Skip to content

Commit 1449984

Browse files
atraceatrace
committed
NRL-1595 fix bad apply
1 parent 77b00e9 commit 1449984

File tree

1 file changed

+39
-19
lines changed

1 file changed

+39
-19
lines changed

.github/workflows/deploy-account-wide-infra.yml

Lines changed: 39 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,30 @@
11
name: Deploy Account-wide infrastructure
2-
run-name: Account-wide infra deployment to ${{ inputs.environment }} of ${{ github.ref_name }} by ${{ github.actor }}
2+
run-name: Account-wide infra deployment to ${{ 'account-dev' }} of ${{ github.ref_name }} by ${{ github.actor }}
3+
4+
# An action environment would need
5+
# name=acc-test
6+
# ACCOUNT_NAME=test
7+
# AWS_ACCOUNT_ID
8+
# envs_to_pull: "qa" "ref" "int" "perftest" - use aws session assume.py - pull out
9+
# OR json format: ["qa", "ref", "int", "perftest"] - feels better
10+
# OR json obj lookup in repo-wide variable instead + same for below
11+
# aws_account_id: 123456789 - get this from tf vars or something maybe? - use get_account_name script
12+
13+
# MGMT_ROLE_ARN is in repo secrets, so not needed in env
14+
15+
# Looping through envs to pull certs
316

417
on:
5-
workflow_dispatch:
6-
inputs:
7-
environment:
8-
description: "Environment to deploy to"
9-
required: true
10-
default: "account-dev"
11-
type: environment
12-
branch_name:
13-
description: Branch to deploy
14-
required: true
18+
# workflow_dispatch:
19+
# inputs:
20+
# environment:
21+
# description: "Environment to deploy to"
22+
# required: true
23+
# default: "account-dev"
24+
# type: environment
25+
# branch_name:
26+
# description: Branch to deploy
27+
# required: true
1528
push:
1629
branches:
1730
- NRL-1595**
@@ -28,7 +41,7 @@ jobs:
2841
steps:
2942
- name: Validate environment
3043
env:
31-
IS_VALID_ENV: ${{ startsWith(inputs.environment, 'account-') }}
44+
IS_VALID_ENV: ${{ startsWith('account-dev', 'account-') }}
3245
run: |
3346
echo "valid workflow environment selected:" $IS_VALID_ENV
3447
if [[ $IS_VALID_ENV == true ]]; then
@@ -37,8 +50,8 @@ jobs:
3750
exit 1
3851
3952
terraform-plan:
40-
name: Terraform Plan - ${{ inputs.environment }}
41-
environment: ${{ inputs.environment }}
53+
name: Terraform Plan - ${{ 'account-dev' }}
54+
environment: ${{ 'account-dev' }}
4255
needs: [check-selected-environment]
4356
runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }}
4457

@@ -58,7 +71,7 @@ jobs:
5871
with:
5972
aws-region: eu-west-2
6073
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }}
61-
role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id }}
74+
role-session-name: github-actions-ci-${{ 'account-dev' }}-${{ github.run_id }}
6275

6376
- name: Retrieve Server Certificates
6477
env:
@@ -89,15 +102,15 @@ jobs:
89102
ACCOUNT_NAME: ${{ vars.ACCOUNT_NAME }}
90103
run: |
91104
terraform -chdir=terraform/account-wide-infrastructure/${ACCOUNT_NAME} show -no-color tfplan > terraform/account-wide-infrastructure/$ACCOUNT_NAME/tfplan.txt
92-
105+
ls terraform/account-wide-infrastructure/$ACCOUNT_NAME/
93106
aws s3 cp terraform/account-wide-infrastructure/$ACCOUNT_NAME/tfplan s3://nhsd-nrlf--mgmt--github-ci-logging/acc-$ACCOUNT_NAME/${{ github.run_id }}/tfplan
94107
aws s3 cp terraform/account-wide-infrastructure/$ACCOUNT_NAME/tfplan.txt s3://nhsd-nrlf--mgmt--github-ci-logging/acc-$ACCOUNT_NAME/${{ github.run_id }}/tfplan.txt
95108
96109
terraform-apply:
97-
name: Terraform Apply - ${{ inputs.environment }}
110+
name: Terraform Apply - ${{ 'account-dev' }}
98111
needs: [terraform-plan]
99112
runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }}
100-
environment: ${{ inputs.environment }}
113+
environment: ${{ 'account-dev' }}
101114

102115
steps:
103116
- name: Git clone - ${{ github.ref_name }}
@@ -115,7 +128,7 @@ jobs:
115128
with:
116129
aws-region: eu-west-2
117130
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }}
118-
role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}}
131+
role-session-name: github-actions-ci-${{ 'account-dev' }}-${{ github.run_id}}
119132

120133
- name: Download Terraform Plan artifact
121134
env:
@@ -151,3 +164,10 @@ jobs:
151164
run: |
152165
deployed_version=$(terraform -chdir=terraform/account-wide-infrastructure/${ACCOUNT_NAME} output --raw version)
153166
echo $deployed_version
167+
168+
# Slack notif: starting deploy of account-wide infra <branch deets>
169+
# tf-plan: ensure output is visible in job output
170+
171+
# pre-apply: check current commit deployed in state
172+
# post-apply: update current deployed commit in state
173+
# no auto rollback

0 commit comments

Comments
 (0)