DDLS-412 add helper script for sg removal (#1759) #511
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "[Workflow] Path to live" | |
| concurrency: | |
| group: ${{ github.ref }}-${{ github.workflow }} | |
| defaults: | |
| run: | |
| shell: bash | |
| on: | |
| push: | |
| branches: | |
| - main # match main | |
| permissions: | |
| id-token: write | |
| contents: write | |
| security-events: write | |
| pull-requests: read | |
| actions: none | |
| checks: none | |
| deployments: none | |
| issues: none | |
| packages: none | |
| repository-projects: none | |
| statuses: none | |
| jobs: | |
| workflow_variables: | |
| runs-on: ubuntu-latest | |
| name: output workflow variables | |
| outputs: | |
| build_identifier: "main" | |
| version_tag: ${{ steps.semver_tag.outputs.created_tag }} | |
| steps: | |
| - uses: actions/checkout@3b9b8c884f6b4bb4d5be2779c26374abadae0871 # pin@v3 | |
| - name: Generate build output using Markdown | |
| run: | | |
| echo "### Build Variables" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "- Branch: main" >> $GITHUB_STEP_SUMMARY | |
| echo "- Build Identifier: main" >> $GITHUB_STEP_SUMMARY | |
| - name: generate semver tag and release | |
| id: semver_tag | |
| uses: ministryofjustice/opg-github-actions/.github/actions/semver-tag@v3.1.0 | |
| with: | |
| prerelease: false | |
| default_bump: "minor" | |
| - name: show build identifier and tag | |
| id: show | |
| env: | |
| TAG: ${{ steps.semver_tag.outputs.created_tag }} | |
| run: | | |
| echo "Build Identifier: main" | |
| echo "Container Tag: ${TAG}" | |
| build_web_resources: | |
| name: build web resources | |
| uses: ./.github/workflows/_web-resources.yml | |
| secrets: inherit | |
| docker_build_scan_push: | |
| name: build, scan and push | |
| uses: ./.github/workflows/_build-and-push.yml | |
| needs: | |
| - workflow_variables | |
| - build_web_resources | |
| with: | |
| tag: ${{ needs.workflow_variables.outputs.version_tag }} | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| push_to_ecr: true | |
| secrets: inherit | |
| api_unit_tests_1: | |
| name: api unit tests 1 | |
| uses: ./.github/workflows/_unit-tests-api.yml | |
| with: | |
| selection: selection-1 | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| needs: | |
| - workflow_variables | |
| api_unit_tests_2: | |
| name: api unit tests 2 | |
| uses: ./.github/workflows/_unit-tests-api.yml | |
| with: | |
| selection: selection-2 | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| needs: | |
| - workflow_variables | |
| api_unit_tests_3: | |
| name: api unit tests 3 | |
| uses: ./.github/workflows/_unit-tests-api.yml | |
| with: | |
| selection: selection-3 | |
| branch_name: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| needs: | |
| - workflow_variables | |
| client_unit_tests: | |
| name: client unit tests | |
| uses: ./.github/workflows/_unit-tests-client.yml | |
| needs: | |
| - workflow_variables | |
| - build_web_resources | |
| codecov: | |
| name: upload to codecov | |
| uses: ./.github/workflows/_codecov.yml | |
| needs: | |
| - client_unit_tests | |
| - api_unit_tests_1 | |
| - api_unit_tests_2 | |
| - api_unit_tests_3 | |
| secrets: inherit | |
| miscellaneous_unit_tests: | |
| name: miscellaneous unit tests | |
| uses: ./.github/workflows/_unit-tests-miscellaneous.yml | |
| needs: | |
| - workflow_variables | |
| terraform_apply_account_development: | |
| name: development account apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - workflow_variables | |
| with: | |
| workspace: development | |
| terraform_path: account | |
| apply: true | |
| account_name: development | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| secrets: inherit | |
| terraform_apply_account_preproduction: | |
| name: preproduction account apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_account_development | |
| - docker_build_scan_push | |
| - miscellaneous_unit_tests | |
| - client_unit_tests | |
| - api_unit_tests_1 | |
| - api_unit_tests_2 | |
| - api_unit_tests_3 | |
| with: | |
| workspace: preproduction | |
| terraform_path: account | |
| apply: true | |
| account_name: preproduction | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| secrets: inherit | |
| terraform_apply_integration: | |
| name: integration environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_preproduction | |
| - workflow_variables | |
| with: | |
| workspace: integration | |
| terraform_path: environment | |
| apply: true | |
| account_name: preproduction | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| secrets: inherit | |
| scale_services_up: | |
| name: scale up integration services | |
| uses: ./.github/workflows/_scale-services.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_integration | |
| with: | |
| replicas: 6 | |
| acu: 16 | |
| account_id: 454262938596 | |
| workspace: integration | |
| secrets: inherit | |
| reset_database: | |
| name: reset integration database | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - scale_services_up | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "reset_database" | |
| timeout: "500" | |
| secrets: inherit | |
