Deploy #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: environment | |
| image-hash: | |
| type: string | |
| required: false | |
| default: '' | |
| description: SHA256 of the image to deploy | |
| image-tag: | |
| type: string | |
| required: false | |
| default: 'latest' | |
| description: Tag of the image to deploy | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| packages: write | |
| contents: write | |
| steps: | |
| # | |
| # Build image name | |
| # | |
| - name: Build image name | |
| shell: bash | |
| env: | |
| IMAGE_HASH: ${{ inputs.image-hash }} | |
| IMAGE_TAG: ${{ inputs.image-tag }} | |
| run: | | |
| if [ -n "$IMAGE_HASH" ]; then | |
| echo "IMAGE=ghcr.io/pagopa/mil-auth:$IMAGE_TAG@sha256:$IMAGE_HASH" >> $GITHUB_ENV | |
| else | |
| echo "IMAGE=ghcr.io/pagopa/mil-auth:IMAGE_TAG" >> $GITHUB_ENV | |
| fi | |
| echo "$IMAGE_TAG will be deployed." | |
| - name: Define environment | |
| shell: bash | |
| env: | |
| ENVIRONMENT: ${{ inputs.environment }} | |
| run: | | |
| if [ "$ENVIRONMENT" -eq "prod-cd" ]; then | |
| echo "ENV_FOLDER=prod" >> $GITHUB_ENV | |
| elif [ "$ENVIRONMENT" -eq "uat-cd" ]; then | |
| echo "ENV_FOLDER=uat" >> $GITHUB_ENV | |
| else | |
| echo "ENV_FOLDER=dev" >> $GITHUB_ENV | |
| fi | |
| echo "$ENV_FOLDER folder will be used." | |
| # | |
| # Setup Terraform | |
| # | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 | |
| with: | |
| terraform_version: 1.9.7 | |
| # | |
| # Checkout the source code | |
| # | |
| - name: Checkout the source code | |
| uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab | |
| with: | |
| token: ${{ secrets.GIT_PAT }} | |
| fetch-depth: 0 | |
| # | |
| # Terraform init | |
| # | |
| - name: Terraform init | |
| shell: bash | |
| run: | | |
| terraform init -backend-config="src/main/terraform/env/$ENV_FOLDER/backend.tfvars" -reconfigure | |
| # | |
| # Terraform apply | |
| # | |
| - name: Terraform apply | |
| shell: bash | |
| run: | | |
| terraform apply -var-file="src/main/terraform/env/$ENV_FOLDER/backend.tfvars" -var="mil_auth_image=$IMAGE" -auto-approve -lock-timeout=300s |