Merge pull request #3470 from UK-Export-Finance/feat/EMS-4098-deploym…

…ent-pipeline feat(EMS-4098): deployment pipeline automation
UK-Export-Finance · Jan 10, 2025 · 020c712 · 020c712
2 parents fe25400 + a183678
commit 020c712
Show file tree

Hide file tree

Showing 6 changed files with 673 additions and 677 deletions.
diff --git a/.github/actions/mysql/action.yml b/.github/actions/mysql/action.yml
@@ -44,12 +44,6 @@ runs:
       with:
         node-version: ${{ inputs.node }}
 
-    # Step 3: Install dependencies.
-    - name: Dependencies
-      working-directory: ./libs/common
-      run: npm ci
-      shell: bash
-
     # Step 4: Execute MySQL export.
     - name: Import ⬇
       if: ${{ '1' == inputs.execute }}

diff --git a/.github/actions/webapp/action.yml b/.github/actions/webapp/action.yml
@@ -83,11 +83,6 @@ runs:
       working-directory: src/${{ inputs.webapp }}
       run: |
         # Build images
-        docker build -f ./${{ env.DOCKERFILE }} . \
-        -t ${{ env.ACR }}/${{ inputs.webapp }}:${{ github.sha }} \
-        -t ${{ env.ACR }}/${{ inputs.webapp }}:latest \
-        --build-arg GITHUB_SHA=${{ github.sha }}
-
         docker build . \
           -t ${{ env.ACR }}/${{ inputs.webapp }}:${{ github.sha }} \
           -t ${{ env.ACR }}/${{ inputs.webapp }}:latest \
@@ -101,32 +96,32 @@ runs:
         docker push ${{ env.ACR }}/${{ inputs.webapp }}:latest
       shell: bash
 
-    # Step 7: Create and swap deployment slot.
-    - name: Slot 🔀
+    # Step 7: Create deployment slot.
+    - name: Create ➕
       uses: azure/cli@v2.1.0
       with:
         inlineScript: |
           # Create new temporary slot
           az webapp deployment slot create \
           --slot ${{ github.sha }} \
-          --name ${{ inputs.webapp }} \
-          --configuration-source ${{ inputs.webapp }} \
+          --name ${{ env.WEBAPP }} \
+          --configuration-source ${{ env.WEBAPP }} \
           --deployment-container-image-name ${{ env.ACR }}/${{ inputs.webapp }}:latest \
           --docker-registry-server-user ${{ env.ACR_USER }} \
           --docker-registry-server-password ${{ inputs.acr }}
 
+    # Step 8: Swap deployment slot.
+    - name: Swap 🔀
+      uses: azure/cli@v2.1.0
+      with:
+        inlineScript: |
           # Swap slot
           az webapp deployment slot swap \
           --slot ${{ github.sha }} \
-          --name ${{ inputs.webapp }} \
+          --name ${{ env.WEBAPP }} \
           --action swap
 
-          # Delete temporary slot
-          az webapp deployment slot delete \
-          --slot ${{ github.sha }} \
-          --name ${{ inputs.webapp }}
-
-    # Step 8: Cleanup temporary slot.
+    # Step 9: Cleanup temporary slot.
     - name: Cleanup 🧹
       if: always()
       uses: azure/cli@v2.1.0
@@ -135,4 +130,4 @@ runs:
           # Delete temporary slot
           az webapp deployment slot delete \
           --slot ${{ github.sha }} \
-          --name ${{ inputs.webapp }}
+          --name ${{ env.WEBAPP }}
diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
@@ -18,7 +18,7 @@
 # 2. Any modifications to atleast one of the `paths` targets.
 
 name: Deployment
-run-name: 🚀 Deploying to ${{ github.event.workflow_run.head_branch }}
+run-name: 🚀 Deploying from ${{ github.ref_name }}
 
 on:
   schedule:
@@ -34,11 +34,11 @@ on:
     paths:
       - 'src/**'
       - 'database/**'
-      - '.github/workflows/**'
+      - '.github/**'
 
 env:
   PRODUCT: exip
-  ENVIRONMENT: ${{ github.event.workflow_run.head_branch }}
+  ENVIRONMENT: ${{ github.ref_name }}
   TIMEZONE: ${{ vars.TIMEZONE }}
 
 jobs:
@@ -58,7 +58,7 @@ jobs:
           if [[ "${{ env.ENVIRONMENT }}" == "main" ]]; then
             echo "environment=dev" >> "$GITHUB_OUTPUT"
           else
-            echo "environment=${{ github.event.workflow_run.head_branch }}" >> "$GITHUB_OUTPUT"
+            echo "environment=${{ env.ENVIRONMENT }}" >> "$GITHUB_OUTPUT"
           fi
 
       - name: Timezone 🌐
@@ -70,6 +70,7 @@ jobs:
     needs: [setup]
     environment: ${{ needs.setup.outputs.environment }}
     runs-on: [self-hosted, EXIP, deployment]
+    if: ${{ '1' == vars.DATABASE }}
     env:
       ENVIRONMENT: ${{ needs.setup.outputs.environment }}
 
