Rename secrets repo #3
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | ||
| env: | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }} | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| environment: | ||
| description: 'Environment name' | ||
| required: true | ||
| type: choice | ||
| default: 'dev' | ||
| options: | ||
| - dev | ||
| - testing | ||
| - staging | ||
| - production | ||
| incrementVersion: | ||
| description: 'Bump Version?' | ||
| type: boolean | ||
| required: false | ||
| versionType: | ||
| description: 'Version to bump (major.minor.patch)' | ||
| type: choice | ||
| default: 'patch' | ||
| options: | ||
| - patch | ||
| - minor | ||
| - major | ||
| confirmProduction: | ||
| description: 'If you are 100% sure you want to deploy to production, type: Yes' | ||
| required: false | ||
| jobs: | ||
| deploy: | ||
| env: | ||
| PACKAGE_LOCATION: packages/app | ||
| ZAMBDAS_LOCATION: packages/zambdas | ||
| SLACK_NOTIFICATION_SERVICE_NAME: bh-intake-ui | ||
| runs-on: ubuntu-latest | ||
| environment: ${{ github.event.inputs.environment }} | ||
| strategy: | ||
| matrix: | ||
| node-version: [18.14.0] | ||
| steps: | ||
| - name: Install SSH Client | ||
| uses: webfactory/[email protected] | ||
| with: | ||
| ssh-private-key: | | ||
| ${{ secrets.ZAPEHR_TELEHEALTH_PRIVATE_SSH_KEY }} | ||
| - name: If environment is production, ensure keys are coming in through input parameters. | ||
| if: ${{ github.event.inputs.environment == 'production' && !(github.event.inputs.confirmProduction == 'Yes') }} | ||
| run: echo 'Please confirm you want to deploy to production.' && exit 1 | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| ssh-key: ${{ secrets.BUMP_VERSION }} | ||
| - name: Use Node.js ${{ matrix.node-version }} | ||
| uses: actions/setup-node@v2 | ||
| with: | ||
| node-version: ${{ matrix.node-version }} | ||
| - uses: pnpm/action-setup@v2 | ||
| - name: Create secrets file from github secrets | ||
| id: create-json | ||
| uses: jsdaniell/[email protected] | ||
| with: | ||
| name: "secrets.json" | ||
| json: ${{ secrets.TELEHEALTH_SECRETS_JSON }} | ||
| - name: Move env file into .env folder | ||
| run: mkdir -p ${{ env.ZAMBDAS_LOCATION }}/.env/ && cp secrets.json ${{ env.ZAMBDAS_LOCATION }}/.env/${{ secrets.ENVIRONMENT }}.json | ||
| - name: Increase version if input dictates. | ||
| if: ${{ github.event.inputs.incrementVersion == 'true' }} | ||
| run: > | ||
| git config --local user.email "[email protected]" | ||
| git config --local user.name "GitHub Action Bump Version" | ||
| pnpm version ${{ github.event.inputs.versionType }} | ||
| - name: Push increased version if input dictates. | ||
| if: ${{ github.event.inputs.incrementVersion == 'true' }} | ||
| uses: ad-m/github-push-action@master | ||
| with: | ||
| ssh: true | ||
| branch: ${{ github.ref }} | ||
| - name: Get Version Number from package.json for build notifications. | ||
| id: package-version | ||
| uses: martinbeentjes/[email protected] | ||
| path: ${{ env.PACKAGE_LOCATION }} | ||
| - name: Install dependencies | ||
| run: pnpm ci | ||
| ## todo | ||
| - name: Deploy app | ||
| run: cd ${{ env.PACKAGE_LOCATION }} && pnpm run ci-deploy:${{ env.ENVIRONMENT }} | ||
| ## todo | ||
| - name: Setup zapehr secrets | ||
| run: cd ${{ env.ZAMBDAS_LOCATION }} && pnpm run setup-zapehr-secrets ${{ env.ENVIRONMENT }} | ||
| ## todo | ||
| - name: Deploy zambdas | ||
| run: cd ${{ env.ZAMBDAS_LOCATION }} && pnpm run deploy-zambdas ${{ env.ENVIRONMENT }} | ||
| - name: Notify Slack | ||
| if: always() | ||
| uses: edge/[email protected] | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | ||
| BRANCH: ${{ github.ref }} | ||
| PACKAGE_VERSION: ${{ steps.package-version.outputs.current-version }} | ||
| with: | ||
| channel: '#pm-pediatrics-notifications' | ||
| status: ${{ job.status }} | ||
| success_text: '${env.GITHUB_WORKFLOW} (${env.GITHUB_RUN_NUMBER}) build completed successfully' | ||
| failure_text: '${env.GITHUB_WORKFLOW} (${env.GITHUB_RUN_NUMBER}) build failed' | ||
| cancelled_text: '${env.GITHUB_WORKFLOW} (${env.GITHUB_RUN_NUMBER}) build was cancelled' | ||
| fields: | | ||
| [{ "title": "Service", "value": "${env.SLACK_NOTIFICATION_SERVICE_NAME}", "short": true }, | ||
| { "title": "Action URL", "value": "${env.GITHUB_SERVER_URL}/${env.GITHUB_REPOSITORY}/actions/runs/${env.GITHUB_RUN_ID}"}, | ||
| { "title": "Branch", "value": "${env.BRANCH}", "short": true }, | ||
| { "title": "Environment", "value": "${env.ENVIRONMENT}", "short": true }, | ||
| { "title": "Version", "value": "${env.PACKAGE_VERSION}", "short": true }] | ||
