-
Notifications
You must be signed in to change notification settings - Fork 12
94 lines (82 loc) · 2.7 KB
/
prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: Deploy Production
on:
release:
types:
- published
workflow_dispatch:
env:
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
jobs:
deploy-prod:
name: deploy-prod
runs-on: ubuntu-latest
timeout-minutes: 60
concurrency:
group: ${{ github.ref }}/deploy-prod
permissions:
id-token: write
contents: read
steps:
- name: checkout
uses: actions/checkout@v4
- name: install nodejs v20
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'npm'
cache-dependency-path: 'cdk/package-lock.json'
- name: install cdk npm packages and verify installation
working-directory: cdk
run: |
npm ci
npx cdk doctor
- name: configure environment
shell: bash
run: |
# configure docker
cp -f docker/.env.template docker/.env
sed -i.bak -E 's/^(REGISTRY[[:blank:]]*=[[:blank:]]*).*/\1\"'"${REGISTRY}"'\"/' docker/.env
sed -i.bak -E 's/^(REPOSITORY[[:blank:]]*=[[:blank:]]*).*/\1\"'"${REPOSITORY}"'\"/' docker/.env
env:
REGISTRY: ${{ secrets.REGISTRY }}
REPOSITORY: ${{ secrets.REPOSITORY }}
- name: configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE }}
role-session-name: github-actions
aws-region: eu-west-1
- name: build cdk project
working-directory: cdk
run: |
npm run build
- name: synthesize cdk stacks
working-directory: cdk
run: |
npx cdk synth *-prod --quiet >/dev/null 2>&1
- name: deploy cdk stacks
working-directory: cdk
run: |
npx cdk deploy *-prod --require-approval=never >/dev/null 2>&1
- name: Notify Zulip
uses: zulip/github-actions-zulip/send-message@v1
with:
api-key: ${{ secrets.ZULIP_API_KEY }}
email: '[email protected]'
organization-url: 'https://turina.dvv.fi'
to: 'avoindata.fi'
type: 'stream'
topic: 'Production Deployments'
content: 'Production deployment succeeded! (${{ github.event.head_commit.message }})'
- name: Notify Zulip on error
if: failure()
uses: zulip/github-actions-zulip/send-message@v1
with:
api-key: ${{ secrets.ZULIP_API_KEY }}
email: '[email protected]'
organization-url: 'https://turina.dvv.fi'
to: 'avoindata.fi'
type: 'stream'
topic: 'Production Deployments'
content: 'Production deployment failed! (${{ github.event.head_commit.message }})'