Skip to content

Latest commit

 

History

History
112 lines (76 loc) · 5.27 KB

Deploy-with-pipeline.md

File metadata and controls

112 lines (76 loc) · 5.27 KB

Pipeline Deployment Guide

This guide shows you how to deploy infrastructure using the automated GitHub Actions pipelines available in this repository.

Table of Contents

Overview

This repository provides two main GitHub Actions pipelines for infrastructure deployment:

  • Single-Region: Workflow: .github/workflows/ci-cd-infra-dev-single-region.yml

  • Multi-Region: Workflow: .github/workflows/ci-cd-infra-dev-multi-region.yml

Use the pipeline that matches your deployment scenario. Each pipeline automatically manages the correct folder paths and deployment steps.

Prerequisites

  • Manual Step (Step 00: DevOps): You must run step 00-devops manually before starting the pipeline. This initializes the resource groups, storage, and permissions needed for the rest of the deployment.
  • Pipeline Environment Variables: After running step 00-devops, set all required environment variables and GitHub secrets using the outputs. See Setup-environment.md for details.

Pipeline Steps

  1. Environment Setup

    • Make sure all required environment variables and secrets in GitHub are set using the outputs from step 00. See Setup-environment.md.

  2. Base Infrastructure (Pipeline)

    • Deploys core networking, MongoDB Atlas resources, observability function infrastructure, and, if multi-region, configures VNet peering.
    • For details on observability function and function app setup, see Mongo Atlas Metrics App docs.
    • Important: You need to run this step twice:
      1. First run: Set TF_VAR_open_access=true to allow Key Vault creation, initial secret injection and to deploy the Azure Function's code.
      2. Second run: Set TF_VAR_open_access=false to restrict Key Vault and Azure Function network access according to SFI/compliance requirements.

  3. Application (Optional)

    • Deploys test application infrastructure (App Service Plan, subnet, Azure Web App).
    • Make sure to set any additional variables mentioned in Setup-environment.md, such as TF_VAR_key_name_infra_tfstate.

  4. Testing Connectivity (Optional)

    • You can deploy a web app to test database connectivity. See Test_DB_connection_steps.md for more information.
    • Note: The variables FUNCTION_APP_NAME, FUNCTIONAPP_RG_NAME, APP_WEBAPPS, and APP_WEBAPPS_RG_NAMES must be set after running and applying the Application step, as their values are determined from the outputs of that step.

Running the Pipeline

Note: The pipeline does not automatically apply all changes. It will pause at the apply step and create a GitHub issue for manual approval by your designated approvers.

How to Run

  1. Go to the Actions tab in your GitHub repository.
  2. Select the workflow matching your region type:
    • Single-Region: CI - CD Infra Dev (Single-Region)
    • Multi-Region: CI - CD Infra Dev (Multi-Region)
    • App Code Deployment: Deploy Applications' code
  3. Click Run workflow.
  4. Choose the steps as needed via checkboxes (plan/apply, infra/app, etc.).
  5. Wait for the manual approval step if changes are detected.

Deploy Applications' code includes:

  • Deploy MongoAtlasMetrics Function App: (default: enabled, requires infrastructure deployed)
  • Deploy Test DB Connection App: (optional, requires infra & app infrastructure deployed)

Choosing the Right Pipeline

  • Single-Region: .github/workflows/ci-cd-infra-dev-single-region.yml — For deployments using templates/single-region/envs/dev/
  • Multi-Region: .github/workflows/ci-cd-infra-dev-multi-region.yml — For deployments using templates/multi-region/envs/dev/
  • App Code: .github/workflows/ci-cd-application.yml — For deploying the MongoAtlasMetrics Function App or Test DB Connection App

Notes

  • If you need to re-run a pipeline, make sure all manual prerequisites (such as API key creation) are up to date.
  • Do not run both the single-region and multi-region pipelines at the same time unless you are certain your Terraform state references are separate and correct.

Using an Existing Terraform Backend or Resource Groups

For instructions on using an existing Terraform backend or existing resource groups, see Using an Existing Backend or Resource Groups.