Github workflow for deploying to integration

These workflow setups seem pretty much identical across projects. So, as standard, this: 1. builds the container image 2. pushes it to ECR 3. updates the image tag in govuk-helm-charts The cronjob (that we're planning to add to govuk-helm-charts) will then pull the released image the next time it runs. Note: unlike most of our projects, this one will only be able to be deployed to a single, hard-coded target environment. Until we're ready to put this into production, we'll test this by deploying to integration. After that, we'll need to change this environment setting. As things stand (i.e. only having the one Publishing Latency SLI right now), once we've switched to production, I don't think there's much value in allowing deployments to additional environments even for testing purposes, because: 1. as far as I can tell, only production ever has enough publish events in it to provide this SLI with any data to work with 2. we'd either have to continuously run the cron job in those other environments so that they're readily available on the off-chance that we'll want to use them for testing once in a while or we'd have to get configuration changes merged to govuk-helm-charts before and after any testing session
alphagov · Nov 30, 2023 · 7d72e28 · 7d72e28
1 parent ab0e346
commit 7d72e28
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -0,0 +1,35 @@
+name: Deploy
+
+run-name: Deploy ${{ inputs.gitRef || github.ref_name  }} to integration
+
+on:
+  workflow_dispatch:
+    inputs:
+      gitRef:
+        description: 'Commit, tag or branch name to deploy'
+        required: true
+        type: string
+  release:
+    types: [released]
+
+jobs:
+  build-and-publish-image:
+    if: github.event_name == 'workflow_dispatch' || startsWith(github.ref_name, 'v')
+    name: Build and publish image
+    uses: alphagov/govuk-infrastructure/.github/workflows/build-and-push-image.yml@main
+    with:
+      gitRef: ${{ inputs.gitRef || github.ref_name }}
+    secrets:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_GOVUK_ECR_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_GOVUK_ECR_SECRET_ACCESS_KEY }}
+  trigger-deploy:
+    name: Trigger deploy to integration
+    needs: build-and-publish-image
+    uses: alphagov/govuk-infrastructure/.github/workflows/deploy.yml@main
+    with:
+      imageTag: ${{ needs.build-and-publish-image.outputs.imageTag }}
+      environment: integration
+    secrets:
+      WEBHOOK_TOKEN: ${{ secrets.GOVUK_ARGO_EVENTS_WEBHOOK_TOKEN }}
+      WEBHOOK_URL: ${{ secrets.GOVUK_ARGO_EVENTS_WEBHOOK_URL }}
+      GH_TOKEN: ${{ secrets.GOVUK_CI_GITHUB_API_TOKEN }}