Skip to content

Commit

Permalink
Remove legacy non prod jobs
Browse files Browse the repository at this point in the history
  • Loading branch information
@vipin-dfe
vipin-dfe committed Nov 27, 2024
1 parent 4d1a3bb commit 18c06de
Showing 1 changed file with 17 additions and 78 deletions.
95 changes: 17 additions & 78 deletions .github/workflows/build-and-deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,11 @@ on:
- reopened
- opened
- converted_to_draft
workflow_dispatch:
inputs:
environment:
required: true
type: choice
options:
- dev
- test
- preprod
- prod

jobs:
build_image:
name: Image build and push
if: contains(github.event.pull_request.labels.*.name, 'deploy') || contains(github.event.pull_request.labels.*.name, 'deploy-aks') || github.event_name != 'pull_request'
if: contains(github.event.pull_request.labels.*.name, 'deploy-aks') || github.event_name != 'pull_request'
runs-on: ubuntu-latest
outputs:
image_name_tag: ${{ steps.build_image.outputs.ghcr_image_name_tag }}
Expand Down Expand Up @@ -85,6 +75,8 @@ jobs:
environment:
name: ${{ matrix.environment }}
url: ${{ steps.deploy.outputs.environment_url }}
outputs:
environment_name: ${{ matrix.environment }}

steps:
- uses: actions/checkout@v4
Expand All @@ -97,60 +89,12 @@ jobs:
image-tag: ${{ github.sha }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}

set_matrix:
name: Set deployment matrix
runs-on: ubuntu-latest
needs: [build_image]
outputs:
deployment_matrix: ${{ steps.set-matrix.outputs.deployment_matrix }}
steps:
- id: set-matrix
run: |
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
DEPLOYMENT_MATRIX="{ 'environment': ['${{ github.event.inputs.environment }}'] }"
else
DEPLOYMENT_MATRIX="{ 'environment': ['preprod'] }"
fi
echo "deployment_matrix=$DEPLOYMENT_MATRIX" >> $GITHUB_OUTPUT
deploy_non_prod:
name: Deploy to ${{ matrix.environment }} environment
runs-on: ubuntu-latest
if: (github.ref == 'refs/heads/main' && github.event_name == 'push') || github.event_name == 'workflow_dispatch'
concurrency: deploy_${{ matrix.environment }}
needs: [build_image, set_matrix]
strategy:
fail-fast: false # this is necessary to prevent early terminiation of terraform deployments that will result in tfstate locks
max-parallel: 3
matrix: ${{ fromJson(needs.set_matrix.outputs.deployment_matrix) }}
environment:
name: ${{ matrix.environment }}
url: ${{ steps.deploy.outputs.environment_url }}

steps:
- uses: actions/checkout@v4

- uses: ./.github/actions/deploy-environment
id: deploy
with:
environment_name: ${{ matrix.environment }}
image_name_tag: ${{ needs.build_image.outputs.image_name_tag }}
image_tag: ${{ github.sha }}
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}

- uses: ./.github/actions/smoke-test
id: smoke-test
with:
environment: ${{ matrix.environment }}
azure_credentials: ${{ secrets.AZURE_CREDENTIALS }}
url: ${{ steps.deploy.outputs.environment_url }}

deploy_prod:
name: Deploy to production environment
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
concurrency: deploy_prod
needs: [build_image, deploy_non_prod]
needs: [build_image, deploy_aks]
environment:
name: production
url: ${{ steps.deploy.outputs.environment_url }}
Expand All @@ -169,10 +113,10 @@ jobs:
notify_slack_of_failures:
name: Notify Slack of failures
runs-on: ubuntu-latest
needs: [build_image, deploy_review_app_aks, set_matrix, deploy_non_prod, deploy_prod]
environment: ${{ needs.deploy_nonprod.outputs.environment_name || 'dev' }}
needs: [build_image, deploy_review_app_aks, deploy_aks, deploy_prod]
environment: aks-test
env:
ENVIRONMENT_NAME: ${{ needs.deploy_nonprod.outputs.environment_name || 'dev' }}
ENVIRONMENT_NAME: ${{ needs.deploy_aks.outputs.environment_name || 'dev' }}
if: failure()
steps:
- uses: actions/checkout@v4
Expand All @@ -188,41 +132,36 @@ jobs:
then
job=deploy_review_app_aks
review=true
elif ${{ needs.set_matrix.result == 'failure' }}
then
job=set_matrix
elif ${{ needs.deploy_non_prod.result == 'failure' }}
elif ${{ needs.deploy_aks.result == 'failure' }}
then
job=deploy_non_prod
job=deploy_aks
elif ${{ needs.deploy_prod.result == 'failure' }}
then
job=deploy_prod
fi
tf_vars_file=workspace_variables/${{ env.ENVIRONMENT_NAME }}.tfvars.json
echo "KEY_VAULT_NAME=$(jq -r '.key_vault_name' ${tf_vars_file})" >> $GITHUB_ENV
echo "JOB=${job}" >> $GITHUB_ENV
echo "REVIEW=${review}" >> $GITHUB_ENV
- uses: Azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}

- uses: DfE-Digital/keyvault-yaml-secret@v1
id: get_monitoring_secret
- name: Fetch secrets from key vault
uses: azure/CLI@v2
id: key-vault-secrets
with:
keyvault: ${{ env.KEY_VAULT_NAME }}
secret: MONITORING
key: SLACK_WEBHOOK
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
inlineScript: |
SLACK_WEBHOOK=$(az keyvault secret show --name "SLACK-WEBHOOK" --vault-name s189t01-rsm-ts-inf-kv --query "value" -o tsv)
echo "::add-mask::$SLACK_WEBHOOK"
echo "SLACK_WEBHOOK=$SLACK_WEBHOOK" >> $GITHUB_OUTPUT
- name: Notify Slack channel on job failure
uses: rtCamp/action-slack-notify@v2
env:
SLACK_USERNAME: CI Deployment
SLACK_TITLE: Deployment of refer-serious-misconduct ${{ env.REVIEW && 'review' }} failed
SLACK_MESSAGE: Job ${{ env.JOB }} failed
SLACK_WEBHOOK: ${{ steps.get_monitoring_secret.outputs.SLACK_WEBHOOK }}
SLACK_WEBHOOK: ${{ steps.key-vault-secrets.outputs.SLACK_WEBHOOK }}
SLACK_COLOR: failure
SLACK_FOOTER: Sent from Build and Deploy workflow

0 comments on commit 18c06de

Please sign in to comment.