fix: 5588 containers missing tag fix (#557) #442
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| permissions: | ||
| contents: read | ||
| jobs: | ||
| release-please: | ||
| name: Release | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
| outputs: | ||
| tag_name: ${{ steps.release.outputs.tag_name }} | ||
| release_created: ${{ steps.release.outputs.release_created }} | ||
| steps: | ||
| - uses: googleapis/release-please-action@v4 | ||
| id: release | ||
| with: | ||
| target-branch: ${{ github.ref_name }} | ||
| orchestrator: | ||
| name: Orchestrator | ||
| needs: | ||
| - release-please | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| # Docs | ||
| should-deploy-docs: ${{ steps.changed-website-files.outputs.any_modified == 'true' || null }} | ||
| # App | ||
| should-build-app: ${{ needs.release-please.outputs.release_created || steps.changed-api-files.outputs.any_modified == 'true' || steps.changed-selfserve-files.outputs.any_modified == 'true' || steps.changed-internal-files.outputs.any_modified == 'true' || null }} | ||
| should-build-api: ${{ needs.release-please.outputs.release_created || steps.changed-api-files.outputs.any_modified == 'true' || null }} | ||
| should-build-selfserve: ${{ needs.release-please.outputs.release_created || steps.changed-selfserve-files.outputs.any_modified == 'true' || null }} | ||
| should-build-internal: ${{ needs.release-please.outputs.release_created || steps.changed-internal-files.outputs.any_modified == 'true' || null }} | ||
| # Assets | ||
| should-build-assets: ${{ needs.release-please.outputs.release_created || steps.changed-assets-files.outputs.any_modified == 'true' || null }} | ||
| # Docker | ||
| should-build-and-push-docker: ${{ needs.release-please.outputs.release_created || steps.changed-api-docker-files.outputs.any_modified == 'true' || steps.changed-selfserve-docker-files.outputs.any_modified == 'true' || steps.changed-internal-docker-files.outputs.any_modified == 'true' || steps.changed-cli-docker-files.outputs.any_modified == 'true' || null}} | ||
| should-build-and-push-api-docker: ${{ needs.release-please.outputs.release_created || steps.changed-api-docker-files.outputs.any_modified == 'true' || steps.changed-api-files.outputs.any_modified == 'true' || null }} | ||
| should-build-and-push-cli-docker: ${{ needs.release-please.outputs.release_created || steps.changed-cli-docker-files.outputs.any_modified == 'true' || steps.changed-api-files.outputs.any_modified == 'true' || null }} | ||
| should-build-and-push-selfserve-docker: ${{ needs.release-please.outputs.release_created || steps.changed-selfserve-docker-files.outputs.any_modified == 'true' || steps.changed-selfserve-files.outputs.any_modified == 'true' || null }} | ||
| should-build-and-push-internal-docker: ${{ needs.release-please.outputs.release_created || steps.changed-internal-docker-files.outputs.any_modified == 'true' || steps.changed-internal-files.outputs.any_modified == 'true' || null }} | ||
| should-build-and-push-search-docker: ${{ needs.release-please.outputs.release_created || steps.changed-search-docker-files.outputs.any_modified == 'true' || steps.changed-search-files.outputs.any_modified == 'true' || null }} | ||
| # Terraform account | ||
| should-apply-account-terraform: ${{ needs.release-please.outputs.release_created || steps.changed-accounts-terraform-files.outputs.any_modified == 'true' || null }} | ||
| # Terraform environment | ||
| should-apply-environment-terraform: ${{ needs.release-please.outputs.release_created || steps.changed-environments-terraform-files.outputs.any_modified == 'true' || null }} | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-api-files | ||
| with: | ||
| files: | | ||
| app/api/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-selfserve-files | ||
| with: | ||
| files: | | ||
| app/selfserve/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-internal-files | ||
| with: | ||
| files: | | ||
| app/internal/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-assets-files | ||
