Continuous Deployment to Infra #41
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Deployment to Infra | |
permissions: | |
contents: write | |
on: | |
push: | |
branches: [ "main" ] | |
# Trigger on all release events until we can figure out the optimal selection | |
release: | |
env: | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
outputs: | |
deploy_tag: ${{ steps.build.outputs.deploy_tag }} | |
steps: | |
- | |
uses: actions/checkout@v3 | |
- | |
name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- | |
name: Login to Public ECR | |
uses: docker/login-action@v2 | |
with: | |
registry: public.ecr.aws | |
username: ${{ env.AWS_ACCESS_KEY_ID }} | |
password: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
env: | |
AWS_REGION: us-east-1 | |
- | |
name: Build and Publish | |
id: build | |
run: | | |
SHA_TAG=$(echo ${{ github.SHA }} | head -c 12) | |
DEPLOY_TAG=$SHA_TAG | |
COMMIT_MESSAGE=$(git log -1 --pretty=%B) | |
if [[ $(echo "$COMMIT_MESSAGE" | grep 'chore: version v') ]]; then | |
RELEASE_TAG=$(cargo metadata --format-version=1 --no-deps | jq '.packages[0].version' | tr -d '"') | |
# Use the release tag to deploy, if one is available. | |
DEPLOY_TAG=$RELEASE_TAG | |
fi | |
make SHA="${{ github.SHA }}" SHA_TAG="$SHA_TAG" RELEASE_TAG="$RELEASE_TAG" publish-docker | |
echo "Deploy tag:" | |
echo ${DEPLOY_TAG} | |
echo "deploy_tag=${DEPLOY_TAG}" >> $GITHUB_OUTPUT | |
deploy: | |
runs-on: ubuntu-latest | |
needs: | |
- publish | |
steps: | |
- | |
uses: actions/checkout@v3 | |
- | |
name: Schedule k8s deployment | |
run: | | |
echo "Workflow triggered by: ${{ github.event_name }}" | |
if [[ "${{ github.event_name }}" == "release" ]]; then | |
echo "Release action: ${{ github.event.action }}" | |
# For some reason, GitHub won't trigger the "created" or "prereleased" events when a pre-release is created | |
# from the "publish-release.yml" workflow. This is despite using a PAT to create the pre-release, which is | |
# the recommended way to trigger one workflow from another. | |
# | |
# This would imply that there was some issue with the repo or workflow configuration but GitHub does trigger | |
# the "published" workflow. Because of this, we're detecting pre-releases through the "published" event and | |
# its "prerelease" flag. | |
# | |
# Strangely enough, the "edited" and "released" events are triggered when promoting the pre-release to a | |
# release through the GitHub console (╯°□°)╯︵ ┻━┻ | |
if [[ "${{ github.event.action }}" == "published" && "${{ github.event.release.prerelease }}" == "true" ]]; then | |
DEPLOY_ENV="tnet" | |
elif [[ "${{ github.event.action }}" == "released" ]]; then | |
DEPLOY_ENV="prod" | |
fi | |
else | |
DEPLOY_ENV="qa" | |
fi | |
echo "DEPLOY_ENV is $DEPLOY_ENV" | |
if [[ -n "$DEPLOY_ENV" ]]; then | |
make DEPLOY_ENV="$DEPLOY_ENV" DEPLOY_TAG=${{ needs.publish.outputs.deploy_tag }} schedule-k8s-deployment | |
fi |