From 3c0be9f3b93e987510cabd5018fc482fa7cfbf39 Mon Sep 17 00:00:00 2001
From: Martin Peck <martin@meedan.com>
Date: Thu, 21 Mar 2024 12:34:07 -0700
Subject: [PATCH] Build and deploy batch jobs via Terraform.

---
 .github/workflows/ci-push-image.yml | 76 +++++++++++++++++++++++++----
 1 file changed, 66 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/ci-push-image.yml b/.github/workflows/ci-push-image.yml
index cdef348f27..b46ee13edc 100644
--- a/.github/workflows/ci-push-image.yml
+++ b/.github/workflows/ci-push-image.yml
@@ -1,10 +1,11 @@
-name: Build and Push To ECR
+name: Build and Deploy
 
 on:
   push:
-    branches-ignore:
-      - 'develop'
+    branches:
       - 'master'
+    tags:
+      - 'v*'
 
 permissions:
   id-token: write
@@ -30,7 +31,7 @@ jobs:
       uses: aws-actions/amazon-ecr-login@v1
 
     - name: Set up Docker Buildx
-      uses: crazy-max/ghaction-docker-buildx@v3
+      uses: docker/setup-buildx-action@v1
 
     - name: Cache Docker layers
       uses: actions/cache@v2
@@ -41,7 +42,23 @@ jobs:
         restore-keys: |
           ${{ runner.os }}-buildx-
 
-    - name: Docker Buildx (+ push)
+    - name: Docker Buildx (build)
+      id: build-image
+      env:
+        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        ECR_REPOSITORY: ${{ github.event.repository.name }}
+        IMAGE_TAG: ${{ github.sha }}
+      run: |
+        docker buildx build \
+          --cache-from "type=local,src=/tmp/.buildx-cache" \
+          --cache-to "type=local,dest=/tmp/.buildx-cache-new" \
+          --platform "linux/amd64" \
+          --load \
+          --tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
+          --file ./production/Dockerfile ./
+        echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
+
+    - name: Docker Buildx (push)
       id: push-image-to-ecr
       env:
         ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
@@ -49,19 +66,58 @@ jobs:
         IMAGE_TAG: ${{ github.sha }}
       run: |
         BRANCH=$(echo "${GITHUB_REF#refs/*/}" | sed 's/.*\///')
-        # push with git sha and branch
-        echo "Pushing to $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
+        # push with git sha
         docker buildx build \
           --cache-from "type=local,src=/tmp/.buildx-cache" \
-          --cache-to "type=local,dest=/tmp/.buildx-cache-new" \
-          --platform "linux/amd64,linux/arm64" \
           --output "type=image,push=true" \
           --tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
-          --tag $ECR_REGISTRY/$ECR_REPOSITORY:$BRANCH \
           --file ./Dockerfile ./
+        # push docker tag to indicate branch
+        docker buildx build \
+          --cache-from "type=local,src=/tmp/.buildx-cache" \
+          --output "type=image,push=true" \
+          --tag $ECR_REGISTRY/$ECR_REPOSITORY:$BRANCH \
+          --file ./production/Dockerfile ./
+
+    - name: Kick off Terraform deploy in sysops/
+      id: sysops-deploy-batch-qa
+      if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/develop')
+      run: |
+        curl \
+          -X POST \
+          -H "Accept: application/vnd.github+json" \
+          -H "Authorization: Bearer ${{ secrets.SYSOPS_RW_GITHUB_TOKEN }}" \
+          -H "X-GitHub-Api-Version: 2022-11-28" \
+          https://api.github.com/repos/meedan/sysops/actions/workflows/deploy_check_batch.yml/dispatches \
+          -d '{"ref": "master", "inputs": {"git_sha": "${{ github.sha }}", "type": "develop"}}'
+
+    - name: Kick off Terraform deploy in sysops/
+      id: sysops-deploy-batch-live
+      if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/master')
+      run: |
+        curl \
+          -X POST \
+          -H "Accept: application/vnd.github+json" \
+          -H "Authorization: Bearer ${{ secrets.SYSOPS_RW_GITHUB_TOKEN }}" \
+          -H "X-GitHub-Api-Version: 2022-11-28" \
+          https://api.github.com/repos/meedan/sysops/actions/workflows/deploy_check_batch.yml/dispatches \
+          -d '{"ref": "master", "inputs": {"git_sha": "${{ github.sha }}", "type": "push"}}'
+
+    - name: Kick off Terraform deploy in sysops/
+      id: sysops-deploy-batch-tag-unimplemented
+      if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
+      run: |
+        curl \
+          -X POST \
+          -H "Accept: application/vnd.github+json" \
+          -H "Authorization: Bearer ${{ secrets.SYSOPS_RW_GITHUB_TOKEN }}" \
+          -H "X-GitHub-Api-Version: 2022-11-28" \
+          https://api.github.com/repos/meedan/sysops/actions/workflows/deploy_check_batch.yml/dispatches \
+          -d '{"ref": "master", "inputs": {"git_sha": "${{ github.sha }}", "type": "tag"}}'
 
     - name: Reset cache
       id: reset-cache
+      if: ${{ success() || failure() }}
       run: |
         rm -rf /tmp/.buildx-cache
         mv /tmp/.buildx-cache-new /tmp/.buildx-cache