Create QA Environment

DFE-Digital · Jan 29, 2024 · 89b11dc · 89b11dc
1 parent 9397136
commit 89b11dc
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 1 deletion.
diff --git a/.github/workflows/build_and_deploy.yml b/.github/workflows/build_and_deploy.yml
@@ -9,6 +9,10 @@ on:
 
 concurrency: deploy-${{ github.ref }}
 
+env:
+ DOCKER_REPOSITORY: ghcr.io/dfe-digital/itt-mentor-services
+
+
 permissions:
   packages: write
   pull-requests: write
@@ -18,6 +22,8 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       docker-image-tag: ${{ steps.build-image.outputs.tag }}
+      commit_sha: ${{ env.COMMIT_SHA }}
+      LINK_TO_RUN: ${{ env.LINK_TO_RUN }}
 
     steps:
     - name: Checkout
@@ -30,6 +36,34 @@ jobs:
         github-token: ${{ secrets.GITHUB_TOKEN }}
         context: .
 
+    - name: Set KV environment variables
+      shell: bash
+      id: set_kv_env_vars
+      run: |
+        tf_vars_file=terraform/application/config/${{ inputs.environment }}.tfvars.json
+        cat $tf_vars_file
+        INF_VAULT_NAME=$(jq -r '.inf_vault_name' ${tf_vars_file})
+
+        echo "INF_VAULT_NAME=$INF_VAULT_NAME" >> $GITHUB_ENV
+
+    - name: Fetch secrets from key vault
+      uses: azure/CLI@v1
+      id: keyvault-yaml-secret
+      with:
+        inlineScript: |
+          SLACK_WEBHOOK=$(az keyvault secret show --name "SLACK-WEBHOOK" --vault-name "${{ env.INF_VAULT_NAME }}" --query "value" -o tsv)
+          echo "::add-mask::$SLACK_WEBHOOK"
+          echo "SLACK_WEBHOOK=$SLACK_WEBHOOK" >> $GITHUB_OUTPUT
+
+    - name: Notify twd_itt_mentor_services_devs channel on build workflow failure
+      if: failure()
+      uses: rtCamp/action-slack-notify@master
+      env:
+          SLACK_COLOR: ${{env.SLACK_ERROR}}
+          SLACK_MESSAGE: 'There has been a failure building the application'
+          SLACK_TITLE: 'Failure Building Application'
+          SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK_WEBHOOK }}
+
   deploy_review :
         name: Deploy to review environment
         runs-on: ubuntu-latest
@@ -100,9 +134,37 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      - name: Set KV environment variables
+        shell: bash
+        id: set_kv_env_vars
+        run: |
+          tf_vars_file=terraform/application/config/${{ inputs.environment }}.tfvars.json
+          cat $tf_vars_file
+          INF_VAULT_NAME=$(jq -r '.inf_vault_name' ${tf_vars_file})
+
+          echo "INF_VAULT_NAME=$INF_VAULT_NAME" >> $GITHUB_ENV
+
+      - name: Fetch secrets from key vault
+        uses: azure/CLI@v1
+        id: keyvault-yaml-secret
+        with:
+          inlineScript: |
+            SLACK_WEBHOOK=$(az keyvault secret show --name "SLACK-WEBHOOK" --vault-name "${{ env.INF_VAULT_NAME }}" --query "value" -o tsv)
+            echo "::add-mask::$SLACK_WEBHOOK"
+            echo "SLACK_WEBHOOK=$SLACK_WEBHOOK" >> $GITHUB_OUTPUT
+
       - uses: ./.github/actions/deploy-environment
         id: deploy
         with:
           environment: ${{ matrix.environment }}
           docker-image: ${{ needs.build.outputs.docker-image-tag }}
           azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Slack Notification
+        if: failure()
+        uses: rtCamp/action-slack-notify@master
+        env:
+          SLACK_COLOR: ${{ env.SLACK_FAILURE }}
+          SLACK_TITLE: ${{ matrix.environment }} Release ${{ github.event.title }}
+          SLACK_MESSAGE: Failure deploying ${{ matrix.environment }} release
+          SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK_WEBHOOK }}
diff --git a/terraform/application/config/qa.tfvars.json b/terraform/application/config/qa.tfvars.json
@@ -1,5 +1,6 @@
 {
     "cluster": "test",
     "namespace": "bat-qa",
-    "enable_postgres_ssl": true
+    "enable_postgres_ssl": true, 
+    "inf_vault_name": "s189t01-faltrn-dv-inf-kv"
   }