[PRM-691] Inherit the secrets #215
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Z-AUTOMATED: Deploy - Stack" | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| permissions: | |
| pull-requests: write | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| get-changed-files: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| changed: ${{ steps.get-changed-files.outputs.changed }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get changed files | |
| id: get-changed-files | |
| if: always() | |
| env: | |
| GITHUB_EVENT_NAME: ${{ github.event_name }} | |
| run: | | |
| if [ "$GITHUB_EVENT_NAME" == "push" ]; then | |
| echo "DEBUG: Comparing ${{ github.event.before }} to ${{ github.event.after }}" | |
| changed=$(git diff --name-only ${{ github.event.before }} ${{ github.event.after }} | tr '\n' ' ') | |
| fi | |
| if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then | |
| changed=$(git diff --name-only origin/main... | tr '\n' ' ') | |
| fi | |
| if [ -z "$changed" ]; then | |
| echo "No changed files detected." | |
| else | |
| echo "DEBUG: Changed files: '$changed'" | |
| echo "changed=$changed" >> $GITHUB_OUTPUT | |
| fi | |
| deductions-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/mesh-forwarder') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: Deductions Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files] | |
| with: | |
| stack: deductions | |
| backend_key_alias: deductions-infra-dev | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| lambdas_to_build: true | |
| secrets: inherit | |
| deductions-cross-account: | |
| if: always() && (needs.deductions-ci.result == 'success' || needs.deductions-ci.result == 'skipped') && (contains(needs.get-changed-files.outputs.changed, 'stacks/deductions-cross-account') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml')) | |
| name: deductions-cross-account | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci] | |
| with: | |
| stack: deductions-cross-account | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| backend_key_alias: deductions-infra-cross-account-dev | |
| secrets: inherit | |
| deductions-dashboard-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/deductions-dashboard') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: Deductions Dashboard Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci] | |
| with: | |
| stack: deductions-dashboard | |
| backend_key_alias: deductions-infra-dashboard-dev | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| mesh-forwarder-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/mesh-forwarder') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: MESH Forwarder Infrastructure | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| uses: ./.github/workflows/deploy-stack.yml | |
| with: | |
| stack: mesh-forwarder | |
| ecr_alias: deductions/mesh-forwarder | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| pds-adaptor-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/pds-adaptor') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: PDS Adaptor Infrastructure | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| uses: ./.github/workflows/deploy-stack.yml | |
| with: | |
| stack: pds-adaptor | |
| ecr_alias: deductions/pds-adaptor | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| re-registration-service-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/re-registration-service') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: Re-Registration Service Infrastructure | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| uses: ./.github/workflows/deploy-stack.yml | |
| with: | |
| stack: re-registration-service | |
| ecr_alias: repo/re-registration-service | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| suspension-service-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/suspension-service') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: Suspension Service Infrastructure | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| uses: ./.github/workflows/deploy-stack.yml | |
| with: | |
| stack: suspension-service | |
| ecr_alias: repo/suspension-service | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| nems-event-processor-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/nems-event-processor') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: NEMS Event Processor Infrastructure | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| uses: ./.github/workflows/deploy-stack.yml | |
| with: | |
| stack: nems-event-processor | |
| ecr_alias: deductions/nems-event-processor | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| ehr-repo-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/ehr-repo') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: EHR Repo Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| with: | |
| stack: ehr-repo | |
| ecr_alias: deductions/ehr-repo | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| ehr-repo-db-roles-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/ehr-repo') || contains(needs.get-changed-files.outputs.changed, 'stacks/ehr-repo-db-roles') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: EHR Repo DB Roles Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci, ehr-repo-ci] | |
| with: | |
| stack: ehr-repo-db-roles | |
| environment: dev | |
| backend_key_alias: ehr-repo-dev-db-roles | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| ehr-out-service-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/ehr-out-service') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: EHR Out Service Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| with: | |
| stack: ehr-out-service | |
| ecr_alias: deductions/ehr-out-service | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| ehr-transfer-service-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/ehr-transfer-service') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: EHR Transfer Service Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| with: | |
| stack: ehr-transfer-service | |
| ecr_alias: deductions/ehr-transfer-service | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| gp2gp-messenger-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/gp2gp-messenger') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: GP2GP Messenger Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| with: | |
| stack: gp2gp-messenger | |
| ecr_alias: deductions/gp2gp-messenger | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit | |
| mhs-ci: | |
| if: contains(needs.get-changed-files.outputs.changed, 'stacks/mhs') || contains(needs.get-changed-files.outputs.changed, '.github/workflows/automated-deploy-stack.yml') | |
| name: MHS Infrastructure CI | |
| uses: ./.github/workflows/deploy-stack.yml | |
| needs: [get-changed-files, deductions-ci, deductions-cross-account] | |
| with: | |
| stack: mhs | |
| backend_key_alias: mhs-dev-repo | |
| environment: dev | |
| is_deployment: ${{ github.ref == 'refs/heads/main' }} | |
| secrets: inherit |