-
Notifications
You must be signed in to change notification settings - Fork 0
123 lines (120 loc) · 3.9 KB
/
deployDev.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: Deploy Dev
on:
workflow_dispatch:
env:
DEPLOY_ENV: dev
NODE_VERSION: 14
concurrency:
group: dev-deploy
jobs:
build-docker:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./backend
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to ACR
run: docker login ${{ secrets.ACR_REPO_URL }} -u ${{ secrets.ACR_ADMIN_USERNAME }} -p ${{ secrets.ACR_ADMIN_PASWORD }}
- name: Build and push Docker images
run: ./build_and_push.sh
prerelease-backend:
runs-on: ubuntu-latest
needs: build-docker
defaults:
run:
working-directory: ./ops
env: # all Azure interaction is through Terraform
ARM_CLIENT_ID: ${{ secrets.TERRAFORM_ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.TERRAFORM_ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.TERRAFORM_ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.TERRAFORM_ARM_TENANT_ID }}
OKTA_API_TOKEN: ${{ secrets.OKTA_API_TOKEN_NONPROD }}
steps:
- uses: actions/checkout@v3
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: hashicorp/setup-terraform@v1
with:
terraform_version: 1.1.4
- name: Build ReportStream function app
uses: ./.github/actions/build-reportstream-functions
with:
deploy-env: ${{env.DEPLOY_ENV}}
- name: Terraform Init
run: make init-${{ env.DEPLOY_ENV }}
- name: Terraform deploy (infrastructure and staging slot)
run: make deploy-${{ env.DEPLOY_ENV }}
- name: Wait for correct commit to be deployed in staging slot
timeout-minutes: 5
run: make wait-for-${{ env.DEPLOY_ENV }}-slot-commit
- name: Wait for staging deploy to be ready
timeout-minutes: 1
run: make wait-for-${{ env.DEPLOY_ENV }}-slot-readiness
build-frontend:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/[email protected]
with:
node-version: ${{env.NODE_VERSION}}
- name: Use cache for node_modules
uses: actions/cache@v2
with:
path: |
./frontend/node_modules
key: npm-${{env.NODE_VERSION}}-${{ hashFiles('frontend/yarn.lock', 'frontend/package.json') }}
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- uses: ./.github/actions/build-frontend
name: Build front-end application
with:
deploy-env: ${{env.DEPLOY_ENV}}
smarty-streets-key: ${{ secrets.SMARTY_STREETS_KEY }}
client-tarball: ./client.tgz
okta-enabled: true
okta-url: https://hhs-prime.oktapreview.com
okta-client-id: 0oa1khbp5n2wTfe281d7
- name: Save compiled frontend application
uses: actions/upload-artifact@v2
if: success()
with:
name: frontend-tarball
path: client.tgz
retention-days: 1
deploy:
runs-on: ubuntu-latest
environment:
name: Dev
url: https://dev.simplereport.gov
needs: [build-frontend, prerelease-backend]
steps:
- uses: actions/checkout@v3
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Retrieve frontend build
uses: actions/download-artifact@v2
with:
name: frontend-tarball
- name: Promote and deploy
uses: ./.github/actions/deploy-application
with:
client-tarball: client.tgz
deploy-env: ${{env.DEPLOY_ENV}}
verify-release:
runs-on: ubuntu-latest
needs: [deploy]
defaults:
run:
working-directory: ./ops
steps:
- uses: actions/checkout@v3
- name: Run health checks
uses: ./.github/actions/health-checks
with:
deploy-env: ${{env.DEPLOY_ENV}}