Skip to content
deploy to environments

deploy to environments #505

Sign in to view logs

deploy to environments

deploy to environments #505

Workflow file for this run

.github/workflows/release.yml at e69368e
name: deploy to environments
on:
workflow_dispatch:
env:
BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }}
jobs:
get_config_values:
runs-on: ubuntu-22.04
outputs:
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
devcontainer_image: ${{ steps.load-config.outputs.DEVCONTAINER_IMAGE }}
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
- name: Load config value
id: load-config
run: |
TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
DEVCONTAINER_IMAGE=$(jq -r '.build.args.IMAGE_NAME' .devcontainer/devcontainer.json)
DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
{
echo "TAG_FORMAT=$TAG_FORMAT"
echo "DEVCONTAINER_IMAGE=$DEVCONTAINER_IMAGE"
echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION"
} >> "$GITHUB_OUTPUT"
quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@36677e1d6bfaa010d7b78942a1ade12fbefecb80
needs: [get_config_values]
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
package_code:
uses: ./.github/workflows/sam_package_code.yml
needs: get_config_values
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
package_cdk_code:
uses: ./.github/workflows/cdk_package_code.yml
needs: get_config_values
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
get_commit_id:
runs-on: ubuntu-22.04
outputs:
commit_id: ${{ steps.commit_id.outputs.commit_id }}
steps:
- name: Get Commit ID
id: commit_id
run: |
echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
tag_release:
needs: [quality_checks, package_code, package_cdk_code, get_commit_id, get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@36677e1d6bfaa010d7b78942a1ade12fbefecb80
with:
dry_run: false
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
branch_name: main
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
verify_published_from_main_image: true
secrets: inherit
deploy_dev_stacks:
needs: [get_commit_id, package_code, package_cdk_code, tag_release, get_config_values]
uses: ./.github/workflows/release_all_stacks.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
target_environment: dev
version: ${{ needs.tag_release.outputs.version_tag }}
change_set_version: ${{ needs.tag_release.outputs.change_set_version }}
execute_change_set: true
lambda_stack_suffix: ""
artifact_bucket_prefix: ${{needs.tag_release.outputs.version_tag}}
version_number: ${{needs.tag_release.outputs.version_tag}}
commit_id: ${{ needs.get_commit_id.outputs.commit_id }}
lambda_insights_log_group_name: /aws/lambda-insights
deploy_artillery: true
deploy_drift_detection: true
is_pull_request: false
secrets:
cf_create_changeset_role: ${{ secrets.DEV_CLOUD_FORMATION_CREATE_CHANGESET_ROLE }}
cf_deploy_role: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
create_release_notes_post_dev:
needs: [tag_release, deploy_dev_stacks]
uses: ./.github/workflows/create_confluence_release_notes.yml
with:
VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }}
CREATE_INT_RELEASE_NOTES: true
CREATE_INT_RC_RELEASE_NOTES: false
CREATE_PROD_RELEASE_NOTES: true
MARK_JIRA_RELEASED: false
secrets:
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
deploy_ref_stacks:
needs:
[
get_commit_id,
package_code,
package_cdk_code,
tag_release,
deploy_dev_stacks,
get_config_values,
]
uses: ./.github/workflows/release_all_stacks.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
target_environment: ref
version: ${{ needs.tag_release.outputs.version_tag }}
change_set_version: ${{ needs.tag_release.outputs.change_set_version }}
execute_change_set: true
lambda_stack_suffix: ""
artifact_bucket_prefix: ${{needs.tag_release.outputs.version_tag}}
version_number: ${{needs.tag_release.outputs.version_tag}}
commit_id: ${{ needs.get_commit_id.outputs.commit_id }}
lambda_insights_log_group_name: /aws/lambda-insights
deploy_artillery: true
deploy_drift_detection: true
is_pull_request: false
secrets:
