diff --git a/deploy-to-aks/README.md b/deploy-to-aks/README.md index 657cb82..abba2ca 100644 --- a/deploy-to-aks/README.md +++ b/deploy-to-aks/README.md @@ -6,17 +6,20 @@ Optionally after deployment - if enabled, it will run 'make review seed-review-app' so this must exist in the Makefile - run a smoktest after deployment +If using Google Cloud then GCP_PROJECT_ID abd GCP_WIP variables must be set in the service Makefile. + ## Inputs - `azure-credentials`: A JSON string containing service principle credentials (Required) +- `gcp-wip`: The full identifier of the GCP Workload Identity Provider (Optional) - `environment`: Name of the environment to deploy (Required) - `github-token`: Default Github token retrieved via secrets. GITHUB_TOKEN or PAT with permission to the repository (Required) - `pr-number`: Pull Request Number if deploying a review app (Optional) -- `seed-review-app`: Run seed command after review deployment (default: false) +- `db-seed`: Run seed command after review deployment (default: false) - `sha`: commit sha of the docker image to be deployed (Required) - `slack-webhook` : A slack webhook to send a slack message to the service tech channel on deploy failure (Optional) -- `smoketest-cmd` : Smoke test url path (Optional) -- `tf-url-output` : Name of the terraform url output, which must be json parsable (default: 'url') -- `tf-path` : Name of the base terraform path (default: 'terraform/application') +- `smoke-test` : Run an application smoke test after deployment (default: false) +- `healthcheck` : Health check path (Optional) +- `terraform-base` : Name of the base terraform path (default: 'terraform/application') ## Example @@ -33,7 +36,6 @@ Optionally after deployment github-token: ${{ secrets.GITHUB_TOKEN }} pr-number: ${{ github.event.pull_request.number }} sha: ${{ needs.build.outputs.docker-image-tag }} - tf-path: ${{ env.TF_PATH }} - smoketest-cmd: 'healthcheck/all' + healthcheck: 'healthcheck/all' seed-review-app: true ``` diff --git a/deploy-to-aks/action.yml b/deploy-to-aks/action.yml index 198135a..c0826a7 100644 --- a/deploy-to-aks/action.yml +++ b/deploy-to-aks/action.yml @@ -4,6 +4,8 @@ description: Deploy a docker image to an AKS environment inputs: azure-credentials: required: true + gcp-wip: + required: false environment: description: Environment to deploy to required: true @@ -13,36 +15,42 @@ inputs: pr-number: description: PR number for the review app required: false - seed-review-app: - description: run seed command after a review deployment - type: boolean - required: false - default: false sha: description: Commit sha to be deployed required: true slack-webhook: required: false - smoketest-cmd: - description: smoketest url suffix + db-seed: + description: run seed command after a review deployment + type: boolean + required: false + default: false + smoke-test: + description: Enable smoke test after deployment + type: boolean required: false - tf-url-output: - description: terraform output that contains the url + default: false + healthcheck: + description: Health check path required: false - default: 'url' - tf-path: + terraform-base: description: path to the terraform files required: false default: 'terraform/application' +outputs: + environment_url: + description: The first external URL for the deployed environment + value: ${{ steps.set_outputs.output.DEPLOY_URL }} + runs: using: composite steps: - name: Set Environment variables - id: set_tf_var + id: set_env_var shell: bash run: | - terraform_version=$(awk '/{/{f=/^terraform/;next}f' ${{ inputs.tf-path }}/terraform.tf | grep -o [0-9\.]*) + terraform_version=$(awk '/{/{f=/^terraform/;next}f' ${{ inputs.terraform-base }}/terraform.tf | grep -o [0-9\.]