| with: | ||
| files: | | ||
| app/cdn/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-api-docker-files | ||
| with: | ||
| files: | | ||
| infra/docker/api/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-cli-docker-files | ||
| with: | ||
| files: | | ||
| infra/docker/cli/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-selfserve-docker-files | ||
| with: | ||
| files: | | ||
| infra/docker/selfserve/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-internal-docker-files | ||
| with: | ||
| files: | | ||
| infra/docker/internal/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-seaerch-docker-files | ||
| with: | ||
| files: | | ||
| infra/docker/seaerch/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-accounts-terraform-files | ||
| with: | ||
| files: | | ||
| infra/terraform/accounts/** | ||
| infra/terraform/modules/** | ||
| files_ignore: | | ||
| infra/terraform/modules/service/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-environments-terraform-files | ||
| with: | ||
| files: | | ||
| infra/terraform/environments/{dev,int,prep,prod}/** | ||
| infra/terraform/modules/** | ||
| files_ignore: | | ||
| infra/terraform/modules/account/** | ||
| infra/terraform/modules/github/** | ||
| infra/terraform/modules/remote-state/** | ||
| - uses: tj-actions/changed-files@v45 | ||
| id: changed-website-files | ||
| with: | ||
| files: | | ||
| website/** | ||
| docs/** | ||
| docs: | ||
| name: Documentation | ||
| if: ${{ needs.orchestrator.outputs.should-deploy-docs }} | ||
| concurrency: | ||
| group: deploy-documentation | ||
| needs: | ||
| - orchestrator | ||
| uses: ./.github/workflows/deploy-documentation.yaml | ||
| with: | ||
| deploy: true | ||
| permissions: | ||
| contents: read | ||
| pages: write | ||
| id-token: write | ||
| get-version: | ||
| name: Get latest app versions | ||
| needs: | ||
| - orchestrator | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| api: ${{ steps.api-version.outputs.version }} | ||
| cli: ${{ steps.cli-version.outputs.version }} | ||
| selfserve: ${{ steps.selfserve-version.outputs.version }} | ||
| internal: ${{ steps.internal-version.outputs.version }} | ||
| assets: ${{ steps.assets-version.outputs.version }} | ||
| search: ${{ steps.search-version.outputs.version }} | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - id: api-version | ||
| uses: dvsa/.github/.github/actions/get-vol-app-version@v5.0.3 | ||
| with: | ||
| project-path: app/api infra/docker/api | ||
| - id: cli-version | ||
| uses: dvsa/.github/.github/actions/get-vol-app-version@v5.0.3 | ||
| with: | ||
| project-path: app/api infra/docker/cli | ||
| - id: selfserve-version | ||
| uses: dvsa/.github/.github/actions/get-vol-app-version@v5.0.3 | ||
| with: | ||
| project-path: app/selfserve infra/docker/selfserve | ||
| - id: internal-version | ||
| uses: dvsa/.github/.github/actions/get-vol-app-version@v5.0.3 | ||
| with: | ||
| project-path: app/internal infra/docker/internal | ||
| - id: assets-version | ||
| uses: dvsa/.github/.github/actions/get-vol-app-version@v5.0.3 | ||
| with: | ||
| project-path: app/cdn | ||
| - id: search-version | ||
| uses: dvsa/.github/.github/actions/get-vol-app-version@v5.0.3 | ||
| with: | ||
| project-path: infra/docker/search | ||
| - name: Add to summary | ||
| run: | | ||
| echo "#### App versions:" >> $GITHUB_STEP_SUMMARY | ||
| echo "**API**: \`${{ steps.api-version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY | ||
| echo "**CLI**: \`${{ steps.cli-version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY | ||
| echo "**Selfserve**: \`${{ steps.selfserve-version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY | ||
| echo "**Internal**: \`${{ steps.internal-version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY | ||
| echo "**Assets**: \`${{ steps.assets-version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY | ||
| echo "**Search**: \`${{ steps.search-version.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY | ||
