Skip to content

deploy

deploy #232

Workflow file for this run

name: deploy
on:
workflow_run:
workflows:
- check
types:
- completed
branches:
- master
# Ensures that only one deploy task per branch/environment will run at a time.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false
jobs:
org-formation:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
steps:
- name: Get role session name
uses: bhowell2/github-substring-action@1.0.2
id: role-session-name
with:
value: GitHubActions-${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }}
length_from_end: 64
- uses: actions/checkout@v3
- name: Assume AWS Role
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::531805629419:role/sagebase-github-oidc-sage-bionetworks-it
role-session-name: ${{ steps.role-session-name.outputs.substring }}
role-duration-seconds: 1200
- name: Use Node.js
uses: actions/setup-node@v3
with:
node-version: 18
- name: Cache node modules
uses: actions/cache@v3
env:
cache-name: cache-node-modules
with:
# npm cache files are stored in `~/.npm` on Linux/macOS
path: ~/.npm
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Install dependencies
run: npm install
- name: Generate AWS CDK bootstrap template
run: npm run generate-cdk-bootstrap-template
- name: Add EnableKeyRotation property to CDK assets key
run: npm run patch-cdk-bootstrap-template
- name: Validate ofn templates
run: npm run validate-tasks
- name: Validate with print-task
run: npm run print-tasks-failfast
- name: Deploy with ofn
run: npm run ci-perform-tasks-parallel
# Map a step output to a job output
outputs:
role-session-name: ${{ steps.role-session-name.outputs.substring }}
sceptre-organizations:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::531805629419:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/organizations"
sceptre-admincentral:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::745159704268:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/admincentral"
sceptre-itsandbox:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::804034162148:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/itsandbox"
sceptre-scicomp:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::055273631518:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/scicomp"
sceptre-strides:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::423819316185:role/github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/strides"
sceptre-strides-ampad-workflows:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::751556145034:role/github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/strides-ampad-workflows"
sceptre-scipooldev:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::465877038949:role/sagebase-github-oidc-sage-bionetworks-it"
working-dir: "sceptre/scipool"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
sceptre-command: "sceptre launch develop --prune --yes"
sceptre-scipoolprod:
needs: [org-formation]
uses: "./.github/workflows/aws-scipool.yaml"
with:
role-to-assume: "arn:aws:iam::237179673806:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/scipool"
sceptre-stridespool:
needs: [org-formation, sceptre-strides]
uses: "./.github/workflows/aws-scipool.yaml"
with:
role-to-assume: "arn:aws:iam::423819316185:role/github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/scipool"
sceptre-command: "sceptre launch strides --prune --yes"
sceptre-bmgfki:
needs: [org-formation]
uses: "./.github/workflows/aws-scipool.yaml"
with:
role-to-assume: "arn:aws:iam::464102568320:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/scipool"
sceptre-command: "sceptre launch bmgfki --prune --yes"
sceptre-sageit-staging:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::797640923903:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/sageit"
sceptre-command: "sceptre launch staging --prune --yes"
sceptre-sageit-prod:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::797640923903:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/sageit"
sceptre-logcentral:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::231505186444:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/logcentral"
sceptre-synapsedev:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::449435941126:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/synapsedev"
sceptre-synapseprod:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::325565585839:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/synapseprod"
sceptre-bridgedev:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::420786776710:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/bridge"
sceptre-command: "sceptre launch develop --prune --yes"
sceptre-bridgeprod:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::649232250620:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/bridge"
sceptre-imagecentral:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::867686887310:role/sagebase-github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/imagecentral"
sceptre-aws-opendata:
needs: [org-formation]
uses: "./.github/workflows/aws-deploy.yaml"
with:
role-to-assume: "arn:aws:iam::373143421983:role/github-oidc-sage-bionetworks-it"
role-session-name: ${{ needs.org-formation.outputs.role-session-name }}
working-dir: "sceptre/aws-opendata"