diff --git a/.github/workflows/build-and-deploy-dev.yml b/.github/workflows/build-and-deploy-dev.yml index 567a956b3..ca2a8b03e 100644 --- a/.github/workflows/build-and-deploy-dev.yml +++ b/.github/workflows/build-and-deploy-dev.yml @@ -8,8 +8,14 @@ on: jobs: build-and-deploy: - uses: clearlydefined/operations/.github/workflows/build-and-deploy-dev.yml@elr/shared-dev-deploy - secrets: inherit + uses: clearlydefined/operations/.github/workflows/app-build-and-deploy.yml@elr/reusable-deploy-workflow + secrets: + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + AZURE_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_DEV }} + DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }} + PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }} with: - application-name: "clearlydefined-api" - application-type: "api" + deploy-env: dev + application-type: api + azure-app-base-name: clearlydefined-api + azure-app-name-postfix: -dev diff --git a/.github/workflows/build_and_deploy_prod.yml b/.github/workflows/build_and_deploy_prod.yml index c4469dff3..6440b9b9b 100644 --- a/.github/workflows/build_and_deploy_prod.yml +++ b/.github/workflows/build_and_deploy_prod.yml @@ -1,148 +1,36 @@ # This workflow will build a docker image, push it to ghcr.io, and deploy it to an Azure WebApp. -name: Build and Deploy to prod service app +name: Build and Deploy to prod service apps -# Update the triggers based on the environment that is being deployed to. -# Triggers for dev deployments: 1) manually triggered, 2) push to branch `master` -# Triggers for prod deployments: 1) manually triggered, 2) release [published] on: workflow_dispatch: release: types: [published] -# There are secrets and environment variables that need to be set that control what is pushed to -# ghcr and Azure. -# -# Secrets: -# AZURE_CREDENTIALS_PROD: service principal that has access to the Azure prod WebApp -# AZURE_WEBAPP_PUBLISH_PROFILE: publish profile for the Azure WebApp -# AZURE_WEBAPP_PUBLISH_PROFILE_EU: publish profile for the Azure WebApp in Europe -# -# Environment Variables: -# APPLICATION_TYPE: type of application that is being deployed; used to add a label to the Docker image (values: api | web | worker) -# AZURE_WEBAPP_NAME: name of the Azure WebApp being deployed -# AZURE_EU_WEBAPP_NAME: name of the Azure WebApp being deployed -# DEPLOY_ENVIRONMENT: environment that the code is being deployed to; used to add a label to the Docker image (values: dev | prod) -# DEPLOY_DOCKER_TAG: _NOT used as a ENV for production. To be able to always have the version, get it from package.json._ -# DOCKER_IMAGE_NAME: name of the Docker image that is being built and pushed to ghcr.io. - -env: - APPLICATION_TYPE: api - AZURE_WEBAPP_NAME: clearlydefined-api-prod - AZURE_EU_WEBAPP_NAME: clearlydefined-api-prod-europe - DEPLOY_ENVIRONMENT: prod - # DEPLOY_DOCKER_TAG: ${{ github.event.release.tag_name }} - DOCKER_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/${{ github.repository }} - jobs: - build-and-deploy: - name: Build and Deploy + determine-trigger: + name: Determine if this was triggered by a release or workflow_dispatch runs-on: ubuntu-latest + outputs: + is-release: ${{ env.IS_RELEASE }} steps: - - name: Get version - id: package - run: | - echo "::set-output name=version::$(curl --silent "https://api.github.com/repos/clearlydefined/service/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')" - shell: bash - - - name: Use version + - name: Check if this was triggered by a release + id: release run: | - echo "Version is ${{ steps.package.outputs.version }}" - shell: bash - - - uses: actions/checkout@v4.1.1 - - - name: Log into ghcr registry - uses: docker/login-action@v3.0.0 - with: - registry: ghcr.io - username: ${{ github.actor }} # user that kicked off the action - password: ${{ secrets.GITHUB_TOKEN }} # token created when the action launched (short lived) - - - name: Build and push Docker image - env: - DOCKER_TAGS: | - ${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }} - uses: docker/build-push-action@v5.2.0 - with: - context: . - push: true - file: Dockerfile - tags: ${{ env.DOCKER_TAGS }} - labels: | - env=${{ env.DEPLOY_ENVIRONMENT }} - type=${{ env.APPLICATION_TYPE }} - - - name: Login for Azure cli commands - uses: azure/login@v2.0.0 - with: - creds: ${{ secrets.AZURE_CREDENTIALS_PROD }} - - - name: Set DOCKER configs in Azure web app - uses: azure/appservice-settings@v1.1.1 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - app-settings-json: | - [ - { - "name": "DOCKER_CUSTOM_IMAGE_NAME", - "value": "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "DOCKER_REGISTRY_SERVER_URL", - "value": "https://ghcr.io", - "slotSetting": false - }, - { - "name": "APP_VERSION", - "value": "${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "BUILD_SHA", - "value": "${{ github.sha }}", - "slotSetting": false - } - ] - - - name: Deploy to Azure WebApp - uses: azure/webapps-deploy@v3.0.0 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD }} - images: '${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}' - - - name: Set DOCKER configs in Azure EU web app - uses: azure/appservice-settings@v1.1.1 - with: - app-name: ${{ env.AZURE_EU_WEBAPP_NAME }} - app-settings-json: | - [ - { - "name": "DOCKER_CUSTOM_IMAGE_NAME", - "value": "${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "DOCKER_REGISTRY_SERVER_URL", - "value": "https://ghcr.io", - "slotSetting": false - }, - { - "name": "APP_VERSION", - "value": "${{ steps.package.outputs.version }}", - "slotSetting": false - }, - { - "name": "BUILD_SHA", - "value": "${{ github.sha }}", - "slotSetting": false - } - ] - - - name: Deploy to Azure EU WebApp - uses: azure/webapps-deploy@v3.0.0 - with: - app-name: ${{ env.AZURE_EU_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD_EU }} - images: '${{ env.DOCKER_IMAGE_NAME }}:${{ steps.package.outputs.version }}' + echo "IS_RELEASE"=${{ github.event_name == 'release' }} >> $GITHUB_ENV + + build-and-deploy-prod: + uses: clearlydefined/operations/.github/workflows/app-build-and-deploy.yml@elr/reusable-deploy-workflow + needs: determine-trigger + secrets: + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + AZURE_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD }} + AZURE_SECONDARY_WEBAPP_PUBLISH_PROFILE: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_PROD_EU }} + DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }} + PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }} + with: + deploy-env: prod + application-type: api + azure-app-base-name: clearlydefined-api + azure-app-name-postfix: -prod + secondary-azure-app-name-postfix: -prod-europe + is-release: ${{ needs.determine-trigger.outputs.is-release }}