| cdn-nonprod: | ||
| name: CDN | ||
| if: ${{ needs.orchestrator.outputs.should-build-assets }} | ||
| concurrency: | ||
| group: assets-nonprod | ||
| needs: | ||
| - orchestrator | ||
| - get-version | ||
| uses: ./.github/workflows/assets.yaml | ||
| with: | ||
| push: true | ||
| account: nonprod | ||
| version: ${{ needs.get-version.outputs.assets }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| app: | ||
| name: App | ||
| if: ${{ needs.orchestrator.outputs.should-build-app || needs.orchestrator.outputs.should-build-and-push-docker }} | ||
| concurrency: | ||
| group: app-${{ matrix.project }}-${{ needs.get-version.outputs[matrix.project] }} | ||
| needs: | ||
| - orchestrator | ||
| - get-version | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| project: | ||
| - api | ||
| - selfserve | ||
| - internal | ||
| exclude: | ||
| - project: ${{ (needs.orchestrator.outputs.should-build-api || needs.orchestrator.outputs.should-build-and-push-api-docker || needs.orchestrator.outputs.should-build-and-push-cli-docker) && 'ignored' || 'api' }} | ||
| - project: ${{ (needs.orchestrator.outputs.should-build-selfserve || needs.orchestrator.outputs.should-build-and-push-selfserve-docker) && 'ignored' || 'selfserve' }} | ||
| - project: ${{ (needs.orchestrator.outputs.should-build-internal || needs.orchestrator.outputs.should-build-and-push-internal-docker) && 'ignored' || 'internal' }} | ||
| uses: ./.github/workflows/php.yaml | ||
| with: | ||
| project: ${{ matrix.project }} | ||
| should-upload-artefact: true | ||
| artefact-name: ${{ matrix.project}} | ||
| retention-days: 1 | ||
| permissions: | ||
| contents: read | ||
| docker: | ||
| name: Docker | ||
| if: ${{ always() && !cancelled() && !failure() && (needs.orchestrator.outputs.should-build-app || needs.orchestrator.outputs.should-build-and-push-docker) }} | ||
| concurrency: | ||
| group: docker-${{ matrix.project }}-${{ needs.get-version.outputs[matrix.project] }} | ||
| needs: | ||
| - orchestrator | ||
| - get-version | ||
| - app | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| project: | ||
| - api | ||
| - cli | ||
| - selfserve | ||
| - internal | ||
| - search | ||
| exclude: | ||
| - project: ${{ needs.orchestrator.outputs.should-build-and-push-api-docker && 'ignored' || 'api' }} | ||
| - project: ${{ needs.orchestrator.outputs.should-build-and-push-cli-docker && 'ignored' || 'cli' }} | ||
| - project: ${{ needs.orchestrator.outputs.should-build-and-push-selfserve-docker && 'ignored' || 'selfserve' }} | ||
| - project: ${{ needs.orchestrator.outputs.should-build-and-push-internal-docker && 'ignored' || 'internal' }} | ||
| - project: ${{ needs.orchestrator.outputs.should-build-and-push-search-docker && 'ignored' || 'search' }} | ||
| uses: ./.github/workflows/docker.yaml | ||
| with: | ||
| project: ${{ matrix.project }} | ||
| version: ${{ needs.get-version.outputs[matrix.project] }} | ||
| app-artefact-name: ${{ matrix.project == 'cli' && 'api' || matrix.project }} | ||
| push: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| packages: write | ||
| terraform-account-nonprod: | ||
| name: Account (nonprod) | ||
| if: ${{ needs.orchestrator.outputs.should-apply-account-terraform }} | ||
| concurrency: | ||
| group: terraform-account-nonprod | ||
| needs: | ||
| - orchestrator | ||
| uses: ./.github/workflows/deploy-account.yaml | ||
| with: | ||
| account: nonprod | ||
| apply: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
| liquibase-dev: | ||
| name: Liquibase Migrations (dev) | ||
| needs: | ||
| - release-please | ||
| - get-version | ||
| uses: ./.github/workflows/run-liquibase.yaml | ||
| with: | ||
| version: ${{ needs.get-version.outputs.api }} | ||
| push: true | ||
| account: nonprod | ||
| environment: dev | ||
| dry_run: false | ||
| etl_ref: ${{ needs.release-please.outputs.release_created && needs.release-please.outputs.tag_name || 'main' }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| terraform_env_dev: | ||
| name: Environment (dev) | ||
| if: | | ||
