diff --git a/README.md b/README.md index f94fac25b..7ebbb1922 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,19 @@ wget -q -O - https://raw.githubusercontent.com/equinor/amplify-components/main/c This should have downloaded the `.eslintrc.cjs`, `.prettierignore`, `.prettierrc.jr`, `tsconfig.json`, `env.sh`, `Dockerfile`, `proxy/nginx.conf`, `proxy/securityheaders.conf` and github actions workflow files +# Using github action workflows related to deploying from github from amplify-components + +1. Navigate to your projects root folder, `~/Projects/recap` for instance + +2. Copy and run the following command +```bash +wget -q -O - https://raw.githubusercontent.com/equinor/amplify-components/main/config/install-deployment-files.sh | bash +``` + +This should have downloaded the `build_deploy_radix.yaml`, `promote.yaml`, `notify.yaml`, `push.yaml` + +NOTE: These files should eventually be served from the same install script we use for getting other config files. We serve it from a different script so that applications which are not ready for the change in deployment process don't have to rush. + ## Notes This script assumes the following structure in the project diff --git a/config/config_files/workflows/build_deploy_radix.yaml b/config/config_files/workflows/build_deploy_radix.yaml new file mode 100644 index 000000000..99839c151 --- /dev/null +++ b/config/config_files/workflows/build_deploy_radix.yaml @@ -0,0 +1,50 @@ +name: ๐Ÿ› ๏ธ Radix Build & Deploy +on: + workflow_call: + inputs: + environment-name: + description: "The GitHub environment to use this workflow in" + type: string + required: true + secrets: + webhook-url: + required: true +jobs: + build: + environment: + name: ${{ inputs.environment-name }} + name: ๐Ÿ› ๏ธ Build & Deploy + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Login Azure + uses: azure/login@v1 + with: + client-id: ${{ vars.CLIENT_ID }} + tenant-id: 3aa4a235-b6e2-48d5-9195-7fcf05b459b0 + allow-no-subscriptions: true + - name: Get token + run: | + token=$(az account get-access-token --resource 6dae42f8-4368-4678-94ff-3960e28e3630 --query=accessToken -otsv) + echo "::add-mask::$token" + echo "APP_SERVICE_ACCOUNT_TOKEN=$token" >> $GITHUB_ENV + - name: Create build-deploy pipeline + uses: equinor/radix-github-actions@v1 + with: + args: > + create pipeline-job + build-deploy + --application ${{ vars.RADIX_APPLICATION_NAME }} + --branch ${{ github.event.repository.default_branch }} + --follow + --token-environment + notify: + name: Notify on slack + needs: [build] + uses: ./.github/workflows/notify.yaml + with: + environment-name: ${{ inputs.environment-name }} + secrets: + webhook-url: ${{ secrets.webhook-url }} diff --git a/config/config_files/workflows/notify.yaml b/config/config_files/workflows/notify.yaml new file mode 100644 index 000000000..6d3124690 --- /dev/null +++ b/config/config_files/workflows/notify.yaml @@ -0,0 +1,35 @@ +name: ๐Ÿ’ฌ Notify +on: + workflow_call: + inputs: + environment-name: + type: string + required: true + secrets: + webhook-url: + required: true +jobs: + slack_notification: + name: ๐Ÿ’ฌ Slack notification + runs-on: ubuntu-latest + steps: + - name: Notify + id: slack + uses: slackapi/slack-github-action@v1.25.0 + with: + payload: | + { + "text": "๐Ÿš€ New version deployed", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "๐Ÿš€ ${{ vars.RADIX_APPLICATION_NAME }} - Deployed new version to ${{ inputs.environment-name }}" + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.webhook-url }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK diff --git a/config/config_files/workflows/promote.yaml b/config/config_files/workflows/promote.yaml new file mode 100644 index 000000000..31d7e07e1 --- /dev/null +++ b/config/config_files/workflows/promote.yaml @@ -0,0 +1,60 @@ +name: ๐Ÿ“ฃ Promote +on: + workflow_call: + inputs: + environment-name: + description: "The GitHub environment to use this workflow in" + type: string + required: true + from-environment: + description: "The Radix environment to promote from" + type: string + required: true + to-environment: + description: "The Radix environment to promote to" + type: string + required: true + secrets: + webhook-url: + required: true +jobs: + promote: + environment: + name: ${{ inputs.environment-name }} + name: ๐Ÿ“ฃ Promote + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: Login Azure + uses: azure/login@v1 + with: + client-id: ${{ vars.CLIENT_ID }} + tenant-id: 3aa4a235-b6e2-48d5-9195-7fcf05b459b0 + allow-no-subscriptions: true + - name: Get token + run: | + token=$(az account get-access-token --resource 6dae42f8-4368-4678-94ff-3960e28e3630 --query=accessToken -otsv) + echo "::add-mask::$token" + echo "APP_SERVICE_ACCOUNT_TOKEN=$token" >> $GITHUB_ENV + - name: Create build-deploy pipeline + uses: equinor/radix-github-actions@v1 + with: + args: > + create pipeline-job + promote + --application ${{ vars.RADIX_APPLICATION_NAME }} + --follow + --from-environment ${{ inputs.from-environment }} + --to-environment ${{ inputs.to-environment }} + --token-environment + --use-active-deployment + notify: + name: Notify on slack + needs: [promote] + uses: ./.github/workflows/notify.yaml + with: + environment-name: ${{ inputs.environment-name }} + secrets: + webhook-url: ${{ secrets.webhook-url }} diff --git a/config/config_files/workflows/push.yaml b/config/config_files/workflows/push.yaml new file mode 100644 index 000000000..5efe91222 --- /dev/null +++ b/config/config_files/workflows/push.yaml @@ -0,0 +1,40 @@ +name: Push +on: + push: + branch: [main] + workflow_dispatch: +jobs: + lint: + name: ๐Ÿš‘ Lint + uses: ./.github/workflows/lint.yaml + test: + name: ๐Ÿงช Test + uses: ./.github/workflows/test.yaml + build_deploy_dev: + name: ๐Ÿ› ๏ธ Build and ๐Ÿš€ Deploy development to radix + needs: [test, lint] + uses: ./.github/workflows/build_deploy_radix.yaml + with: + environment-name: development + secrets: + webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }} + deploy_staging: + name: ๐Ÿš€ Promote to staging + needs: [build_deploy_dev] + uses: ./.github/workflows/promote.yaml + with: + environment-name: staging + from-environment: development + to-environment: staging + secrets: + webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }} + deploy_production: + name: ๐Ÿš€ Promote to production + needs: [deploy_staging] + uses: ./.github/workflows/promote.yaml + with: + environment-name: production + from-environment: staging + to-environment: production + secrets: + webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/config/github_actions_deployment_list.txt b/config/github_actions_deployment_list.txt new file mode 100644 index 000000000..ddc95d0c5 --- /dev/null +++ b/config/github_actions_deployment_list.txt @@ -0,0 +1,4 @@ +https://raw.githubusercontent.com/equinor/amplify-components/main/config/config_files/workflows/build_deploy_radix.yaml +https://raw.githubusercontent.com/equinor/amplify-components/main/config/config_files/workflows/promote.yaml +https://raw.githubusercontent.com/equinor/amplify-components/main/config/config_files/workflows/notify.yaml +https://raw.githubusercontent.com/equinor/amplify-components/main/config/config_files/workflows/push.yaml diff --git a/config/install-deployment-files.sh b/config/install-deployment-files.sh new file mode 100644 index 000000000..a485db739 --- /dev/null +++ b/config/install-deployment-files.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +printf -- "Running frontend configuration script\n" +printf -- "-------------------------------------\n\n" + +currentDir=$(basename "$PWD") + +if [ $currentDir != "client" ] +then + printf -- "Not in ./client folder, moving to it...\n" + cd ./client || exit 1 +fi + +cd ../.. + +printf -- "Downloading client github actions specific to deployment from github to radix...\n" +workflowsList=$(curl -s "https://raw.githubusercontent.com/equinor/amplify-components/main/config/github_actions_deployment_list.txt") + +for line in $workflowsList +do + fileName=$(echo $line | rev | cut -d '/' -f 1 | rev) + curl -s $line > "./github/workflows/$fileName" +done