github-workflows/.github/workflows/release-deploy.yml at main · aproorg/github-workflows · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: 🚀 Release
on:
  workflow_call:
    inputs:
      aws_region:
        required: false
        default: eu-west-1
        type: string
      github_ci_ecr_role_arn:
        required: true
        type: string
      deploy_to_staging:
        required: false
        type: boolean
        default: true
      deploy_to_prod:
        required: false
        type: boolean
        default: true
      github_ci_role_prod_arn:
        required: false
        type: string
      github_ci_role_staging_arn:
        required: false
        type: string
      ecr_repository:
        required: false
        type: string
      ecr_repositories:
        required: false
        type: string
      terraform_version:
        description: 'Terraform version'
        type: string
        default: '1.9.8'
      service_name:
        required: false
        type: string
      services:
        required: false
        type: string
        description: 'Services names when deploying multiple services. Should be a list of objects with keys "directory" and "name" e.g. [{"directory": "core", "name": "apro-core-service"}]'
      cluster_name_staging:
        required: true
        type: string
      cluster_name_prod:
        required: true
        type: string
      pre_applied_resources:
        description: 'Resources to apply before main deploy'
        type: string
        default: '[]'

permissions:
  id-token: write # Required f. IAM Token
  contents: write

jobs:
  version-tag:
    name: 🔖 Version tag image
    runs-on: ubuntu-latest
    steps:
      - name: 📁 Checkout
        uses: actions/checkout@v4

      - name: 🔖 Version tag image
        uses: aproorg/github-workflows/.github/actions/retag-docker-image@main
        with:
          AWS_REGION: ${{ inputs.aws_region }}
          AWS_ROLE_ARN: ${{ inputs.github_ci_ecr_role_arn }}
          ECR_REPOSITORY: ${{ inputs.ecr_repository }}
          ECR_REPOSITORIES: ${{ inputs.ecr_repositories }}
          VERSION_TAG: ${{ github.event.release.tag_name }}

  unify-services:
    name: '🤝 Unify service inputs'
    runs-on: ubuntu-latest
    outputs:
      final_services: ${{ steps.unify-services.outputs.final_services }}
    steps:
      - name: 🤝 Unify service inputs
        id: unify-services
        uses: aproorg/github-workflows/.github/actions/unify-services@main
        with:
          service_name: ${{ inputs.service_name }}
          services: ${{ inputs.services }}


  deploy-to-staging:
    name: '🚀 Deploy to staging'
    strategy:
      matrix:
        include: ${{ fromJSON(needs.unify-services.outputs.final_services) }}
    environment: staging
    if: ${{ inputs.deploy_to_staging == true }}
    needs:
      - version-tag
      - unify-services
    runs-on: ubuntu-latest
    steps:
      - name: 📁 Checkout
        uses: actions/checkout@v4

      - name: 🚀 Deploy to staging
        uses: aproorg/github-workflows/.github/actions/deploy-ecs-service@main
        with:
          AWS_REGION: ${{ inputs.aws_region }}
          AWS_DEPLOYMENT_ROLE: ${{ inputs.github_ci_role_staging_arn }}
          ENVIRONMENT: staging
          IMAGE_TAG: ${{ github.event.release.tag_name }}
          TERRAFORM_VERSION: ${{ inputs.terraform_version }}
          TERRAFORM_PATH: '${{ matrix.directory }}/terraform'
          SERVICE_NAME: ${{ matrix.name }}
          CLUSTER_NAME: ${{ inputs.cluster_name_staging }}
          PRE_APPLIED_RESOURCES: ${{ inputs.pre_applied_resources }}

  deploy-to-prod:
    name: '🚀 Deploy to prod'
    environment: prod
    if: ${{ inputs.deploy_to_prod == true }}
    strategy:
      matrix:
        include: ${{ fromJSON(needs.unify-services.outputs.final_services) }}
    needs:
      - version-tag
      - unify-services
    runs-on: ubuntu-latest
    steps:
      - name: 📁 Checkout
        uses: actions/checkout@v4

      - name: 🚀 Deploy to prod
        uses: aproorg/github-workflows/.github/actions/deploy-ecs-service@main
        with:
          AWS_REGION: ${{inputs.aws_region}}
          AWS_DEPLOYMENT_ROLE: ${{ inputs.github_ci_role_prod_arn }}
          ENVIRONMENT: prod
          IMAGE_TAG: ${{ github.event.release.tag_name }}
          TERRAFORM_VERSION: ${{ inputs.terraform_version }}
          TERRAFORM_PATH: '${{ matrix.directory }}/terraform'
          SERVICE_NAME: ${{ matrix.name }}
          CLUSTER_NAME: ${{ inputs.cluster_name_staging }}
          PRE_APPLIED_RESOURCES: ${{ inputs.pre_applied_resources }}