| always() && | ||
| !cancelled() && | ||
| !failure() && | ||
| (needs.orchestrator.outputs.should-apply-environment-terraform || needs.docker.result == 'success' || needs.cdn.result == 'success') && | ||
| (needs.liquibase-dev.result == 'success' && needs.liquibase-dev.outputs.job_status == 'SUCCEEDED') | ||
| concurrency: | ||
| group: terraform-environment-dev | ||
| needs: | ||
| - get-version | ||
| - orchestrator | ||
| - docker | ||
| - cdn-nonprod | ||
| - terraform-account-nonprod | ||
| - liquibase-dev | ||
| uses: ./.github/workflows/deploy-environment.yaml | ||
| with: | ||
| environment: dev | ||
| api-image-tag: ${{ needs.get-version.outputs.api }} | ||
| cli-image-tag: ${{ needs.get-version.outputs.cli }} | ||
| selfserve-image-tag: ${{ needs.get-version.outputs.selfserve }} | ||
| internal-image-tag: ${{ needs.get-version.outputs.internal }} | ||
| assets-version: ${{ needs.get-version.outputs.assets }} | ||
| search-image-tag: ${{ needs.get-version.outputs.search }} | ||
| apply: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
| test_dev: | ||
| name: Run Tests on DEV | ||
| if: ${{ always() && !cancelled() && !failure() && needs.terraform_env_dev.result == 'success' }} | ||
| needs: | ||
| - terraform_env_dev | ||
| uses: dvsa/vol-functional-tests/.github/workflows/e2eSmoke.yaml@main | ||
| with: | ||
| platform_env: dev | ||
| aws_role: ${{ vars.ACCOUNT_NONPROD_TEST_OIDC_ROLE }} | ||
| bucket_name: ${{ vars.ACCOUNT_NONPROD_S3_REPORT_BUCKET }} | ||
| bucket_key: ${{ vars.S3_REPORT_BUCKET_KEY }} | ||
| batch_job_queue: ${{ vars.ACCOUNT_NONPROD_BATCH_JOB_QUEUE }} | ||
| batch_job_definition: ${{ vars.ACCOUNT_NONPROD_BATCH_JOB_DEFINITION }} | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| checks: write | ||
| liquibase-int: | ||
| name: Database Migrations (int) | ||
| needs: | ||
| - release-please | ||
| - get-version | ||
| - terraform_env_dev | ||
| - test_dev | ||
| uses: ./.github/workflows/run-liquibase.yaml | ||
| with: | ||
| version: ${{ needs.get-version.outputs.api }} | ||
| push: true | ||
| account: nonprod | ||
| environment: int | ||
| dry_run: false | ||
| etl_ref: ${{ needs.release-please.outputs.release_created && needs.release-please.outputs.tag_name || 'main' }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| terraform_env_int: | ||
| name: Environment (int) | ||
| if: | | ||
| always() && | ||
| !cancelled() && | ||
| !failure() && | ||
| needs.terraform_env_dev.result == 'success' && | ||
| needs.liquibase-int.result == 'success' && | ||
| needs.liquibase-int.outputs.job_status == 'SUCCEEDED' | ||
| concurrency: | ||
| group: terraform-environment-int | ||
| needs: | ||
| - get-version | ||
| - orchestrator | ||
| - terraform_env_dev | ||
| - test_dev | ||
| - liquibase-int | ||
| uses: ./.github/workflows/deploy-environment.yaml | ||
| with: | ||
| environment: int | ||
| api-image-tag: ${{ needs.get-version.outputs.api }} | ||
| cli-image-tag: ${{ needs.get-version.outputs.cli }} | ||
| selfserve-image-tag: ${{ needs.get-version.outputs.selfserve }} | ||
| internal-image-tag: ${{ needs.get-version.outputs.internal }} | ||
| assets-version: ${{ needs.get-version.outputs.assets }} | ||
| search-image-tag: ${{ needs.get-version.outputs.search }} | ||
| apply: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
| test_int_selfserve: | ||
| if: ${{ always() && !cancelled() && !failure() && needs.terraform_env_int.result == 'success' }} | ||
| name: Run Selfserve Regression Tests on INT | ||
| needs: | ||
| - terraform_env_int | ||
| uses: dvsa/vol-functional-tests/.github/workflows/e2eSelfServeRegression.yaml@main | ||
| with: | ||
| platform_env: int | ||
| aws_role: ${{ vars.ACCOUNT_NONPROD_TEST_OIDC_ROLE }} | ||
| bucket_name: ${{ vars.ACCOUNT_NONPROD_S3_REPORT_BUCKET }} | ||
| bucket_key: ${{ vars.S3_REPORT_BUCKET_KEY }} | ||
| batch_job_queue: ${{ vars.ACCOUNT_NONPROD_BATCH_JOB_QUEUE }} | ||
| batch_job_definition: ${{ vars.ACCOUNT_NONPROD_BATCH_JOB_DEFINITION }} | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| checks: write | ||
