Skip to content

Commit 77b00e9

Browse files
atraceatrace
committed
NRL-1595 tidy up + remove hardcoded references. This commit's run will fail because no manual inputs. Will need a test running manually once merged into develop but hopefully ready for PR
1 parent 21ec178 commit 77b00e9

File tree

1 file changed

+19
-39
lines changed

1 file changed

+19
-39
lines changed

.github/workflows/deploy-account-wide-infra.yml

Lines changed: 19 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -1,30 +1,17 @@
11
name: Deploy Account-wide infrastructure
2-
run-name: Account-wide infra deployment to ${{ 'account-dev' }} of ${{ github.ref_name }} by ${{ github.actor }}
3-
4-
# An action environment would need
5-
# name=acc-test
6-
# ACCOUNT_NAME=test
7-
# AWS_ACCOUNT_ID
8-
# envs_to_pull: "qa" "ref" "int" "perftest" - use aws session assume.py - pull out
9-
# OR json format: ["qa", "ref", "int", "perftest"] - feels better
10-
# OR json obj lookup in repo-wide variable instead + same for below
11-
# aws_account_id: 123456789 - get this from tf vars or something maybe? - use get_account_name script
12-
13-
# MGMT_ROLE_ARN is in repo secrets, so not needed in env
14-
15-
# Looping through envs to pull certs
2+
run-name: Account-wide infra deployment to ${{ inputs.environment }} of ${{ github.ref_name }} by ${{ github.actor }}
163

174
on:
18-
# workflow_dispatch:
19-
# inputs:
20-
# environment:
21-
# description: "Environment to deploy to"
22-
# required: true
23-
# default: "account-dev"
24-
# type: environment
25-
# branch_name:
26-
# description: Branch to deploy
27-
# required: true
5+
workflow_dispatch:
6+
inputs:
7+
environment:
8+
description: "Environment to deploy to"
9+
required: true
10+
default: "account-dev"
11+
type: environment
12+
branch_name:
13+
description: Branch to deploy
14+
required: true
2815
push:
2916
branches:
3017
- NRL-1595**
@@ -41,7 +28,7 @@ jobs:
4128
steps:
4229
- name: Validate environment
4330
env:
44-
IS_VALID_ENV: ${{ startsWith('account-dev', 'account-') }}
31+
IS_VALID_ENV: ${{ startsWith(inputs.environment, 'account-') }}
4532
run: |
4633
echo "valid workflow environment selected:" $IS_VALID_ENV
4734
if [[ $IS_VALID_ENV == true ]]; then
@@ -50,8 +37,8 @@ jobs:
5037
exit 1
5138
5239
terraform-plan:
53-
name: Terraform Plan - ${{ 'account-dev' }}
54-
environment: ${{ 'account-dev' }}
40+
name: Terraform Plan - ${{ inputs.environment }}
41+
environment: ${{ inputs.environment }}
5542
needs: [check-selected-environment]
5643
runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }}
5744

@@ -71,7 +58,7 @@ jobs:
7158
with:
7259
aws-region: eu-west-2
7360
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }}
74-
role-session-name: github-actions-ci-${{ 'account-dev' }}-${{ github.run_id }}
61+
role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id }}
7562

7663
- name: Retrieve Server Certificates
7764
env:
@@ -102,15 +89,15 @@ jobs:
10289
ACCOUNT_NAME: ${{ vars.ACCOUNT_NAME }}
10390
run: |
10491
terraform -chdir=terraform/account-wide-infrastructure/${ACCOUNT_NAME} show -no-color tfplan > terraform/account-wide-infrastructure/$ACCOUNT_NAME/tfplan.txt
105-
ls terraform/account-wide-infrastructure/$ACCOUNT_NAME/
92+
10693
aws s3 cp terraform/account-wide-infrastructure/$ACCOUNT_NAME/tfplan s3://nhsd-nrlf--mgmt--github-ci-logging/acc-$ACCOUNT_NAME/${{ github.run_id }}/tfplan
10794
aws s3 cp terraform/account-wide-infrastructure/$ACCOUNT_NAME/tfplan.txt s3://nhsd-nrlf--mgmt--github-ci-logging/acc-$ACCOUNT_NAME/${{ github.run_id }}/tfplan.txt
10895
10996
terraform-apply:
110-
name: Terraform Apply - ${{ 'account-dev' }}
97+
name: Terraform Apply - ${{ inputs.environment }}
11198
needs: [terraform-plan]
11299
runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }}
113-
environment: ${{ 'account-dev' }}
100+
environment: ${{ inputs.environment }}
114101

115102
steps:
116103
- name: Git clone - ${{ github.ref_name }}
@@ -128,7 +115,7 @@ jobs:
128115
with:
129116
aws-region: eu-west-2
130117
role-to-assume: ${{ secrets.MGMT_ROLE_ARN }}
131-
role-session-name: github-actions-ci-${{ 'account-dev' }}-${{ github.run_id}}
118+
role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}}
132119

133120
- name: Download Terraform Plan artifact
134121
env:
@@ -164,10 +151,3 @@ jobs:
164151
run: |
165152
deployed_version=$(terraform -chdir=terraform/account-wide-infrastructure/${ACCOUNT_NAME} output --raw version)
166153
echo $deployed_version
167-
168-
# Slack notif: starting deploy of account-wide infra <branch deets>
169-
# tf-plan: ensure output is visible in job output
170-
171-
# pre-apply: check current commit deployed in state
172-
# post-apply: update current deployed commit in state
173-
# no auto rollback

0 commit comments

Comments
 (0)