| integration_tests_1: | |
| name: integration tests frontend 1 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests-parallel.sh,--tags,@v2_reporting_1,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_2: | |
| name: integration tests frontend 2 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests-parallel.sh,--tags,@v2_reporting_2,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_admin: | |
| name: integration tests admin | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests-parallel.sh,--tags,@v2_admin,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_sequential_1: | |
| name: integration tests sequential 1 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests.sh,--tags,@v2_sequential_1,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_sequential_2: | |
| name: integration tests sequential 2 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests.sh,--tags,@v2_sequential_2,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| integration_tests_sequential_3: | |
| name: integration tests sequential 3 | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - reset_database | |
| with: | |
| workspace: integration | |
| account_name: preproduction | |
| task_name: "integration_test_v2" | |
| timeout: "1200" | |
| override: "sh,./tests/Behat/run-tests.sh,--tags,@v2_sequential_3,--profile,v2-tests-browserkit" | |
| secrets: inherit | |
| scale_services_down: | |
| if: always() | |
| name: scale down integration services | |
| uses: ./.github/workflows/_scale-services.yml | |
| needs: | |
| - workflow_variables | |
| - integration_tests_sequential_1 | |
| - integration_tests_sequential_2 | |
| - integration_tests_sequential_3 | |
| - integration_tests_admin | |
| - integration_tests_1 | |
| - integration_tests_2 | |
| with: | |
| replicas: 1 | |
| acu: 4 | |
| account_id: 454262938596 | |
| workspace: integration | |
| secrets: inherit | |
| terraform_apply_preproduction: | |
| name: preproduction environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_preproduction | |
| - workflow_variables | |
| - integration_tests_sequential_1 | |
| - integration_tests_sequential_2 | |
| - integration_tests_sequential_3 | |
| - integration_tests_admin | |
| - integration_tests_1 | |
| - integration_tests_2 | |
| with: | |
| workspace: preproduction | |
| terraform_path: environment | |
| apply: true | |
| account_name: preproduction | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| secrets: inherit | |
| terraform_apply_training: | |
| name: training environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_preproduction | |
| - workflow_variables | |
| with: | |
| workspace: training | |
| terraform_path: environment | |
| apply: true | |
| account_name: preproduction | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| secrets: inherit | |
| terraform_apply_account_production: | |
| name: production account apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_preproduction | |
| with: | |
| workspace: production | |
| terraform_path: account | |
| apply: true | |
| account_name: production | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| secrets: inherit | |
| terraform_apply_production: | |
| name: production environment apply terraform | |
| uses: ./.github/workflows/_run-terraform.yml | |
| needs: | |
| - terraform_apply_account_production | |
| - workflow_variables | |
| with: | |
| workspace: production02 | |
| terraform_path: environment | |
| apply: true | |
| container_version: ${{ needs.workflow_variables.outputs.version_tag }} | |
| account_name: production | |
| secrets: inherit | |
| smoke_tests_production: | |
| name: smoke tests on production | |
| uses: ./.github/workflows/_run-task.yml | |
| needs: | |
| - workflow_variables | |
| - terraform_apply_production | |
| with: | |
| workspace: production02 | |
| account_name: production | |
| task_name: "smoke_tests" | |
| timeout: "900" | |
| secrets: inherit | |
| end_of_workflow: | |
| name: end of workflow | |
| runs-on: ubuntu-latest | |
| needs: | |
| - smoke_tests_production | |
| - codecov | |
| - workflow_variables | |
| steps: | |
| - name: workflow ended successfully | |
| run: | | |
| echo "${{ needs.workflow_variables.outputs.build_identifier }} PR environment tested, built and deployed" | |
| echo "Tag Used: ${{ needs.workflow_variables.outputs.version_tag }}" | |
| echo "URL: https://${{ needs.workflow_variables.outputs.build_identifier }}.complete-deputy-report.service.gov.uk" | |
| slack_notify_success: | |
| name: notify of success | |
| uses: ./.github/workflows/_slack-notification.yml | |
| needs: | |
| - workflow_variables | |
| - end_of_workflow | |
| with: | |
| success: yes | |
| branch: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| account: 515688267891 | |
| secrets: inherit | |
| slack_notify_failure: | |
| name: notify of failure | |
| uses: ./.github/workflows/_slack-notification.yml | |
| if: ${{ failure() }} | |
| needs: | |
| - workflow_variables | |
| - end_of_workflow | |
| with: | |
| success: no | |
| branch: ${{ needs.workflow_variables.outputs.build_identifier }} | |
| account: 515688267891 | |
| secrets: inherit |