Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy_Refresher_To_Production_On_Release | |
| on: | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| ENVIRONMENT: prod | |
| NAME: aci-iati-refresher | |
| TAG: ${{ github.sha }} | |
| RESOURCE_GROUP: rg-refresher | |
| AZURE_CREDENTIALS: ${{ secrets.PROD_AZURE_CREDENTIALS }} | |
| AZURE_STORAGE_CONNECTION_STRING: ${{ secrets.PROD_STORAGE_CONNECTION_STRING }} | |
| FILE_VALIDATION_URL: ${{ secrets.PROD_FILE_VALIDATION_URL }} | |
| FILE_VALIDATION_KEY_NAME: ${{ secrets.PROD_FILE_VALIDATION_KEY_NAME }} | |
| FILE_VALIDATION_KEY_VALUE: ${{ secrets.PROD_FILE_VALIDATION_KEY_VALUE }} | |
| SCHEMA_VALIDATION_URL: ${{ secrets.PROD_SCHEMA_VALIDATION_URL }} | |
| SCHEMA_VALIDATION_KEY_NAME: ${{ secrets.PROD_SCHEMA_VALIDATION_KEY_NAME }} | |
| SCHEMA_VALIDATION_KEY_VALUE: ${{ secrets.PROD_SCHEMA_VALIDATION_KEY_VALUE }} | |
| FLATTENER_API_URL: ${{ secrets.PROD_FLATTENER_API_URL }} | |
| FLATTENER_KEY_NAME: ${{ secrets.PROD_FLATTENER_KEY_NAME }} | |
| FLATTENER_KEY_VALUE: ${{ secrets.PROD_FLATTENER_API_KEY }} | |
| SOLR_API_URL: ${{ secrets.PROD_SOLR_API_URL }} | |
| SOLR_USER: ${{ secrets.PROD_SOLR_USER }} | |
| SOLR_PASSWORD: ${{ secrets.PROD_SOLR_PASSWORD }} | |
| SOLR_PARALLEL_PROCESSES: ${{ vars.PROD_SOLR_PARALLEL_PROCESSES }} | |
| DB_USER: ${{ secrets.PROD_DB_USER }} | |
| DB_PASS: ${{ secrets.PROD_DB_PASS }} | |
| DB_HOST: ${{ secrets.PROD_DB_HOST }} | |
| DB_NAME: ${{ secrets.PROD_DB_NAME }} | |
| DB_PORT: ${{ secrets.PROD_DB_PORT }} | |
| DB_KEEPALIVE_IDLE: ${{ vars.PROD_DB_KEEPALIVE_IDLE }} | |
| DB_KEEPALIVE_INTERVAL: ${{ vars.PROD_DB_KEEPALIVE_INTERVAL }} | |
| DB_KEEPALIVE_COUNT: ${{ vars.PROD_DB_KEEPALIVE_COUNT }} | |
| LOG_WORKSPACE_ID: ${{ secrets.PROD_LOG_WORKSPACE_ID }} | |
| LOG_WORKSPACE_KEY: ${{ secrets.PROD_LOG_WORKSPACE_KEY }} | |
| COMMSHUB_URL: ${{ secrets.PROD_COMMSHUB_URL }} | |
| COMMSHUB_KEY: ${{ secrets.PROD_COMMSHUB_KEY }} | |
| REGISTRY_LOGIN_SERVER: ${{ secrets.ACR_LOGIN_SERVER }} | |
| REGISTRY_USERNAME: ${{ secrets.ACR_USERNAME }} | |
| REGISTRY_PASSWORD: ${{ secrets.ACR_PASSWORD }} | |
| LOG_LEVEL: ${{ secrets.PROD_LOG_LEVEL }} | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout GitHub Action' | |
| uses: actions/checkout@v3 | |
| - name: 'Login via Azure CLI' | |
| uses: azure/[email protected] | |
| with: | |
| creds: ${{ env.AZURE_CREDENTIALS }} | |
| - name: 'Login to Docker Hub' | |
| uses: docker/[email protected] | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_TOKEN }} | |
| - name: 'Login to Azure Container Registry' | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ env.REGISTRY_LOGIN_SERVER }} | |
| username: ${{ env.REGISTRY_USERNAME }} | |
| password: ${{ env.REGISTRY_PASSWORD }} | |
| - name: 'Build and push image' | |
| run: | | |
| IMAGE_NAME=$REGISTRY_LOGIN_SERVER/$NAME-$ENVIRONMENT:$TAG | |
| echo "IMAGE_NAME=$IMAGE_NAME" >> $GITHUB_ENV | |
| docker build . -f Dockerfile -t $IMAGE_NAME | |
| docker push $IMAGE_NAME | |
| - name: 'Build and push nginx reverse proxy image' | |
| run: | | |
| htpasswd -c -b ./nginx-reverse-proxy/htpasswd prom "${{ secrets.PROM_NGINX_REVERSE_PROXY_PASSWORD }}" | |
| NGINX_IMAGE_NAME=$REGISTRY_LOGIN_SERVER/prom-nginx-reverse-proxy-$ENVIRONMENT:$TAG | |
| echo "NGINX_IMAGE_NAME=$NGINX_IMAGE_NAME" >> $GITHUB_ENV | |
| docker build nginx-reverse-proxy -f nginx-reverse-proxy/Dockerfile -t $NGINX_IMAGE_NAME | |
| docker push $NGINX_IMAGE_NAME | |
| - name: 'Delete existing container group' | |
