Recreate hotfix branch #131
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy on Merge to Hotfix | |
on: | |
push: | |
branches: | |
- hotfix | |
env: | |
TAG: sha-${{ github.sha }} | |
jobs: | |
build: | |
uses: ./.github/workflows/build.yaml | |
secrets: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
test-code: | |
uses: ./.github/workflows/test-code.yaml | |
secrets: inherit | |
test-containers: | |
needs: [build] | |
uses: ./.github/workflows/test-containers.yaml | |
secrets: | |
HAPPO_API_KEY: ${{ secrets.HAPPO_API_KEY }} | |
HAPPO_API_SECRET: ${{ secrets.HAPPO_API_SECRET }} | |
RENOVATE_GITHUB_TOKEN: ${{ secrets.RENOVATE_GITHUB_TOKEN }} | |
RENOVATE_PRIVATE_KEY: ${{ secrets.RENOVATE_PRIVATE_KEY }} | |
deploy_hotfix: | |
needs: [build] | |
runs-on: ubuntu-latest | |
# if: startsWith(github.event.head_commit.message, 'Merge') | |
environment: | |
name: hotfix | |
url: 'https://ccbc-hotfix.apps.silver.devops.gov.bc.ca' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Deploy | |
uses: ./.github/actions/hotfix | |
with: | |
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
openshift_app_namespace: ${{ secrets.OPENSHIFT_APP_NAMESPACE }} | |
next_public_growthbook_api_key: ${{ secrets.NEXT_PUBLIC_GROWTHBOOK_API_KEY }} | |
tag: ${{ env.TAG }} | |
client_secret: ${{ secrets.CLIENT_SECRET }} | |
secure_route: ${{ secrets.OPENSHIFT_SECURE_ROUTE }} | |
aws_s3_bucket: ${{ secrets.AWS_S3_BUCKET }} | |
aws_s3_region: ${{ secrets.AWS_S3_REGION }} | |
aws_s3_key: ${{ secrets.AWS_S3_KEY }} | |
aws_s3_secret_key: ${{ secrets.AWS_S3_SECRET_KEY }} | |
aws_clam_s3_bucket: ${{ secrets.AWS_CLAM_S3_BUCKET }} | |
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} | |
environment: hotfix | |
deploy_hotfix_prod: | |
needs: [deploy_hotfix] | |
runs-on: ubuntu-latest | |
if: startsWith(github.event.head_commit.message, 'Merge') | |
environment: | |
name: production | |
url: 'https://ccbc.apps.silver.devops.gov.bc.ca' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Deploy | |
uses: ./.github/actions/app | |
with: | |
openshift_server_url: ${{ secrets.OPENSHIFT_SERVER }} | |
openshift_token: ${{ secrets.OPENSHIFT_TOKEN }} | |
openshift_app_namespace: ${{ secrets.OPENSHIFT_APP_NAMESPACE }} | |
openshift_metabase_prod_namespace: ${{ secrets.OPENSHIFT_METABASE_PROD_NAMESPACE }} | |
openshift_metabase_namespace: ${{ secrets.OPENSHIFT_METABASE_NAMESPACE }} | |
next_public_growthbook_api_key: ${{ secrets.NEXT_PUBLIC_GROWTHBOOK_API_KEY }} | |
tag: ${{ env.TAG }} | |
client_secret: ${{ secrets.CLIENT_SECRET }} | |
secure_route: ${{ secrets.OPENSHIFT_SECURE_ROUTE }} | |
aws_s3_bucket: ${{ secrets.AWS_S3_BUCKET }} | |
aws_s3_region: ${{ secrets.AWS_S3_REGION }} | |
aws_s3_key: ${{ secrets.AWS_S3_KEY }} | |
aws_s3_secret_key: ${{ secrets.AWS_S3_SECRET_KEY }} | |
aws_clam_s3_bucket: ${{ secrets.AWS_CLAM_S3_BUCKET }} | |
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} | |
certbot_email: ${{ secrets.CERTBOT_EMAIL }} | |
certbot_server: ${{ secrets.CERTBOT_SERVER }} | |
metabase_site_url: ${{ secrets.METABASE_SITE_URL }} | |
metabase_embed_secret: ${{ secrets.METABASE_EMBED_SECRET }} | |
cert: ${{ secrets.CERT }} | |
cert_key: ${{ secrets.CERT_KEY }} | |
cert_ca: ${{ secrets.CERT_CA }} | |
sp_sa_user: ${{ secrets.SP_SA_USER }} | |
sp_sa_password: ${{ secrets.SP_SA_PASSWORD }} | |
sp_doc_library: ${{ secrets.SP_DOC_LIBRARY }} | |
sp_site: ${{ secrets.SP_SITE }} | |
sp_ms_file_name: ${{ secrets.SP_MS_FILE_NAME }} | |
keycloak_host: ${{ secrets.KEYCLOAK_HOST }} | |
sa_client_secret: ${{ secrets.SA_CLIENT_SECRET }} | |
sa_client_id: ${{ secrets.SA_CLIENT_ID }} | |
sp_list_name: ${{ secrets.SP_LIST_NAME }} | |
ches_url: ${{ secrets.CHES_API_URL }} | |
ches_client: ${{ secrets.CHES_CLIENT }} | |
ches_client_secret: ${{ secrets.CHES_CLIENT_SECRET }} | |
ches_to: ${{ secrets.CHES_TO_EMAIL }} | |
ches_keycloak_host: ${{ secrets.CHES_KEYCLOAK_HOST }} | |
pgbackrest_s3_bucket: ${{ secrets.AWS_S3_BACKUPS_BUCKET }} | |
environment: prod |