-
Notifications
You must be signed in to change notification settings - Fork 4
88 lines (84 loc) · 3.12 KB
/
deploy-happy-stack.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
name: Deploy Happy
on: deployment
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services
permissions:
id-token: write
contents: read
deployments: write
env:
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
DOCKER_REPO: ${{ secrets.ECR_REPO }}/
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
jobs:
upgrade:
runs-on: ubuntu-20.04
steps:
- uses: act10ns/slack@v1
with:
status: starting
if: github.event.deployment.environment == 'prod'
- name: Configure AWS Prod Credentials
uses: aws-actions/configure-aws-credentials@v2
if: github.event.deployment.environment == 'prod'
with:
role-session-name: DeployProdStack
aws-region: us-west-2
role-to-assume: ${{ secrets.AWS_PROD_ROLE_TO_ASSUME }}
role-duration-seconds: 2000
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
if: github.event.deployment.environment != 'prod'
with:
role-session-name: DeployNonProdStack
aws-region: us-west-2
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
role-duration-seconds: 2000
- uses: actions/checkout@v2
with:
ref: ${{ github.event.deployment.sha }}
- name: Install happy dependencies
run: |
pip install -r .happy/requirements.txt
- uses: avakar/set-deployment-status@v1
with:
state: in_progress
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Update deployment
uses: chanzuckerberg/github-actions/.github/actions/[email protected]
with:
tfe-token: ${{ secrets.TFE_TOKEN }}
stack-name: ge${{ github.event.deployment.environment }}stack
happy_version: "0.41.3"
create-tag: "false"
tag: ${{ github.event.deployment.payload.tag }}
env: ${{ github.event.deployment.environment }}
- name: Run integration tests
env:
TFE_TOKEN: ${{ secrets.TFE_TOKEN }}
DEPLOYMENT_STAGE: ${{ github.event.deployment.environment }}
if: github.event.deployment.environment != 'prod'
run: |
echo "DOCKER_REPO=${DOCKER_REPO}" > .env.ecr
echo "TODO - run functional tests against staging!"
### Need to write success failure way because Github API doesn't allow doing
### "if: always(), state: ${{ success() }}:
- name: Set deployment status to success if no errors
uses: avakar/set-deployment-status@v1
with:
state: success
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: act10ns/slack@v1
with:
status: ${{ job.status }}
steps: ${{ toJson(steps) }}
if: github.event.deployment.environment == 'prod' || failure()
- name: Set deployment status to failure if errors
uses: avakar/set-deployment-status@v1
if: failure()
with:
state: failure
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}