Improve version check during deployment (#4285)

Author: marcoacierno

.github/actions/wait-for-deployment/action.yml

@@ -0,0 +1,45 @@
+name: 'Wait for deployment'
+description: 'Wait fr deployment'
+inputs:
+    url:
+      description: 'URL'
+      required: true
+    githash:
+      description: 'Githash'
+      required: true
+runs:
+    using: "composite"
+    steps:
+      - name: Wait for deployment
+        run: |
+          import requests
+          import os
+          import time
+
+          attempts = 0
+          new_version_live_counter = 0
+          while new_version_live_counter < 3:
+            response = requests.get(os.getenv('URL'))
+            try:
+              commit = response.json()['version']
+              if commit == os.getenv('GITHASH'):
+                print('New version live')
+                new_version_live_counter = new_version_live_counter + 1
+                time.sleep(1)
+                continue
+              else:
+                print('Commit hash does not match. Retrying...')
+            except Exception as e:
+              print('Failed to get version', e)
+
+            attempts += 1
+
+            if attempts > 30:
+              print('Failed to get new version')
+              exit(1)
+
+            time.sleep(attempts)
+        shell: python
+        env:
+          URL: ${{ inputs.url }}
+          GITHASH: ${{ inputs.githash }}

.github/workflows/deploy.yml

@@ -12,44 +12,6 @@ env:
   TF_WORKSPACE:  ${{ fromJSON('["pastaporto", "production"]')[github.ref == 'refs/heads/main'] }}
 
 jobs:
-  create-db:
-    runs-on: ubuntu-24.04
-    defaults:
-      run:
-        working-directory: ./infrastructure/applications
-    steps:
-      - uses: actions/checkout@v4
-        if: github.ref != 'refs/heads/main'
-        with:
-          ref: ${{ github.ref }}
-          fetch-depth: 0
-      - name: Configure AWS credentials
-        if: github.ref != 'refs/heads/main'
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.aws_access_key_id }}
-          aws-secret-access-key: ${{ secrets.aws_secret_access_key }}
-          aws-region: eu-central-1
-      - uses: hashicorp/setup-terraform@v3
-        if: github.ref != 'refs/heads/main'
-        with:
-          terraform_version: 1.2.4
-      - name: Terraform Init
-        if: github.ref != 'refs/heads/main'
-        run: terraform init
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      - name: Terraform apply
-        if: github.ref != 'refs/heads/main'
-        run: terraform apply -target module.database -no-color -auto-approve &> /dev/null
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: eu-central-1
-
   build-pretix:
     runs-on: [self-hosted]
     steps:
@@ -128,6 +90,8 @@ jobs:
     permissions:
       packages: write
       contents: read
+    outputs:
+      githash: ${{ steps.git.outputs.githash }}
 
     steps:
       - uses: actions/checkout@v4
@@ -190,7 +154,7 @@ jobs:
 
   deploy-be:
     runs-on: ubuntu-24.04
-    needs: [build-be, build-pretix, create-db]
+    needs: [build-be, build-pretix]
     environment:
       name: ${{ fromJSON('["pastaporto", "production"]')[github.ref == 'refs/heads/main'] }}
     defaults:
@@ -224,34 +188,26 @@ jobs:
 
   wait-be-update:
     runs-on: ubuntu-24.04
-    needs: [deploy-be]
+    needs: [deploy-be, build-be]
     steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+          fetch-depth: 0
       - name: Wait stable deployment
-        run: |
-          while true; do
-            response=$(curl -s "https://${{ fromJSON('["pastaporto-", ""]')[github.ref == 'refs/heads/main'] }}admin.pycon.it/health")
-            commit=$(echo $response | jq -r '.commit')
-            if [ "$commit" == "${{ steps.git.outputs.githash }}" ]; then
-              echo "New version live"
-              break
-            else
-              echo "Commit hash does not match. Retrying..."
-              sleep 3
-            fi
-          done
-        shell: bash
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: eu-central-1
+        uses: ./.github/actions/wait-for-deployment
+        with:
+          url: https://${{ fromJSON('["pastaporto-", ""]')[github.ref == 'refs/heads/main'] }}admin.pycon.it/health/
+          githash: ${{ needs.build-be.outputs.githash }}
 
   build-fe:
     needs: [wait-be-update]
     runs-on: [self-hosted]
     permissions:
       packages: write
       contents: read
-
+    outputs:
+      githash: ${{ steps.git.outputs.githash }}
     steps:
       - uses: actions/checkout@v4
         with:
@@ -367,23 +323,14 @@ jobs:
 
   wait-fe-update:
     runs-on: ubuntu-24.04
-    needs: [deploy-fe]
+    needs: [deploy-fe, build-fe]
     steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref }}
+          fetch-depth: 0
       - name: Wait stable deployment
-        run: |
-          while true; do
-            response=$(curl -s "https://${{ fromJSON('["pastaporto-frontend", "frontend"]')[github.ref == 'refs/heads/main'] }}.pycon.it/api/health")
-            commit=$(echo $response | jq -r '.commit')
-            if [ "$commit" == "${{ steps.git.outputs.githash }}" ]; then
-              echo "New version live"
-              break
-            else
-              echo "Commit hash does not match. Retrying..."
-              sleep 3
-            fi
-          done
-        shell: bash
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: eu-central-1
+        uses: ./.github/actions/wait-for-deployment
+        with:
+          url: https://${{ fromJSON('["pastaporto-frontend", "frontend"]')[github.ref == 'refs/heads/main'] }}.pycon.it/api/health
+          githash: ${{ needs.build-fe.outputs.githash }}