Manual deploy release #141
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Manual deploy release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| release: | |
| description: 'Which pre-release/release to deploy:' | |
| type: string | |
| required: true | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: write # This is required for actions/checkout | |
| jobs: | |
| manual-deploy-release: | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/uat' || startsWith(github.ref, 'refs/heads/hotfix/') || github.ref == 'refs/heads/main' | |
| strategy: | |
| matrix: #pre-prod | |
| environment: ["${{ github.ref == 'refs/heads/dev' && 'dev' || github.ref == 'refs/heads/uat' && 'uat' || startsWith(github.ref, 'refs/heads/hotfix/') && 'uat' || github.ref == 'refs/heads/main' && 'prod' }}"] | |
| name: "manual-deploy-release" | |
| runs-on: ubuntu-latest | |
| environment: ${{ matrix.environment }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 | |
| with: | |
| role-to-assume: ${{ secrets.IAM_ROLE }} | |
| aws-region: ${{ vars.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2 | |
| - name: Verify if the tag is on ECR | |
| run: | | |
| aws ecr describe-images --repository-name ${{ vars.DOCKER_IMAGE_NAME}} --image-ids imageTag=${{ inputs.release }} --region ${{ vars.AWS_REGION }} | |
| - name: Update Kubernetes Config | |
| run: | | |
| aws eks --region ${{ vars.AWS_REGION }} update-kubeconfig --name pagopa-${{ matrix.environment }}-atm-layer-eks | |
| - name: Install Helm | |
| run: | | |
| curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
| chmod 700 get_helm.sh | |
| ./get_helm.sh | |
| - name: Upgrade Helm Chart | |
| run: | | |
| helm upgrade --install ${{ vars.DOCKER_IMAGE_NAME }} helm-chart/ \ | |
| --namespace pagopa \ | |
| -f helm-chart/environments/values-${{ matrix.environment }}.yaml \ | |
| --set image.tag=${{ inputs.release }} \ | |
| --set image.repository=${{ steps.login-ecr.outputs.registry }}/${{ vars.DOCKER_IMAGE_NAME }} \ | |
| --set serviceAccount.annotations."eks\.amazonaws\.com/role-arn"=${{ secrets.SERVICEACCOUNT_IAM_ROLE }} |