Skip to content

Commit

Permalink
ci: use correct reusable workflow branch
Browse files Browse the repository at this point in the history
  • Loading branch information
duje-begonja-rdx committed May 24, 2024
1 parent ece1729 commit bf66d96
Showing 1 changed file with 23 additions and 43 deletions.
66 changes: 23 additions & 43 deletions .github/workflows/connect-button-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ jobs:
contents: read
needs:
- build_push_container
uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/jenkins-deployment.yml@DO-2133-reusable-trigger-jenkins-action
uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/jenkins-deployment.yml@main
with:
jenkins_job_name: "kubernetes-deployments/job/connect-button"
application_name: "connect-button"
Expand All @@ -87,11 +87,12 @@ jobs:
contents: read
needs:
- build_push_container
uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/jenkins-deployment.yml@DO-2133-reusable-trigger-jenkins-action
uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/jenkins-deployment.yml@main
with:
github_environment: "dev"
jenkins_job_name: "kubernetes-deployments/job/connect-button"
application_name: "connect-button"
kubernetes_namespace: "connect-button"
kubernetes_namespace: "connect-button-dev"
aws_eks_cluster: "rdx-works-main-dev"
aws_iam_role_name: "jenkins-connect-button-dev-deployer"
helmfile_environment: "dev"
Expand All @@ -104,49 +105,28 @@ jobs:
deploy_prod:
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
name: Deploy PROD
runs-on: ubuntu-latest
needs:
- build_push_container
permissions:
id-token: write
deployments: write
packages: write
pull-requests: write
contents: read
pull-requests: read
steps:
- uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
with:
role_name: 'arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/gh-common-secrets-read-access'
app_name: 'connect-button'
step_name: 'deploy-prod'
secret_prefix: 'GH'
secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/common/jenkins-credentials-RTHKoO'
parse_json: true
- name: Connect to tailnet
uses: radixdlt/public-iac-resuable-artifacts/tailnet@main
with:
role_name: "arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/gh-common-secrets-read-access"
region: "eu-west-2"
secret_name: "arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/common/tailscale-public-workflows-DpiE80"
- name: Trigger jenkins job to deploy DEV
uses: RDXWorks-actions/jenkins-job-trigger-action@master
with:
jenkins_url: ${{ env.GH_JENKINS_URL }}
jenkins_user: ${{ env.GH_JENKINS_USER }}
jenkins_token: ${{ env.GH_JENKINS_API_TOKEN }}
job_name: ${{ env.jenkins_job_name }}
job_params: |
{
"git_repo" : "${{ github.repository }}",
"git_branch" : "${{ github.head_ref }}",
"helmfile_environment": "prod",
"namespace" : "connect-button-prod",
"aws_region" : "eu-west-2",
"aws_iam_role": "arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/jenkins-connect-button-prod-deployer",
"aws_eks_cluster" : "${{ env.dev_eks_cluster }}",
"helm_folder" : "${{ env.helm_dir }}",
"helmfile_extra_vars" : "ci.tag=${{ fromJSON(needs.build_push_container.outputs.json).labels['org.opencontainers.image.version'] }}"
}
job_timeout: "3600"
fetch_logs: "false"
needs:
- build_push_container
uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/jenkins-deployment.yml@main
with:
github_environment: "prod"
jenkins_job_name: "kubernetes-deployments/job/connect-button"
application_name: "connect-button"
kubernetes_namespace: "connect-button-prod"
aws_eks_cluster: "rdx-works-main-dev"
aws_iam_role_name: "jenkins-connect-button-prod-deployer"
helmfile_environment: "prod"
helm_dir: "deploy/helm/connect-button"
helmfile_extra_vars: "ci.tag=${{ fromJSON(needs.build_push_container.outputs.json).labels['org.opencontainers.image.version'] }}"
secrets:
aws_deployment_account_id: ${{ secrets.AWS_DEV_ACCOUNT_ID }}
secrets_account_id: ${{ secrets.SECRETS_ACCOUNT_ID }}

snyk_container_monitor:
runs-on: ubuntu-latest
Expand Down

0 comments on commit bf66d96

Please sign in to comment.