-
Notifications
You must be signed in to change notification settings - Fork 0
120 lines (102 loc) · 3.9 KB
/
terraform_and_deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: Terraform and Deploy to Elastic Beanstalk
on: [push]
jobs:
terraform:
name: Terraform Plan and Apply
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.pull_request.merged == true && contains(github.event.pull_request.changed_files, 'terraform/')
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.3.5
- name: Initialize Terraform
run: terraform init
working-directory: terraform
- name: Terraform Plan
run: terraform plan -out=tfplan
working-directory: terraform
- name: Terraform Apply
run: terraform apply -auto-approve tfplan
working-directory: terraform
rubocop:
runs-on: ubuntu-latest
name: RuboCop
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Run RuboCop
uses: ./.github/actions/rubocop
rspec:
runs-on: ubuntu-latest
name: RSpec
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Run RSpec
uses: ./.github/actions/run_rspec
with:
ruby-version: "3.2.0"
postgres-password: ${{ secrets.ROUTE_RATER_DATABASE_PASSWORD }}
google-api-key: ${{ secrets.GOOGLE_API_KEY }}
deploy:
name: Deploy to Elastic Beanstalk
runs-on: ubuntu-latest
needs: [terraform, rubocop, rspec]
if: |
always() &&
needs.terraform.result == 'success' || needs.terraform.result == 'skipped' &&
needs.rubocop.result == 'success' &&
needs.rspec.result == 'success'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 3.2.0
- name: Install dependencies
run: bundle install
- name: Set up EB CLI
run: |
pip install awsebcli
eb --version
- name: Slack Notification - Deploy Start
uses: rtCamp/action-slack-notify@v2
env:
SLACK_DEPLOY_BOY_WEBHOOK_URL: ${{ secrets.SLACK_DEPLOY_BOY_WEBHOOK_URL }}
SLACK_MESSAGE: |
:rocket: Started deployment of [${{ github.event.pull_request.title }}](${{ github.event.pull_request.html_url }})
with:
status: ${{ job.status }}
emoji: ${{ ':rocket:' }}
- name: Deploy to Elastic Beanstalk
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: "us-west-2"
run: |
eb init -p "Ruby 3.2.0" -r us-west-2 hope-skip-drive-test
eb use prod-env
eb deploy
- name: Set environment variables
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: "us-west-2"
run: |
DB_PASSWORD=$(aws secretsmanager get-secret-value --secret-id creds --query 'SecretString' --output text | jq -r '.ROUTE_RATER_DATABASE_PASSWORD')
GOOGLE_API_KEY=$(aws secretsmanager get-secret-value --secret-id creds --query 'SecretString' --output text | jq -r '.GOOGLE_API_KEY')
eb setenv ROUTE_RATER_DATABASE_PASSWORD=$DB_PASSWORD GOOGLE_API_KEY=$GOOGLE_API_KEY
- name: Slack Notification - Deploy End
uses: rtCamp/action-slack-notify@v2
env:
SLACK_DEPLOY_BOY_WEBHOOK_URL: ${{ secrets.SLACK_DEPLOY_BOY_WEBHOOK_URL }}
SLACK_MESSAGE: |
Your deployment of [${{ github.event.pull_request.title }}](${{ github.event.pull_request.html_url }})
has ${{job.status == 'success' && 'succeeded' || 'failed' }}
with:
status: ${{ job.status }}
emoji: ${{ job.status == 'success' && ':checked:' || ':error:' }}