Skip to content

Commit

Permalink
use merged dev and prod deploy workflows
Browse files Browse the repository at this point in the history
  • Loading branch information
elrayle committed Apr 15, 2024
1 parent 39777b0 commit d470e4f
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 141 deletions.
14 changes: 10 additions & 4 deletions .github/workflows/build-and-deploy-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,14 @@ on:

jobs:
build-and-deploy:
uses: clearlydefined/operations/.github/workflows/build-and-deploy-dev.yml@elr/shared-dev-deploy
secrets: inherit
uses: clearlydefined/operations/.github/workflows/app-build-and-deploy.yml@elr/reusable-deploy-workflow
secrets:
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
AZURE_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_DEV }}
DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }}
with:
application-name: "clearlydefined-api"
application-type: "api"
deploy-env: dev
application-type: api
azure-app-base-name: clearlydefined-api
azure-app-name-postfix: -dev
162 changes: 25 additions & 137 deletions .github/workflows/build_and_deploy_prod.yml
Original file line number Diff line number Diff line change
@@ -1,148 +1,36 @@
# This workflow will build a docker image, push it to ghcr.io, and deploy it to an Azure WebApp.
name: Build and Deploy to prod service app
name: Build and Deploy to prod service apps

# Update the triggers based on the environment that is being deployed to.
# Triggers for dev deployments: 1) manually triggered, 2) push to branch `master`
# Triggers for prod deployments: 1) manually triggered, 2) release [published]
on:
workflow_dispatch:
release:
types: [published]

# There are secrets and environment variables that need to be set that control what is pushed to
# ghcr and Azure.
#
# Secrets:
# AZURE_CREDENTIALS_PROD: service principal that has access to the Azure prod WebApp
# AZURE_WEBAPP_PUBLISH_PROFILE: publish profile for the Azure WebApp
# AZURE_WEBAPP_PUBLISH_PROFILE_EU: publish profile for the Azure WebApp in Europe
#
# Environment Variables:
# APPLICATION_TYPE: type of application that is being deployed; used to add a label to the Docker image (values: api | web | worker)
# AZURE_WEBAPP_NAME: name of the Azure WebApp being deployed
# AZURE_EU_WEBAPP_NAME: name of the Azure WebApp being deployed
# DEPLOY_ENVIRONMENT: environment that the code is being deployed to; used to add a label to the Docker image (values: dev | prod)
# DEPLOY_DOCKER_TAG: _NOT used as a ENV for production. To be able to always have the version, get it from package.json._
# DOCKER_IMAGE_NAME: name of the Docker image that is being built and pushed to ghcr.io.

env:
APPLICATION_TYPE: api
AZURE_WEBAPP_NAME: clearlydefined-api-prod
AZURE_EU_WEBAPP_NAME: clearlydefined-api-prod-europe
DEPLOY_ENVIRONMENT: prod
# DEPLOY_DOCKER_TAG: ${{ github.event.release.tag_name }}
DOCKER_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/${{ github.repository }}

jobs:
build-and-deploy:
name: Build and Deploy
determine-trigger:
name: Determine if this was triggered by a release or workflow_dispatch
runs-on: ubuntu-latest
outputs:
is-release: ${{ env.IS_RELEASE }}
steps:
- name: Get version
id: package
run: |
echo "::set-output name=version::$(curl --silent "https://api.github.com/repos/clearlydefined/service/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')"
shell: bash

- name: Use version
- name: Check if this was triggered by a release
id: release
run: |
echo "Version is ${{ steps.package.outputs.version }}"
shell: bash

- uses: actions/checkout@v4.1.1

- name: Log into ghcr registry
uses: docker/login-action@v3.0.0
with:
registry: ghcr.io
username: ${{ github.actor }} # user that kicked off the action
password: ${{ secrets.GITHUB_TOKEN }} # token created when the action launched (short lived)

- name: Build and push Docker image
env:
DOCKER_TAGS: |
${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}
uses: docker/build-push-action@v5.2.0
with:
context: .
push: true
file: Dockerfile
tags: ${{ env.DOCKER_TAGS }}
labels: |
env=${{ env.DEPLOY_ENVIRONMENT }}
type=${{ env.APPLICATION_TYPE }}
- name: Login for Azure cli commands
uses: azure/login@v2.0.0
with:
creds: ${{ secrets.AZURE_CREDENTIALS_PROD }}

- name: Set DOCKER configs in Azure web app
uses: azure/appservice-settings@v1.1.1
with:
app-name: ${{ env.AZURE_WEBAPP_NAME }}
app-settings-json: |
[
{
"name": "DOCKER_CUSTOM_IMAGE_NAME",
"value": "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}",
"slotSetting": false
},
{
"name": "DOCKER_REGISTRY_SERVER_URL",
"value": "https://ghcr.io",
"slotSetting": false
},
{
"name": "APP_VERSION",
"value": "${{ steps.package.outputs.version }}",
"slotSetting": false
},
{
"name": "BUILD_SHA",
"value": "${{ github.sha }}",
"slotSetting": false
}
]
- name: Deploy to Azure WebApp
uses: azure/webapps-deploy@v3.0.0
with:
app-name: ${{ env.AZURE_WEBAPP_NAME }}
publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD }}
images: '${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}'

- name: Set DOCKER configs in Azure EU web app
uses: azure/appservice-settings@v1.1.1
with:
app-name: ${{ env.AZURE_EU_WEBAPP_NAME }}
app-settings-json: |
[
{
"name": "DOCKER_CUSTOM_IMAGE_NAME",
"value": "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}",
"slotSetting": false
},
{
"name": "DOCKER_REGISTRY_SERVER_URL",
"value": "https://ghcr.io",
"slotSetting": false
},
{
"name": "APP_VERSION",
"value": "${{ steps.package.outputs.version }}",
"slotSetting": false
},
{
"name": "BUILD_SHA",
"value": "${{ github.sha }}",
"slotSetting": false
}
]
- name: Deploy to Azure EU WebApp
uses: azure/webapps-deploy@v3.0.0
with:
app-name: ${{ env.AZURE_EU_WEBAPP_NAME }}
publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD_EU }}
images: '${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}'
echo "IS_RELEASE"=${{ github.event_name == 'release' }} >> $GITHUB_ENV
build-and-deploy-prod:
uses: clearlydefined/operations/.github/workflows/app-build-and-deploy.yml@elr/reusable-deploy-workflow
needs: determine-trigger
secrets:
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
AZURE_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD }}
AZURE_SECONDARY_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD_EU }}
DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }}
with:
deploy-env: prod
application-type: api
azure-app-base-name: clearlydefined-api
azure-app-name-postfix: -prod
secondary-azure-app-name-postfix: -prod-europe
is-release: ${{ needs.determine-trigger.outputs.is-release }}

0 comments on commit d470e4f

Please sign in to comment.