| test_int_internal: | ||
| if: ${{ always() && !cancelled() && !failure() && needs.terraform_env_int.result == 'success' }} | ||
| name: Run Internal Regression Tests on INT | ||
| needs: | ||
| - terraform_env_int | ||
| uses: dvsa/vol-functional-tests/.github/workflows/e2eInternalRegression.yaml@main | ||
| with: | ||
| platform_env: int | ||
| aws_role: ${{ vars.ACCOUNT_NONPROD_TEST_OIDC_ROLE }} | ||
| bucket_name: ${{ vars.ACCOUNT_NONPROD_S3_REPORT_BUCKET }} | ||
| bucket_key: ${{ vars.S3_REPORT_BUCKET_KEY }} | ||
| batch_job_queue: ${{ vars.ACCOUNT_NONPROD_BATCH_JOB_QUEUE }} | ||
| batch_job_definition: ${{ vars.ACCOUNT_NONPROD_BATCH_JOB_DEFINITION }} | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| checks: write | ||
| rollback_int: | ||
| name: Rollback INT Deployment | ||
| if: | | ||
| always() && | ||
| (needs.test_int_selfserve.result == 'failure' || needs.test_int_selfserve.result == 'cancelled' || | ||
| needs.test_int_internal.result == 'failure' || needs.test_int_internal.result == 'cancelled') && | ||
| needs.terraform_env_int.result == 'success' | ||
| needs: | ||
| - test_int_selfserve | ||
| - test_int_internal | ||
| - terraform_env_int | ||
| uses: ./.github/workflows/deploy-environment.yaml | ||
| with: | ||
| environment: int | ||
| rollback: true | ||
| apply: true | ||
| api-image-tag: ${{ needs.terraform_env_int.outputs.previous_api_image_tag }} | ||
| cli-image-tag: ${{ needs.terraform_env_int.outputs.previous_cli_image_tag }} | ||
| selfserve-image-tag: ${{ needs.terraform_env_int.outputs.previous_selfserve_image_tag }} | ||
| internal-image-tag: ${{ needs.terraform_env_int.outputs.previous_internal_image_tag }} | ||
| assets-version: ${{ needs.terraform_env_int.outputs.previous_assets_version }} | ||
| search-image-tag: ${{ needs.get-version.outputs.search }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
| cdn-prod: | ||
| name: CDN | ||
| if: ${{ needs.orchestrator.outputs.should-build-assets && needs.release-please.outputs.release_created }} | ||
| concurrency: | ||
| group: assets-prod | ||
| needs: | ||
| - orchestrator | ||
| - get-version | ||
| uses: ./.github/workflows/assets.yaml | ||
| with: | ||
| push: true | ||
| account: prod | ||
| version: ${{ needs.get-version.outputs.assets }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| terraform-account-prod: | ||
| name: Account (prod) | ||
| if: ${{ always() && !cancelled() && !failure() && needs.release-please.outputs.release_created }} | ||
| concurrency: | ||
| group: terraform-account-prod | ||
| needs: | ||
| - release-please | ||
| - orchestrator | ||
| - terraform_env_int | ||
| - test_int_internal | ||
| - test_int_selfserve | ||
| uses: ./.github/workflows/deploy-account.yaml | ||
| with: | ||
| account: prod | ||
| apply: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
| liquibase-prep: | ||
| name: Database Migrations (prep) | ||
| if: ${{ needs.release-please.outputs.release_created }} | ||
| needs: | ||
| - release-please | ||
| - get-version | ||
| - terraform_env_int | ||
| - test_int_internal | ||
| - test_int_selfserve | ||
| uses: ./.github/workflows/run-liquibase.yaml | ||
| with: | ||
| version: ${{ needs.get-version.outputs.api }} | ||
| push: true | ||
| account: prod | ||
| environment: prep | ||
| dry_run: false | ||
| etl_ref: ${{ needs.release-please.outputs.tag_name }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| terraform_env_prep: | ||
| name: Environment (prep) | ||
| if: | | ||
| always() && | ||
| !cancelled() && | ||
| !failure() && | ||
| needs.release-please.outputs.release_created && | ||
| needs.liquibase-prep.result == 'success' && | ||
| needs.liquibase-prep.outputs.job_status == 'SUCCEEDED' | ||
| concurrency: | ||
| group: terraform-environment-prep | ||
| needs: | ||
| - release-please | ||
| - get-version | ||
| - orchestrator | ||
| - terraform-account-prod | ||
| - liquibase-prep | ||
| uses: ./.github/workflows/deploy-environment.yaml | ||
| with: | ||
| environment: prep | ||