*) echo "TERRAFORM_VERSION=$terraform_version" >> $GITHUB_ENV - name: Use Terraform ${{ env.TERRAFORM_VERSION }} @@ -52,23 +60,19 @@ runs: terraform_wrapper: false - uses: azure/login@v2 + if: ${{ ( inputs.db-seed == 'true' && inputs.environment == 'review' ) }} with: creds: ${{ inputs.azure-credentials }} + - uses: google-github-actions/auth@v2 + if: ${{ inputs.gcp-wip != '' }} + with: + workload_identity_provider: ${{ inputs.gcp-wip }} + - uses: DFE-Digital/github-actions/set-kubelogin-environment@master with: azure-credentials: ${{ inputs.azure-credentials }} - # - name: Start review-${{ github.event.pull_request.number }} Deployment - # uses: bobheadxi/deployments@v1 - # id: deployment - # if: inputs.pr-number != '' - # with: - # env: review-${{ inputs.pr-number }} - # ref: ${{ github.head_ref }} - # step: start - # token: ${{ inputs.github-token }} - - name: Terraform apply shell: bash run: make ${{ inputs.environment }} ci terraform-apply @@ -77,39 +81,40 @@ runs: PR_NUMBER: ${{ inputs.pr-number }} - name: Install kubectl - if: inputs.seed-review-app == 'true' + if: ${{ ( inputs.db-seed == 'true' && inputs.environment == 'review' ) }} uses: DFE-Digital/github-actions/set-kubectl@master - name: Seed review app shell: bash - if: inputs.seed-review-app == 'true' - run: make ci ${{ inputs.environment }} seed-review-app + if: ${{ ( inputs.db-seed == 'true' && inputs.environment == 'review' ) }} + run: make ci ${{ inputs.environment }} db-seed env: PR_NUMBER: ${{ inputs.pr-number }} - - name: Run smoke tests - if: inputs.smoketest-cmd != '' + - name: set DEPLOY_URL output + shell: bash + id: set_output + run: | + first_url=$(terraform -chdir=${{ inputs.terraform-base }} output -json external_urls | jq -r '.[0]') + echo "DEPLOY_URL=$first_url" >> $GITHUB_OUTPUT + external_urls=$(terraform -chdir=terraform/application output -json external_urls) + + - name: Run healthcheck + if: ${{ inputs.healthcheck != '' }} shell: bash run: | - urls=$(terraform -chdir=${{ inputs.tf-path }} output -json ${{ inputs.tf-url-output }} | jq -r '.[]') - for url in $urls; do - echo "Check health for $url/${{ inputs.smoketest-cmd }}..." - curl -sS --fail "$url/${{ inputs.smoketest-cmd }}" > /dev/null && echo "Health check passed for $url" || echo "Health check failed for $url" + external_urls=$(terraform -chdir=${{ inputs.terraform-base }} output -json external_urls | jq -r '.[]') + for url in $external_urls; do + echo "Check health for $url/${{ inputs.healthcheck }}..." + curl -sS --fail "$url/${{ inputs.healthcheck }}" > /dev/null && echo "Health check passed for $url" || echo "Health check failed for $url" done - echo "URLS<> $GITHUB_ENV - echo $urls >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - - # - name: Update review-${{ inputs.pr-number }} status - # if: always() && inputs.pr-number != '' - # uses: bobheadxi/deployments@v1 - # with: - # env: review-${{ inputs.pr-number }} - # ref: ${{ github.head_ref }} - # step: finish - # token: ${{ inputs.github-token }} - # status: ${{ job.status }} - # deployment_id: ${{ steps.deployment.outputs.deployment_id }} + if [ ${{ inputs.pr-number }} != '' ]; then + echo "URLS<> $GITHUB_ENV + for url in $external_urls; do + echo $url >> $GITHUB_ENV + done + echo "EOF" >> $GITHUB_ENV + fi - name: Post comment to Pull Request ${{ inputs.pr-number }} if: inputs.pr-number != '' @@ -119,12 +124,20 @@ runs: message: | ### Deployments - | URL | + | Review app is available at these URLs: | | ---------------------------------------------------------------------------------------- | | ${{ env.URLS }} | + - name: Run smoke test + shell: bash + if: ${{ inputs.smoke-test == 'true' }} + env: + PR_NUMBER: ${{ inputs.pr-number }} + run: | + make ci ${{ inputs.environment }} smoke-test + - name: Notify Slack channel on job failure - if: ${{ failure() && github.ref == 'refs/heads/main' }} + if: ${{ failure() && github.ref == 'refs/heads/main' && inputs.slack-webhook != '' }} uses: rtCamp/action-slack-notify@master env: SLACK_USERNAME: CI Deployment