Skip to content

prod

prod #1415

name: Deploy Happy
on: deployment
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services
permissions:
id-token: write
contents: read
deployments: write
env:
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
DOCKER_REPO: ${{ secrets.ECR_REPO }}/
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
jobs:
upgrade:
runs-on: ubuntu-20.04
steps:
- uses: act10ns/slack@v1
with:
status: starting
if: github.event.deployment.environment == 'prod'
- name: Configure AWS Prod Credentials
uses: aws-actions/configure-aws-credentials@v2
if: github.event.deployment.environment == 'prod'
with:
role-session-name: DeployProdStack
aws-region: us-west-2
role-to-assume: ${{ secrets.AWS_PROD_ROLE_TO_ASSUME }}
role-duration-seconds: 2000
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
if: github.event.deployment.environment != 'prod'
with:
role-session-name: DeployNonProdStack
aws-region: us-west-2
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-duration-seconds: 2000
- uses: actions/checkout@v2
with:
ref: ${{ github.event.deployment.sha }}
- name: Install happy dependencies
run: |
pip install -r .happy/requirements.txt
- uses: avakar/set-deployment-status@v1
with:
state: in_progress
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Update deployment
uses: chanzuckerberg/github-actions/.github/actions/deploy-happy-stack@deploy-happy-stack-v1.7.0
with:
tfe-token: ${{ secrets.TFE_TOKEN }}
stack-name: ge${{ github.event.deployment.environment }}stack
happy_version: "0.41.3"
create-tag: "false"
tag: ${{ github.event.deployment.payload.tag }}
env: ${{ github.event.deployment.environment }}
- name: Run integration tests
env:
TFE_TOKEN: ${{ secrets.TFE_TOKEN }}
DEPLOYMENT_STAGE: ${{ github.event.deployment.environment }}
if: github.event.deployment.environment != 'prod'
run: |
echo "DOCKER_REPO=${DOCKER_REPO}" > .env.ecr
echo "TODO - run functional tests against staging!"
### Need to write success failure way because Github API doesn't allow doing
### "if: always(), state: ${{ success() }}:
- name: Set deployment status to success if no errors
uses: avakar/set-deployment-status@v1
with:
state: success
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: act10ns/slack@v1
with:
status: ${{ job.status }}
steps: ${{ toJson(steps) }}
if: github.event.deployment.environment == 'prod' || failure()
- name: Set deployment status to failure if errors
uses: avakar/set-deployment-status@v1
if: failure()
with:
state: failure
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}