| uses: 'azure/CLI@v1' | |
| with: | |
| inlineScript: | | |
| az container delete -y \ | |
| --name "${{ env.NAME }}-${{ env.ENVIRONMENT }}" \ | |
| --resource-group "${{ env.RESOURCE_GROUP }}-${{ env.ENVIRONMENT }}" | |
| - name: 'Replace Env Vars and Secrets in Yaml template' | |
| run: | | |
| sed -i ''s^#NAME#^$NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#ENVIRONMENT#^$ENVIRONMENT^g'' ./deployment/deployment.yml | |
| sed -i ''s^#IMAGE_NAME#^$IMAGE_NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#NGINX_IMAGE_NAME#^$NGINX_IMAGE_NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#REGISTRY_LOGIN_SERVER#^$REGISTRY_LOGIN_SERVER^g'' ./deployment/deployment.yml | |
| sed -i ''s^#REGISTRY_USERNAME#^$REGISTRY_USERNAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#REGISTRY_PASSWORD#^$REGISTRY_PASSWORD^g'' ./deployment/deployment.yml | |
| sed -i ''s^#LOG_WORKSPACE_ID#^$LOG_WORKSPACE_ID^g'' ./deployment/deployment.yml | |
| sed -i ''s^#LOG_WORKSPACE_KEY#^$LOG_WORKSPACE_KEY^g'' ./deployment/deployment.yml | |
| sed -i ''s^#AZURE_STORAGE_CONNECTION_STRING#^$AZURE_STORAGE_CONNECTION_STRING^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_HOST#^$DB_HOST^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_PORT#^$DB_PORT^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_USER#^$DB_USER^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_PASS#^$DB_PASS^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_NAME#^$DB_NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_KEEPALIVE_IDLE#^$DB_KEEPALIVE_IDLE^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_KEEPALIVE_INTERVAL#^$DB_KEEPALIVE_INTERVAL^g'' ./deployment/deployment.yml | |
| sed -i ''s^#DB_KEEPALIVE_COUNT#^$DB_KEEPALIVE_COUNT^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SOLR_API_URL#^$SOLR_API_URL^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SOLR_USER#^$SOLR_USER^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SOLR_PASSWORD#^$SOLR_PASSWORD^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SOLR_PARALLEL_PROCESSES#^$SOLR_PARALLEL_PROCESSES^g'' ./deployment/deployment.yml | |
| sed -i ''s^#COMMSHUB_URL#^$COMMSHUB_URL^g'' ./deployment/deployment.yml | |
| sed -i ''s^#COMMSHUB_KEY#^$COMMSHUB_KEY^g'' ./deployment/deployment.yml | |
| sed -i ''s^#VALIDATOR_API_URL#^$FILE_VALIDATION_URL^g'' ./deployment/deployment.yml | |
| sed -i ''s^#VALIDATOR_API_KEY_NAME#^$FILE_VALIDATION_KEY_NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#VALIDATOR_API_KEY_VALUE#^$FILE_VALIDATION_KEY_VALUE^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SCHEMA_VALIDATION_API_URL#^$SCHEMA_VALIDATION_URL^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SCHEMA_VALIDATION_KEY_NAME#^$SCHEMA_VALIDATION_KEY_NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#SCHEMA_VALIDATION_KEY_VALUE#^$SCHEMA_VALIDATION_KEY_VALUE^g'' ./deployment/deployment.yml | |
| sed -i ''s^#FLATTENER_API_URL#^$FLATTENER_API_URL^g'' ./deployment/deployment.yml | |
| sed -i ''s^#FLATTENER_KEY_NAME#^$FLATTENER_KEY_NAME^g'' ./deployment/deployment.yml | |
| sed -i ''s^#FLATTENER_KEY_VALUE#^$FLATTENER_KEY_VALUE^g'' ./deployment/deployment.yml | |
| sed -i ''s^#LOG_LEVEL#^$LOG_LEVEL^g'' ./deployment/deployment.yml | |
| - name: 'Deploy group to Azure Container Instances' | |
| uses: 'azure/CLI@v1' | |
| with: | |
| inlineScript: | | |
| az container create \ | |
| --resource-group "${{ env.RESOURCE_GROUP }}-${{ env.ENVIRONMENT }}" \ | |
| --file ./deployment/deployment.yml |