    name: TF Deploy Dev Account
+    uses: ./.github/workflows/account-deploy.yml
+    with:
+      workspace_name: development
+    secrets:
+      aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+  deploy-dev-env:
+    name: Deploy Development Environment
+    needs: [build, generate-tag]
+    uses: ./.github/workflows/env-deploy.yml
+    with:
+      workspace_name: development
+      version_tag: ${{ needs.generate-tag.outputs.tag }}
+    secrets:
+      aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      github_access_token: ${{ secrets.GITHUB_TOKEN }}
+
+  test-dev-env:
+    name: Test Development Environment
+    needs: [deploy-dev-env]
+    uses: ./.github/workflows/env-test.yml
+    with:
+      base_url: ${{ needs.deploy-dev-env.outputs.base_url }}
+    secrets:
+      aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
diff --git a/.github/workflows/workflow-pr.yml b/.github/workflows/workflow-pr.yml
@@ -11,38 +11,9 @@ defaults:
     shell: bash
 
 jobs:
-  generate-tags:
-    name: Generate tags
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: "0"
-      - name: Extract branch name
-        id: extract_branch
-        run: |
-          if [ "$GITHUB_EVENT_NAME" == "push" ]; then
-            echo BRANCH_NAME=main >> $GITHUB_ENV
-          else
-            branch=${{ github.head_ref }}
-            branch=${branch//-}
-            branch=${branch//_}
-            branch=${branch//\/}
-            echo BRANCH_NAME=${branch} >> $GITHUB_ENV
-          fi
-      - name: Bump version
-        id: bump_version
-        uses: anothrNick/[email protected]
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          INITIAL_VERSION: 0.0.0
-          DEFAULT_BUMP: minor
-          PRERELEASE: true
-          PRERELEASE_SUFFIX: ${{ env.BRANCH_NAME }}
-          RELEASE_BRANCHES: main
-          WITH_V: true
-    outputs:
-      docker_tag: ${{ steps.bump_version.outputs.tag }}
+  generate-tag:
+    name: Generate tag
+    uses: ./.github/workflows/generate-tag.yml
 
   generate-environment-workspace-name:
     runs-on: ubuntu-latest
@@ -63,10 +34,10 @@ jobs:
 
   build:
     name: Build, Scan & Push Images
-    needs: [generate-tags]
+    needs: [generate-tag]
     uses: ./.github/workflows/build-push-images.yml
     with:
-      docker_tag: ${{ needs.generate-tags.outputs.docker_tag }}
+      docker_tag: ${{ needs.generate-tag.outputs.tag }}
     secrets:
       aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
       aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -82,11 +53,11 @@ jobs:
 
   deploy-pr-env:
     name: Deploy PR Environment
-    needs: [build, generate-tags, generate-environment-workspace-name]
+    needs: [build, generate-tag, generate-environment-workspace-name]
     uses: ./.github/workflows/env-deploy.yml
     with:
       workspace_name: ${{ needs.generate-environment-workspace-name.outputs.environment_workspace_name }}
-      version_tag: ${{ needs.generate-tags.outputs.docker_tag }}
+      version_tag: ${{ needs.generate-tag.outputs.tag }}
     secrets:
       aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
       aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}