diff --git a/.github/workflows/build-and-deploy-dev.yml b/.github/workflows/build-and-deploy-dev.yml index f80d171b6..faa07470a 100644 --- a/.github/workflows/build-and-deploy-dev.yml +++ b/.github/workflows/build-and-deploy-dev.yml @@ -1,95 +1,21 @@ # This workflow will build a docker image, push it to ghcr.io, and deploy it to an Azure WebApp. -name: Build and Deploy to dev service app +name: Build and Deploy -- DEV -# Update the triggers based on the environment that is being deployed to. -# Triggers for dev deployments: 1) manually triggered, 2) push to branch `master` -# Triggers for prod deployments: 1) manually triggered, 2) release created on: workflow_dispatch: push: branches: [master] -# There are secrets and environment variables that need to be set that control what is pushed to -# ghcr and Azure. -# -# Secrets: -# AZURE_CREDENTIALS: service principal that has access to the Azure WebApp -# AZURE_WEBAPP_PUBLISH_PROFILE_DEV: publish profile for the Azure WebApp NOTE: The name of the secret changes. For dev, it ends in `_DEV`. Production does not have an extension. -# -# Environment Variables: -# APPLICATION_TYPE: type of application that is being deployed; used to add a label to the Docker image (values: api | web | worker) -# AZURE_WEBAPP_NAME: name of the Azure WebApp being deployed -# DEPLOY_ENVIRONMENT: environment that the code is being deployed to; used to add a label to the Docker image (values: dev | prod) -# DEPLOY_DOCKER_TAG: the tag used for deploying a specific Docker image to Azure. For dev, use the `github.sha`. For production, use the SEMVER -# version of the release. Make sure to add this tag to the `DOCKER_TAGS` in the `Build and push Docker image` step. -# DOCKER_IMAGE_NAME: name of the Docker image that is being built and pushed to ghcr.io. - -env: - APPLICATION_TYPE: api - AZURE_WEBAPP_NAME: clearlydefined-api-dev - DEPLOY_ENVIRONMENT: dev - DEPLOY_DOCKER_TAG: ${{ github.sha }} - DOCKER_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/${{ github.repository }}-dev - jobs: build-and-deploy: - name: Build and Deploy - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Log into ghcr registry - uses: docker/login-action@v3.0.0 - with: - registry: ghcr.io - username: ${{ github.actor }} # user that kicked off the action - password: ${{ secrets.GITHUB_TOKEN }} # token created when the action launched (short lived) - - - name: Build and push Docker image - env: - DOCKER_TAGS: | - ${{ env.DOCKER_IMAGE_NAME }}:${{ env.DEPLOY_DOCKER_TAG }} - uses: docker/build-push-action@v5.2.0 - with: - context: . - push: true - file: Dockerfile - tags: ${{ env.DOCKER_TAGS }} - labels: | - env=${{ env.DEPLOY_ENVIRONMENT }} - type=${{ env.APPLICATION_TYPE }} - - - name: Login for Azure cli commands - uses: azure/login@v2.0.0 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - - name: Set DOCKER configs in Azure web app - uses: azure/appservice-settings@v1.1.1 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - app-settings-json: | - [ - { - "name": "DOCKER_CUSTOM_IMAGE_NAME", - "value": "${{ env.DOCKER_IMAGE_NAME }}:${{ env.DEPLOY_DOCKER_TAG }}", - "slotSetting": false - }, - { - "name": "DOCKER_REGISTRY_SERVER_URL", - "value": "https://ghcr.io", - "slotSetting": false - }, - { - "name": "BUILD_SHA", - "value": "${{ github.sha }}", - "slotSetting": false - } - ] - - - name: Deploy to Azure WebApp - uses: azure/webapps-deploy@v3.0.0 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_DEV }} - images: '${{ env.DOCKER_IMAGE_NAME }}:${{ env.DEPLOY_DOCKER_TAG }}' + uses: clearlydefined/operations/.github/workflows/app-build-and-deploy.yml + secrets: + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + AZURE_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_DEV }} + DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }} + PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }} + with: + deploy-env: dev + application-type: api + azure-app-base-name: clearlydefined-api + azure-app-name-postfix: -dev diff --git a/.github/workflows/build-and-deploy-prod.yml b/.github/workflows/build-and-deploy-prod.yml new file mode 100644 index 000000000..eff86089c --- /dev/null +++ b/.github/workflows/build-and-deploy-prod.yml @@ -0,0 +1,36 @@ +# This workflow will build a docker image, push it to ghcr.io, and deploy it to an Azure WebApp. +name: Build and Deploy -- PROD + +on: + workflow_dispatch: + release: + types: [published] + +jobs: + determine-trigger: + name: Determine if this was triggered by a release or workflow_dispatch + runs-on: ubuntu-latest + outputs: + is-release: ${{ env.IS_RELEASE }} + steps: + - name: Check if this was triggered by a release + id: release + run: | + echo "IS_RELEASE"=${{ github.event_name == 'release' }} >> $GITHUB_ENV + + build-and-deploy-prod: + uses: clearlydefined/operations/.github/workflows/app-build-and-deploy.yml + needs: determine-trigger + secrets: + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + AZURE_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD }} + AZURE_SECONDARY_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD_EU }} + DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }} + PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }} + with: + deploy-env: prod + application-type: api + azure-app-base-name: clearlydefined-api + azure-app-name-postfix: -prod + secondary-azure-app-name-postfix: -prod-europe + is-release: ${{ needs.determine-trigger.outputs.is-release }} diff --git a/.github/workflows/build_and_deploy_prod.yml b/.github/workflows/build_and_deploy_prod.yml deleted file mode 100644 index c4469dff3..000000000 --- a/.github/workflows/build_and_deploy_prod.yml +++ /dev/null @@ -1,148 +0,0 @@ -# This workflow will build a docker image, push it to ghcr.io, and deploy it to an Azure WebApp. -name: Build and Deploy to prod service app - -# Update the triggers based on the environment that is being deployed to. -# Triggers for dev deployments: 1) manually triggered, 2) push to branch `master` -# Triggers for prod deployments: 1) manually triggered, 2) release [published] -on: - workflow_dispatch: - release: - types: [published] - -# There are secrets and environment variables that need to be set that control what is pushed to -# ghcr and Azure. -# -# Secrets: -# AZURE_CREDENTIALS_PROD: service principal that has access to the Azure prod WebApp -# AZURE_WEBAPP_PUBLISH_PROFILE: publish profile for the Azure WebApp -# AZURE_WEBAPP_PUBLISH_PROFILE_EU: publish profile for the Azure WebApp in Europe -# -# Environment Variables: -# APPLICATION_TYPE: type of application that is being deployed; used to add a label to the Docker image (values: api | web | worker) -# AZURE_WEBAPP_NAME: name of the Azure WebApp being deployed -# AZURE_EU_WEBAPP_NAME: name of the Azure WebApp being deployed -# DEPLOY_ENVIRONMENT: environment that the code is being deployed to; used to add a label to the Docker image (values: dev | prod) -# DEPLOY_DOCKER_TAG: _NOT used as a ENV for production. To be able to always have the version, get it from package.json._ -# DOCKER_IMAGE_NAME: name of the Docker image that is being built and pushed to ghcr.io. - -env: - APPLICATION_TYPE: api - AZURE_WEBAPP_NAME: clearlydefined-api-prod - AZURE_EU_WEBAPP_NAME: clearlydefined-api-prod-europe - DEPLOY_ENVIRONMENT: prod - # DEPLOY_DOCKER_TAG: ${{ github.event.release.tag_name }} - DOCKER_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/${{ github.repository }} - -jobs: - build-and-deploy: - name: Build and Deploy - runs-on: ubuntu-latest - steps: - - name: Get version - id: package - run: | - echo "::set-output name=version::$(curl --silent "https://api.github.com/repos/clearlydefined/service/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')" - shell: bash - - - name: Use version - run: | - echo "Version is ${{ steps.package.outputs.version }}" - shell: bash - - - uses: actions/checkout@v4.1.1 - - - name: Log into ghcr registry - uses: docker/login-action@v3.0.0 - with: - registry: ghcr.io - username: ${{ github.actor }} # user that kicked off the action - password: ${{ secrets.GITHUB_TOKEN }} # token created when the action launched (short lived) - - - name: Build and push Docker image - env: - DOCKER_TAGS: | - ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }} - uses: docker/build-push-action@v5.2.0 - with: - context: . - push: true - file: Dockerfile - tags: ${{ env.DOCKER_TAGS }} - labels: | - env=${{ env.DEPLOY_ENVIRONMENT }} - type=${{ env.APPLICATION_TYPE }} - - - name: Login for Azure cli commands - uses: azure/login@v2.0.0 - with: - creds: ${{ secrets.AZURE_CREDENTIALS_PROD }} - - - name: Set DOCKER configs in Azure web app - uses: azure/appservice-settings@v1.1.1 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - app-settings-json: | - [ - { - "name": "DOCKER_CUSTOM_IMAGE_NAME", - "value": "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "DOCKER_REGISTRY_SERVER_URL", - "value": "https://ghcr.io", - "slotSetting": false - }, - { - "name": "APP_VERSION", - "value": "${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "BUILD_SHA", - "value": "${{ github.sha }}", - "slotSetting": false - } - ] - - - name: Deploy to Azure WebApp - uses: azure/webapps-deploy@v3.0.0 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD }} - images: '${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}' - - - name: Set DOCKER configs in Azure EU web app - uses: azure/appservice-settings@v1.1.1 - with: - app-name: ${{ env.AZURE_EU_WEBAPP_NAME }} - app-settings-json: | - [ - { - "name": "DOCKER_CUSTOM_IMAGE_NAME", - "value": "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "DOCKER_REGISTRY_SERVER_URL", - "value": "https://ghcr.io", - "slotSetting": false - }, - { - "name": "APP_VERSION", - "value": "${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "BUILD_SHA", - "value": "${{ github.sha }}", - "slotSetting": false - } - ] - - - name: Deploy to Azure EU WebApp - uses: azure/webapps-deploy@v3.0.0 - with: - app-name: ${{ env.AZURE_EU_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD_EU }} - images: '${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}'