fix: loading re-usable action load_commit_ref #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Library - Build and Deploy to Review | |
| on: | |
| workflow_call: | |
| inputs: | |
| commit: | |
| description: "Leave blank to use current HEAD, or provide an override commit SHA" | |
| type: string | |
| required: false | |
| environment: | |
| description: "Environment to deploy to" | |
| type: string | |
| required: true | |
| jobs: | |
| ref: | |
| name: Load Commit Ref | |
| runs-on: ubuntu-latest | |
| steps: | |
| - id: ref | |
| uses: passportxyz/gh-workflows/.github/actions/load_commit_ref | |
| with: | |
| commit: ${{ inputs.commit }} | |
| outputs: | |
| version_tag: ${{ steps.ref.outputs.version_tag }} | |
| docker_tag: ${{ steps.ref.outputs.docker_tag }} | |
| refspec: ${{ steps.ref.outputs.refspec }} | |
| docker: | |
| name: Docker | |
| needs: [ref] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ needs.ref.outputs.refspec }} | |
| fetch-depth: 0 | |
| - name: Load secret | |
| id: op-load-secret | |
| uses: 1password/load-secrets-action@v1 | |
| with: | |
| export-env: true | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| AWS_ACCESS_KEY_ID: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/AWS_ACCESS_KEY_ID | |
| AWS_SECRET_ACCESS_KEY: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/AWS_SECRET_ACCESS_KEY | |
| - name: Docker Build | |
| uses: ./.github/actions/docker_build | |
| with: | |
| docker_tag: ${{ needs.ref.outputs.docker_tag }} | |
| ecr_repository_name: scroll-badge-service | |
| dockerfile_name: Dockerfile | |
| build_dir: ./ | |
| - name: Docker Push to Review | |
| uses: ./.github/actions/docker_deploy | |
| with: | |
| docker_tag: ${{ needs.ref.outputs.docker_tag }} | |
| ecr_repository_name: scroll-badge-service | |
| aws_region: us-west-2 | |
| aws_access_key_id: ${{ env.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| deploy_preview: | |
| name: Preview - Deploying AWS Infra | |
| needs: [ref, docker] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ needs.ref.outputs.refspec }} | |
| fetch-depth: 0 | |
| - name: Load secret | |
| id: op-load-secret | |
| uses: 1password/load-secrets-action@v1 | |
| with: | |
| export-env: true | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| AWS_ACCESS_KEY_ID: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/AWS_ACCESS_KEY_ID | |
| AWS_SECRET_ACCESS_KEY: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/AWS_SECRET_ACCESS_KEY | |
| PULUMI_ACCESS_TOKEN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/PULUMI_ACCESS_TOKEN | |
| ROUTE_53_DOMAIN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-env/service/ROUTE_53_DOMAIN | |
| SCROLL_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-env/service/SCROLL_SECRETS_ARN | |
| VC_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-env/service/VC_SECRETS_ARN | |
| - name: Prepare to Deploy to AWS | |
| uses: ./.github/actions/prepare_deploy_to_aws | |
| - name: Deploy Review | |
| uses: ./.github/actions/deploy_to_aws | |
| with: | |
| docker_tag: ${{ needs.ref.outputs.docker_tag }} | |
| stack_name: gitcoin/scroll-badge-service/${{ inputs.environment }} | |
| aws_region: us-west-2 | |
| pulumi_command: preview | |
| AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }} | |
| ROUTE_53_DOMAIN: ${{ env.ROUTE_53_DOMAIN }} | |
| SCROLL_SECRETS_ARN: ${{ env.SCROLL_SECRETS_ARN }} | |
| VC_SECRETS_ARN: ${{ env.VC_SECRETS_ARN }} | |
| deploy_confirm: | |
| name: Review Approval Pending | |
| needs: [ref, deploy_preview] | |
| runs-on: ubuntu-latest | |
| environment: ${{ inputs.environment }} | |
| steps: | |
| - name: Approve Release to Review (check pulumi preview) | |
| run: | | |
| echo "Ref" ${{ needs.ref.outputs.refspec }} | |
| deploy_backends: | |
| name: Deploying AWS Infra | |
| needs: [ref, docker, deploy_preview, deploy_confirm] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ needs.ref.outputs.refspec }} | |
| fetch-depth: 0 | |
| - name: Load secret | |
| id: op-load-secret | |
| uses: 1password/load-secrets-action@v1 | |
| with: | |
| export-env: true | |
| env: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| AWS_ACCESS_KEY_ID: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/AWS_ACCESS_KEY_ID | |
| AWS_SECRET_ACCESS_KEY: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/AWS_SECRET_ACCESS_KEY | |
| PULUMI_ACCESS_TOKEN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-secrets/service/PULUMI_ACCESS_TOKEN | |
| ROUTE_53_DOMAIN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-env/service/ROUTE_53_DOMAIN | |
| SCROLL_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-env/service/SCROLL_SECRETS_ARN | |
| VC_SECRETS_ARN: op://DevOps/passport-scroll-badge-service-${{ inputs.environment }}-env/service/VC_SECRETS_ARN | |
| - name: Prepare to Deploy to AWS | |
| uses: ./.github/actions/prepare_deploy_to_aws | |
| - name: Deploy Review | |
| uses: ./.github/actions/deploy_to_aws | |
| with: | |
| docker_tag: ${{ needs.ref.outputs.docker_tag }} | |
| stack_name: gitcoin/scroll-badge-service/${{ inputs.environment }} | |
| aws_region: us-west-2 | |
| AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }} | |
| ROUTE_53_DOMAIN: ${{ env.ROUTE_53_DOMAIN }} | |
| SCROLL_SECRETS_ARN: ${{ env.SCROLL_SECRETS_ARN }} | |
| VC_SECRETS_ARN: ${{ env.VC_SECRETS_ARN }} |