v1.14.1 #22
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Production | |
| on: | |
| release: | |
| types: | |
| - published | |
| workflow_dispatch: | |
| env: | |
| DOCKER_BUILDKIT: 1 | |
| COMPOSE_DOCKER_CLI_BUILD: 1 | |
| jobs: | |
| deploy-prod: | |
| name: deploy-prod | |
| runs-on: ubuntu-latest | |
| environment: prod | |
| timeout-minutes: 60 | |
| concurrency: | |
| group: ${{ github.ref }}/deploy-prod | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| - name: install nodejs v20 | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: 'npm' | |
| cache-dependency-path: 'cdk/package-lock.json' | |
| - name: install cdk npm packages and verify installation | |
| working-directory: cdk | |
| run: | | |
| npm ci | |
| npx cdk doctor | |
| - name: configure environment | |
| shell: bash | |
| run: | | |
| # configure docker | |
| cp -f docker/.env.template docker/.env | |
| sed -i.bak -E 's/^(REGISTRY[[:blank:]]*=[[:blank:]]*).*/\1\"'"${REGISTRY}"'\"/' docker/.env | |
| sed -i.bak -E 's/^(REPOSITORY[[:blank:]]*=[[:blank:]]*).*/\1\"'"${REPOSITORY}"'\"/' docker/.env | |
| env: | |
| REGISTRY: ${{ secrets.REGISTRY }} | |
| REPOSITORY: ${{ vars.REPOSITORY }} | |
| - name: configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_PROD_DEPLOY_ROLE }} | |
| role-session-name: github-actions | |
| aws-region: eu-north-1 | |
| - name: synthesize cdk stacks | |
| working-directory: cdk | |
| run: | | |
| npx cdk synth *-prod --quiet > /tmp/synth.log 2>&1 | |
| - name: upload syth log artifacts | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: synth-logs | |
| path: /tmp/synth.log | |
| - name: deploy cdk stacks | |
| working-directory: cdk | |
| run: | | |
| npx cdk deploy *-prod --require-approval=never > /tmp/deploy.log 2>&1 | |
| - name: upload deploy log artifacts | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: deploy-logs | |
| path: /tmp/deploy.log | |
| - name: Notify Zulip | |
| uses: zulip/github-actions-zulip/send-message@v1 | |
| with: | |
| api-key: ${{ secrets.ZULIP_API_KEY }} | |
| email: '[email protected]' | |
| organization-url: 'https://turina.dvv.fi' | |
| to: 'DGA' | |
| type: 'stream' | |
| topic: 'Production Deployments' | |
| content: 'Production deployment succeeded! (${{ github.event.head_commit.message }})' | |
| - name: Notify Zulip on error | |
| if: failure() | |
| uses: zulip/github-actions-zulip/send-message@v1 | |
| with: | |
| api-key: ${{ secrets.ZULIP_API_KEY }} | |
| email: '[email protected]' | |
| organization-url: 'https://turina.dvv.fi' | |
| to: 'DGA' | |
| type: 'stream' | |
| topic: 'Production Deployments' | |
| content: 'Production deployment failed! (${{ github.event.head_commit.message }})' |