CI/CD deploy #393
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI/CD deploy" | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: 'Environment to deploy to' | |
| type: environment | |
| required: true | |
| env: | |
| AWS_REGION: eu-west-2 | |
| jobs: | |
| ############################################################# | |
| # Deploy action - download artefacts and deploy to AWS | |
| ############################################################# | |
| metadata: | |
| name: "Set CI/CD metadata" | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 1 | |
| outputs: | |
| nodejs_version: ${{ steps.variables.outputs.nodejs_version }} | |
| steps: | |
| - name: "Checkout code" | |
| uses: actions/checkout@v6 | |
| - name: "Set CI/CD variables" | |
| id: variables | |
| run: | | |
| echo "nodejs_version=$(grep "^nodejs" .tool-versions | cut -f2 -d' ')" >> $GITHUB_OUTPUT | |
| deploy-action: | |
| name: "Deploy ${{ github.ref_name }} to (${{ github.event.inputs.environment }})" | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: ${{ github.event.inputs.environment }} | |
| timeout-minutes: 20 | |
| concurrency: | |
| group: "${{ github.event.inputs.environment }}-env" | |
| cancel-in-progress: false | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: "Check ref:${{ github.ref }} is a tag" | |
| run: | | |
| if ${{ !startsWith(github.ref, 'refs/tags/') }}; then | |
| echo "❌ Only tagged deployments allowed." | |
| exit 1 | |
| fi | |
| - name: "Checkout code" | |
| uses: actions/checkout@v6 | |
| - name: "Deploy application version ${{ github.ref_name }}" | |
| timeout-minutes: 10 | |
| uses: ./.github/actions/deploy | |
| with: | |
| environment: ${{ github.event.inputs.environment }} | |
| tag_or_sha_to_deploy: ${{ github.ref_name }} | |
| secret_aws_iam_role: ${{ secrets.IAM_ROLE }} | |
| secret_aws_account_id: ${{ secrets.AWS_ACCOUNT_ID }} | |
| secret_aws_slack_channel_id: ${{ secrets.ALARMS_SLACK_CHANNEL_ID }} | |
| ############################################################# | |
| # Acceptance stage - E2E and contract tests | |
| ############################################################# | |
| acceptance-stage: | |
| name: "Acceptance stage (dev/preprod only)" | |
| if: ${{ contains(fromJSON('["dev","preprod"]'), github.event.inputs.environment) }} | |
| needs: [ metadata, deploy-action ] | |
| uses: ./.github/workflows/stage-5-acceptance.yaml | |
| with: | |
| environment: ${{ github.event.inputs.environment}} | |
| checkout_ref: ${{ github.ref_name }} | |
| nodejs_version: ${{ needs.metadata.outputs.nodejs_version }} | |
| secrets: inherit |