generated from DFE-Digital/govuk-rails-boilerplate
101 lines (90 loc) · 3.69 KB
/
deploy_to_dev.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
name: Deploy to Dev
on:
push:
branches:
- develop
paths-ignore:
- 'documentation/**'
jobs:
deploy:
runs-on: ubuntu-20.04
steps:
- uses: softprops/turnstyle@v1
name: Check workflow concurrency
with:
poll-interval-seconds: 20
same-branch-only: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v3
name: Checkout Code
- name: Pin Terraform version
uses: hashicorp/setup-terraform@v1.4.0
with:
terraform_version: 0.14.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: v0.9.1 # More recent buildx versions generate an OCI manifest
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_DEV_PASSWORD }}
- name: Build and push docker image from builder target
uses: docker/build-push-action@v2
with:
context: .
build-args: BUILDKIT_INLINE_CACHE=1
cache-from: |
dfedigital/early-careers-framework-dev:builder
push: true
tags: dfedigital/early-careers-framework-dev:builder
target: builder
provenance: false
- name: Build and push docker image from early-careers-framework-gems-node-modules target
uses: docker/build-push-action@v2
with:
context: .
build-args: BUILDKIT_INLINE_CACHE=1
cache-from: |
dfedigital/early-careers-framework-dev:gems-node-modules
push: true
tags: dfedigital/early-careers-framework-dev:gems-node-modules
target: early-careers-framework-gems-node-modules
- name: Build and push docker image from assets-precompile target
uses: docker/build-push-action@v2
with:
context: .
build-args: BUILDKIT_INLINE_CACHE=1
cache-from: |
dfedigital/early-careers-framework-dev:assets-precompile
push: true
tags: dfedigital/early-careers-framework-dev:assets-precompile
target: assets-precompile
- name: Build and push docker image from production target
uses: docker/build-push-action@v2
with:
context: .
build-args: |
BUILDKIT_INLINE_CACHE=1
SHA=${{ github.sha }}
cache-from: |
dfedigital/early-careers-framework-prod:latest
push: true
tags: |
dfedigital/early-careers-framework-prod:${{ github.sha }}
dfedigital/early-careers-framework-prod:latest
target: production
- name: Deploy to dev
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
TF_VAR_paas_user: ${{ secrets.GOVPAAS_DEV_USERNAME }}
TF_VAR_paas_password: ${{ secrets.GOVPAAS_DEV_PASSWORD }}
TF_VAR_statuscake_api_token: ${{ secrets.STATUSCAKE_API_TOKEN }}
run: |
export TF_VAR_paas_app_docker_image=dfedigital/early-careers-framework-prod:${{ github.sha }}
cd terraform/app
terraform init -reconfigure -input=false -backend-config="bucket=paas-s3-broker-prod-lon-7f2ca242-9929-4662-a79c-c454ea56ea7b"
terraform apply -input=false -auto-approve -var-file ../workspace-variables/dev.tfvars -var='secret_paas_app_env_values={"RAILS_MASTER_KEY":"${{secrets.RAILS_MASTER_KEY_DEV}}"}' -var 'logstash_url=${{secrets.SYSLOG_DRAIN_URL}}' -var 'docker_username=${{ secrets.DOCKER_USERNAME }}' -var 'docker_password=${{ secrets.DOCKER_DEV_PASSWORD }}'