cf_create_changeset_role: ${{ secrets.REF_CLOUD_FORMATION_CREATE_CHANGESET_ROLE }}
cf_deploy_role: ${{ secrets.REF_CLOUD_FORMATION_DEPLOY_ROLE }}
deploy_qa_stacks:
needs:
[
get_commit_id,
package_code,
package_cdk_code,
tag_release,
deploy_dev_stacks,
get_config_values,
]
uses: ./.github/workflows/release_all_stacks.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
target_environment: qa
version: ${{ needs.tag_release.outputs.version_tag }}
change_set_version: ${{ needs.tag_release.outputs.change_set_version }}
execute_change_set: true
lambda_stack_suffix: ""
artifact_bucket_prefix: ${{needs.tag_release.outputs.version_tag}}
version_number: ${{needs.tag_release.outputs.version_tag}}
commit_id: ${{ needs.get_commit_id.outputs.commit_id }}
lambda_insights_log_group_name: /aws/lambda-insights
deploy_artillery: false
deploy_drift_detection: true
is_pull_request: false
secrets:
cf_create_changeset_role: ${{ secrets.QA_CLOUD_FORMATION_CREATE_CHANGESET_ROLE }}
cf_deploy_role: ${{ secrets.QA_CLOUD_FORMATION_DEPLOY_ROLE }}
create_release_notes_pre_int:
needs: [tag_release, deploy_qa_stacks]
uses: ./.github/workflows/create_confluence_release_notes.yml
with:
VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }}
CREATE_INT_RELEASE_NOTES: false
CREATE_INT_RC_RELEASE_NOTES: true
CREATE_PROD_RELEASE_NOTES: false
MARK_JIRA_RELEASED: false
TARGET_ENVIRONMENT: int-ci
secrets:
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
deploy_int_stacks:
needs:
[
get_commit_id,
package_code,
package_cdk_code,
tag_release,
create_release_notes_pre_int,
get_config_values,
]
uses: ./.github/workflows/release_all_stacks.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
target_environment: int
version: ${{ needs.tag_release.outputs.version_tag }}
change_set_version: ${{ needs.tag_release.outputs.change_set_version }}
execute_change_set: true
lambda_stack_suffix: ""
artifact_bucket_prefix: ${{needs.tag_release.outputs.version_tag}}
version_number: ${{needs.tag_release.outputs.version_tag}}
commit_id: ${{ needs.get_commit_id.outputs.commit_id }}
lambda_insights_log_group_name: /aws/lambda-insights
deploy_artillery: false
deploy_drift_detection: true
is_pull_request: false
secrets:
cf_create_changeset_role: ${{ secrets.INT_CLOUD_FORMATION_CREATE_CHANGESET_ROLE }}
cf_deploy_role: ${{ secrets.INT_CLOUD_FORMATION_DEPLOY_ROLE }}
create_release_notes_post_int:
needs: [tag_release, deploy_int_stacks]
uses: ./.github/workflows/create_confluence_release_notes.yml
with:
VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }}
CREATE_INT_RELEASE_NOTES: true
CREATE_INT_RC_RELEASE_NOTES: false
CREATE_PROD_RELEASE_NOTES: false
MARK_JIRA_RELEASED: false
secrets:
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
deploy_prod_stacks:
needs:
[
get_commit_id,
package_code,
package_cdk_code,
tag_release,
deploy_int_stacks,
get_config_values,
]
uses: ./.github/workflows/release_all_stacks.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: true
target_environment: prod
version: ${{ needs.tag_release.outputs.version_tag }}
change_set_version: ${{ needs.tag_release.outputs.change_set_version }}
execute_change_set: true
lambda_stack_suffix: ""
artifact_bucket_prefix: ${{needs.tag_release.outputs.version_tag}}
version_number: ${{needs.tag_release.outputs.version_tag}}
commit_id: ${{ needs.get_commit_id.outputs.commit_id }}
lambda_insights_log_group_name: /aws/lambda-insights
deploy_artillery: false
deploy_drift_detection: true
is_pull_request: false
secrets:
cf_create_changeset_role: ${{ secrets.PROD_CLOUD_FORMATION_CREATE_CHANGESET_ROLE }}
cf_deploy_role: ${{ secrets.PROD_CLOUD_FORMATION_DEPLOY_ROLE }}
create_release_notes_post_prod:
needs: [tag_release, deploy_prod_stacks]
uses: ./.github/workflows/create_confluence_release_notes.yml
with:
VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }}
CREATE_INT_RELEASE_NOTES: false
CREATE_INT_RC_RELEASE_NOTES: false
CREATE_PROD_RELEASE_NOTES: true
MARK_JIRA_RELEASED: true
secrets:
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}