| api-image-tag: ${{ needs.get-version.outputs.api }} | ||
| cli-image-tag: ${{ needs.get-version.outputs.cli }} | ||
| selfserve-image-tag: ${{ needs.get-version.outputs.selfserve }} | ||
| internal-image-tag: ${{ needs.get-version.outputs.internal }} | ||
| assets-version: ${{ needs.get-version.outputs.assets }} | ||
| search-image-tag: ${{ needs.get-version.outputs.search }} | ||
| apply: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
| test_prep_selfserve: | ||
| name: Run Selfserve Regression Tests on PREP | ||
| if: ${{ always() && !cancelled() && !failure() && needs.terraform_env_prep.result == 'success' }} | ||
| needs: | ||
| - terraform_env_prep | ||
| uses: dvsa/vol-functional-tests/.github/workflows/e2eSelfServeRegression.yaml@main | ||
| with: | ||
| platform_env: prep | ||
| aws_role: ${{ vars.ACCOUNT_PROD_TEST_OIDC_ROLE }} | ||
| bucket_name: ${{ vars.ACCOUNT_PROD_S3_REPORT_BUCKET }} | ||
| bucket_key: ${{ vars.S3_REPORT_BUCKET_KEY }} | ||
| batch_job_queue: ${{ vars.ACCOUNT_PROD_BATCH_JOB_QUEUE }} | ||
| batch_job_definition: ${{ vars.ACCOUNT_PROD_BATCH_JOB_DEFINITION }} | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| checks: write | ||
| test_prep_internal: | ||
| name: Run Internal Regression Tests on PREP | ||
| if: ${{ always() && !cancelled() && !failure() && needs.terraform_env_prep.result == 'success' }} | ||
| needs: | ||
| - terraform_env_prep | ||
| uses: dvsa/vol-functional-tests/.github/workflows/e2eInternalRegression.yaml@main | ||
| with: | ||
| platform_env: prep | ||
| aws_role: ${{ vars.ACCOUNT_PROD_TEST_OIDC_ROLE }} | ||
| bucket_name: ${{ vars.ACCOUNT_PROD_S3_REPORT_BUCKET }} | ||
| bucket_key: ${{ vars.S3_REPORT_BUCKET_KEY }} | ||
| batch_job_queue: ${{ vars.ACCOUNT_PROD_BATCH_JOB_QUEUE }} | ||
| batch_job_definition: ${{ vars.ACCOUNT_PROD_BATCH_JOB_DEFINITION }} | ||
| permissions: | ||
| contents: write | ||
| id-token: write | ||
| checks: write | ||
| liquibase-prod: | ||
| name: Database Migrations (prod) | ||
| if: | | ||
| always() && | ||
| !cancelled() && | ||
| !failure() && | ||
| needs.release-please.outputs.release_created && | ||
| !contains(needs.get-version.outputs.api, '-') | ||
| needs: | ||
| - release-please | ||
| - get-version | ||
| - terraform_env_prep | ||
| - test_prep_internal | ||
| - test_prep_selfserve | ||
| uses: ./.github/workflows/run-liquibase.yaml | ||
| with: | ||
| version: ${{ needs.get-version.outputs.api }} | ||
| push: true | ||
| account: prod | ||
| environment: prod | ||
| dry_run: false | ||
| etl_ref: ${{ needs.release-please.outputs.tag_name }} | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| terraform_env_prod: | ||
| name: Environment (prod) | ||
| if: | | ||
| always() && | ||
| !cancelled() && | ||
| !failure() && | ||
| needs.release-please.outputs.release_created && | ||
| !contains(needs.get-version.outputs.api, '-') && | ||
| !contains(needs.get-version.outputs.cli, '-') && | ||
| !contains(needs.get-version.outputs.selfserve, '-') && | ||
| !contains(needs.get-version.outputs.internal, '-') && | ||
| !contains(needs.get-version.outputs.assets, '-') && | ||
| needs.liquibase-prod.result == 'success' && | ||
| needs.liquibase-prod.outputs.job_status == 'SUCCEEDED' | ||
| concurrency: | ||
| group: terraform-environment-prod | ||
| needs: | ||
| - release-please | ||
| - get-version | ||
| - orchestrator | ||
| - terraform_env_prep | ||
| - test_prep_selfserve | ||
| - test_prep_internal | ||
| - liquibase-prod | ||
| uses: ./.github/workflows/deploy-environment.yaml | ||
| with: | ||
| environment: prod | ||
| api-image-tag: ${{ needs.get-version.outputs.api }} | ||
| cli-image-tag: ${{ needs.get-version.outputs.cli }} | ||
| selfserve-image-tag: ${{ needs.get-version.outputs.selfserve }} | ||
| internal-image-tag: ${{ needs.get-version.outputs.internal }} | ||
| assets-version: ${{ needs.get-version.outputs.assets }} | ||
| apply: true | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| pull-requests: write | ||
| secrets: inherit | ||