@@ -91,7 +92,7 @@ jobs:
   # 3. micro-serices WebApp deployments
   webapp:
     name: WebApp 🌐
-    needs: [setup, database]
+    needs: [setup]
     environment: ${{ needs.setup.outputs.environment }}
     runs-on: [self-hosted, EXIP, deployment]
     env:
@@ -110,10 +111,10 @@ jobs:
       cancel-in-progress: true
 
     steps:
-      - name: Repository 🗂️
+      - name: Repository 🗂️🌎
         uses: actions/checkout@v4
 
-      - name: Port 🛜
+      - name: Port ⭕️
         run: |
           if [[ "${{ matrix.webapp }}" == "ui" ]]; then
             echo "PORT=${{ vars.UI_PORT }}" >> "$GITHUB_ENV"
@@ -125,7 +126,7 @@ jobs:
         uses: ./.github/actions/webapp
         with:
           region: ${{ vars.REGION }}
-          group: ${{ secrets.RESOURCE_GROUP }}
+          group: rg-${{ env.PRODUCT }}-${{ env.ENVIRONMENT }}-${{ vars.VERSION }}
           credentials: ${{ secrets.AZURE_CREDENTIALS }}
           acr: ${{ secrets.ACR_PASSWORD }}
           webapp: ${{ matrix.webapp }}
@@ -135,8 +136,31 @@ jobs:
           session: ${{ secrets.SESSION_SECRET }}
           notify: ${{ secrets.GOV_NOTIFY_API_KEY }}
 
-      - name: Environment 🧱
+      - name: UI 🧱
         uses: azure/cli@v2
+        if: ${{ 'ui' == matrix.webapp }}
+        with:
+          inlineScript: |
+            az webapp config appsettings set \
+            --name app-${{ env.PRODUCT }}-ui-${{ env.ENVIRONMENT }}-${{ vars.VERSION }} \
+            --settings \
+            TZ='${{ vars.TIMEZONE }}' \
+            NODE_ENV='${{ vars.NODE_ENV }}' \
+            PORT='${{ vars.UI_PORT }}' \
+            WEBSITES_PORT='${{ vars.UI_PORT }}' \
+            SESSION_SECRET='${{ secrets.SESSION_SECRET }}' \
+            GOOGLE_ANALYTICS_ID='${{ secrets.GOOGLE_ANALYTICS_ID }}' \
+            GOOGLE_TAG_MANAGER_ID='${{ secrets.GOOGLE_TAG_MANAGER_ID }}' \
+            APIM_MDM_URL='${{ secrets.APIM_MDM_URL }}' \
+            APIM_MDM_KEY='${{ secrets.APIM_MDM_KEY }}' \
+            APIM_MDM_VALUE='${{ secrets.APIM_MDM_VALUE }}' \
+            API_KEY='${{ secrets.API_KEY }}'
+            APIM_MDM_VALUE='${{ secrets.APIM_MDM_VALUE }}' \
+            API_KEY='${{ secrets.API_KEY }}'
+
+      - name: API 🧱
+        uses: azure/cli@v2
+        if: ${{ 'api' == matrix.webapp }}
         with:
           inlineScript: |
             az webapp config appsettings set \
@@ -159,27 +183,10 @@ jobs:
             FEEDBACK_EMAIL_RECIPIENT='${{ secrets.FEEDBACK_EMAIL_RECIPIENT }}' \
             EXCELJS_PROTECTION_PASSWORD='${{ secrets.EXCELJS_PROTECTION_PASSWORD }}'
 
-            az webapp config appsettings set \
-            --name app-${{ env.PRODUCT }}-ui-${{ env.ENVIRONMENT }}-${{ vars.VERSION }} \
-            --settings \
-            TZ='${{ vars.TIMEZONE }}' \
-            NODE_ENV='${{ vars.NODE_ENV }}' \
-            PORT='${{ vars.UI_PORT }}' \
-            WEBSITES_PORT='${{ vars.UI_PORT }}' \
-            SESSION_SECRET='${{ secrets.SESSION_SECRET }}' \
-            GOOGLE_ANALYTICS_ID='${{ secrets.GOOGLE_ANALYTICS_ID }}' \
-            GOOGLE_TAG_MANAGER_ID='${{ secrets.GOOGLE_TAG_MANAGER_ID }}' \
-            APIM_MDM_URL='${{ secrets.APIM_MDM_URL }}' \
-            APIM_MDM_KEY='${{ secrets.APIM_MDM_KEY }}' \
-            APIM_MDM_VALUE='${{ secrets.APIM_MDM_VALUE }}' \
-            API_KEY='${{ secrets.API_KEY }}'
-            APIM_MDM_VALUE='${{ secrets.APIM_MDM_VALUE }}' \
-            API_KEY='${{ secrets.API_KEY }}'
-
   # 4. Notification
   notify:
     name: Notification 🔔
-    needs: [setup, database, webapp]
+    needs: [setup, webapp]
     environment: ${{ needs.setup.outputs.environment }}
     runs-on: [self-hosted, EXIP, deployment]