Refresh Attribution For Test ACOs #62
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Refreshes attribution for test acos in all envs. | |
| name: Refresh Attribution For Test ACOs | |
| on: | |
| workflow_call: | |
| schedule: | |
| - cron: "0 12 * * 1" | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| refresh_attribution: | |
| name: Refresh Attribution | |
| runs-on: codebuild-bcda-app-${{github.run_id}}-${{github.run_attempt}} | |
| strategy: | |
| matrix: | |
| vars: | |
| - env: dev | |
| account_id: NON_PROD_ACCOUNT_ID | |
| - env: test | |
| account_id: NON_PROD_ACCOUNT_ID | |
| - env: sandbox | |
| account_id: PROD_ACCOUNT_ID | |
| - env: prod | |
| account_id: PROD_ACCOUNT_ID | |
| steps: | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::${{ secrets[matrix.vars.account_id] }}:role/delegatedadmin/developer/bcda-${{ matrix.vars.env }}-github-actions | |
| - uses: cmsgov/cdap/actions/aws-params-env-action@main | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| with: | |
| params: | | |
| GITHUB_TOKEN=/ci/github/token | |
| DB_URL=/bcda/${{ matrix.vars.env }}/api/DATABASE_URL | |
| - name: Install psql | |
| run: | | |
| sudo dnf install postgresql16 -y | |
| - name: checkout bcda-ops | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: CMSgov/bcda-ops | |
| ref: 'main' | |
| token: ${{ env.GITHUB_TOKEN }} | |
| - name: Refresh all environments | |
| run: | | |
| set -euo pipefail | |
| HOST=$(aws rds describe-db-cluster-endpoints --db-cluster-identifier bcda-${{ matrix.vars.env }}-aurora 2>&1 | jq -r '.DBClusterEndpoints[0].Endpoint' 2>&1) | |
| if [ $? -ne 0 ]; then | |
| echo "Error: failed to retrieve database host." | |
| exit 1 | |
| fi | |
| CONNECTION_URL=$(echo ${{ env.DB_URL }} 2>&1 | sed -E "s/@.*\/bcda/\@$HOST\/bcda/" 2>&1) | |
| ./scripts/refresh_test_attribution.sh -c "${CONNECTION_URL}" -f > /dev/null 2>&1 | |
| if [ $? -ne 0 ]; then | |
| echo "Error: Refresh failed; run script locally for more details." | |
| exit 1 | |
| else | |
| echo "Success: refresh complete." | |
| fi | |
| - name: Failure Alert | |
| if: ${{ failure() }} | |
| uses: slackapi/slack-github-action@v2.0.0 | |
| with: | |
| method: chat.postMessage | |
| token: ${{ secrets.SLACK_BOT_TOKEN }} | |
| payload: | | |
| channel: "C03S23MJFJS" | |
| attachments: | |
| - color: danger | |
| text: "FAILURE: Refresh Test Attribution (run: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.run_id }}>)." | |
| mrkdown_in: | |
| - text |