Deploy to Review #13

Workflow file for this run

.github/workflows/deploy_review.yml at 10c5e93

	name: Deploy to Review

	on:
	workflow_dispatch:
	inputs:
	commit:
	description: "Leave blank to use current HEAD, or provide an override commit SHA"
	type: string
	required: false
	secrets:
	PULUMI_ACCESS_TOKEN:
	required: true

	jobs:
	ref:
	name: Load Commit Ref
	runs-on: ubuntu-latest
	steps:
	- id: ref
	shell: bash
	# Default to HEAD of the branch from
	# which this workflow was triggered
	run: \|
	echo "refspec=${{ inputs.commit \|\| github.sha }}" >> $GITHUB_OUTPUT

	- name: Version
	# https://github.com/marketplace/actions/git-semantic-version
	id: version
	uses: paulhatch/[email protected]
	with:
	tag_prefix: "v"
	major_pattern: "(MAJOR)"
	minor_pattern: "(MINOR)"

	- name: Checkout
	uses: actions/checkout@v3
	with:
	ref: ${{ steps.ref.outputs.refspec }}
	fetch-depth: 0

	- name: Store Commit SHA
	id: sha
	shell: bash
	run: \|
	echo "sha_short=$(git rev-parse --short ${{ steps.ref.outputs.refspec }})" >> $GITHUB_OUTPUT

	outputs:
	version_tag: ${{ steps.version.outputs.version_tag }}
	docker_tag: ${{ steps.sha.outputs.sha_short }}
	refspec: ${{ steps.ref.outputs.refspec }}

	deploy_preview:
	name: Preview - Deploying AWS Infra
	needs: [ref]
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	with:
	ref: ${{ needs.ref.outputs.refspec }}
	fetch-depth: 0
	- name: Load secret
	id: op-load-secret
	uses: 1password/load-secrets-action@v1
	with:
	export-env: true
	env:
	OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
	AWS_ACCESS_KEY_ID: op://DevOps/passport-scroll-badge-service-review-secrets/service/AWS_ACCESS_KEY_ID
	AWS_SECRET_ACCESS_KEY: op://DevOps/passport-scroll-badge-service-review-secrets/service/AWS_SECRET_ACCESS_KEY
	PULUMI_ACCESS_TOKEN: op://DevOps/passport-scroll-badge-service-review-secrets/service/PULUMI_ACCESS_TOKEN
	ROUTE_53_DOMAIN: op://DevOps/passport-scroll-badge-service-review-env/service/ROUTE_53_DOMAIN
	SCROLL_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-review-env/service/SCROLL_SECRETS_ARN
	VC_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-review-env/service/VC_SECRETS_ARN
	- name: Prepare to Deploy to AWS
	uses: ./.github/actions/prepare_deploy_to_aws
	- name: Preview Deploy
	uses: ./.github/actions/deploy_to_aws
	with:
	docker_tag: ${{ needs.ref.outputs.docker_tag }}
	stack_name: gitcoin/scroll-badge-service/review
	aws_region: us-west-2
	pulumi_command: preview
	pulumi_diff: true
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }}
	ROUTE_53_DOMAIN: ${{ env.ROUTE_53_DOMAIN }}
	SCROLL_SECRETS_ARN: ${{ env.SCROLL_SECRETS_ARN }}
	VC_SECRETS_ARN: ${{ env.VC_SECRETS_ARN }}

	deploy_confirm:
	name: Review Approval Pending
	needs: [ref, deploy_preview]
	runs-on: ubuntu-latest
	environment: review
	steps:
	- name: Approve Release to Review (check pulumi preview)
	run: \|
	echo "Ref" ${{ needs.ref.outputs.refspec }}

	deploy_backends:
	name: Deploying AWS Infra
	needs: [ref, deploy_preview, deploy_confirm]
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	with:
	ref: ${{ needs.ref.outputs.refspec }}
	fetch-depth: 0
	- name: Load secret
	id: op-load-secret
	uses: 1password/load-secrets-action@v1
	with:
	export-env: true
	env:
	OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
	AWS_ACCESS_KEY_ID: op://DevOps/passport-scroll-badge-service-review-secrets/service/AWS_ACCESS_KEY_ID
	AWS_SECRET_ACCESS_KEY: op://DevOps/passport-scroll-badge-service-review-secrets/service/AWS_SECRET_ACCESS_KEY
	PULUMI_ACCESS_TOKEN: op://DevOps/passport-scroll-badge-service-review-secrets/service/PULUMI_ACCESS_TOKEN
	ROUTE_53_DOMAIN: op://DevOps/passport-scroll-badge-service-review-env/service/ROUTE_53_DOMAIN
	SCROLL_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-review-env/service/SCROLL_SECRETS_ARN
	VC_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-review-env/service/VC_SECRETS_ARN
	- name: Prepare to Deploy to AWS
	uses: ./.github/actions/prepare_deploy_to_aws
	- name: Deploy Review
	uses: ./.github/actions/deploy_to_aws
	with:
	docker_tag: ${{ needs.ref.outputs.docker_tag }}
	stack_name: gitcoin/scroll-badge-service/review
	aws_region: us-west-2
	AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
	PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }}
	ROUTE_53_DOMAIN: ${{ env.ROUTE_53_DOMAIN }}
	SCROLL_SECRETS_ARN: ${{ env.SCROLL_SECRETS_ARN }}
	VC_SECRETS_ARN: ${{ env.VC_SECRETS_ARN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy to Review #13

Workflow file

Deploy to Review #13

Jobs

Run details

Workflow file for this run