1414
1515env :
1616 AWS_REGION : eu-west-2
17- AWS_S3_SOURCE_RELEASES_BUCKET : vita-${{ secrets.PROMOTE_SOURCE_AWS_ACCOUNT_ID }}-releases-${{ vars.PROMOTE_SOURCE_ENVIRONMENT }}
18- AWS_S3_TARGET_RELEASES_BUCKET : vita-${{ secrets.AWS_ACCOUNT_ID }}-releases-${{ inputs.environment }}
1917
2018jobs :
21- promote :
22- name : " Promote to ${{ inputs. environment}} environment "
19+ prepare :
20+ name : " Prepare lower environment variables "
2321 runs-on : ubuntu-latest
22+ environment : ${{ inputs.environment }}
23+ timeout-minutes : 3
24+ outputs :
25+ PROMOTE_SOURCE_ENVIRONMENT : ${{ steps.get-env.outputs.PROMOTE_SOURCE_ENVIRONMENT }}
26+ steps :
27+ - name : " Export lower environment name"
28+ id : get-env
29+ run : |
30+ echo "PROMOTE_SOURCE_ENVIRONMENT=${{ vars.PROMOTE_SOURCE_ENVIRONMENT }}" >> $GITHUB_OUTPUT
31+
32+ download :
33+ name : " Download package from ${{ needs.prepare.outputs.PROMOTE_SOURCE_ENVIRONMENT }} env"
34+ runs-on : ubuntu-latest
35+ needs : [prepare]
2436 environment :
25- name : ${{ inputs.environment }}
26- timeout-minutes : 20
37+ name : ${{ needs.prepare.outputs.PROMOTE_SOURCE_ENVIRONMENT }}
38+ timeout-minutes : 5
39+ env :
40+ ENVIRONMENT : ${{ needs.prepare.outputs.PROMOTE_SOURCE_ENVIRONMENT }}
2741 permissions :
2842 id-token : write
2943 contents : read
3044 steps :
31- - name : " Configure AWS credentials for promote source ${{ vars.PROMOTE_SOURCE_ENVIRONMENT }} env "
45+ - name : " Configure AWS credentials for env:${ENVIRONMENT} "
3246 uses : aws-actions/configure-aws-credentials@v5
3347 with :
3448 role-session-name : GitHubActionsSession
35- role-to-assume : ${{ secrets.PROMOTE_SOURCE_IAM_ROLE }}
49+ role-to-assume : ${{ secrets.IAM_ROLE }}
3650 aws-region : ${{ env.AWS_REGION }}
3751 - name : " Download package from source S3 releases bucket"
52+ env :
53+ AWS_S3_SOURCE_RELEASES_BUCKET : vita-${{ secrets.AWS_ACCOUNT_ID }}-releases-${ENVIRONMENT}
3854 run : |
3955 app_s3_path="s3://${AWS_S3_SOURCE_RELEASES_BUCKET}/tag/${{ inputs.release_tag }}/open-next.zip"
4056 echo "Artefact path: $app_s3_path"
@@ -45,13 +61,41 @@ jobs:
4561 workflow_s3_path="s3://${AWS_S3_SOURCE_RELEASES_BUCKET}/tag/${{ inputs.release_tag }}/workflow.log"
4662 echo "Artefact path: $workflow_s3_path"
4763 aws s3 cp "$workflow_s3_path" .
48- name : " Configure AWS credentials for target ${{ inputs.environment }} env"
64+
65+ name : " Upload release package as artifact"
66+ uses : actions/upload-artifact@v4
67+ with :
68+ name : release-package
69+ path : |
70+ open-next.zip
71+ lambda.zip
72+ workflow.log
73+ retention-days : 1
74+
75+ promote :
76+ name : " Promote to ${{ inputs.environment}} environment"
77+ runs-on : ubuntu-latest
78+ needs : [download]
79+ environment :
80+ name : ${{ inputs.environment }}
81+ timeout-minutes : 20
82+ permissions :
83+ id-token : write
84+ contents : read
85+ steps :
86+ - name : " Download release package from artifact"
87+ uses : actions/download-artifact@v4
88+ with :
89+ name : release-package
90+ - name : " Configure AWS credentials for target env:${{ inputs.environment }}"
4991 uses : aws-actions/configure-aws-credentials@v5
5092 with :
5193 role-session-name : GitHubActionsSession
5294 role-to-assume : ${{ secrets.IAM_ROLE }}
5395 aws-region : ${{ env.AWS_REGION }}
54- - name : " Upload package to ${{ inputs.environment }} S3 releases bucket"
96+ - name : " Upload package to target S3 releases bucket"
97+ env :
98+ AWS_S3_TARGET_RELEASES_BUCKET : vita-${{ secrets.AWS_ACCOUNT_ID }}-releases-${{ inputs.environment }}
5599 run : |
56100 aws s3api put-object --bucket "${AWS_S3_TARGET_RELEASES_BUCKET}" --key "tag/${{inputs.release_tag}}/open-next.zip" --body "open-next.zip" --if-none-match '*' || {
57101 echo "Uploading open-next.zip to environment S3 bucket failed"
@@ -68,3 +112,12 @@ jobs:
68112 exit 1
69113 }
70114
115+ cleanup :
116+ name : " Cleanup release package from artifact"
117+ runs-on : ubuntu-latest
118+ needs : [promote]
119+ steps :
120+ - name : " Delete workflow artifact"
121+ uses : geekyeggo/delete-artifact@v5
122+ with :
123+ name : release-package
0 commit comments