roleypoly/v3
1
0
Fork 0
mirror of https://github.com/roleypoly/roleypoly.git synced 2025-04-24 19:39:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
v3/.github/workflows/deploy.yml
dependabot[bot] f3d44c0f46
chore(deps): bump hashicorp/setup-terraform from 1.3.2 to 2.0.3 
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 1.3.2 to 2.0.3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v1.3.2...v2.0.3)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 11:31:25 +00:00

128 lines
4.1 KiB
YAML
Raw Blame History

name: Deploy
on:
workflow_dispatch:
inputs:
environment:
description: 'One of: stage, prod'
required: true
default: stage
bot_tag:
description: 'tag/digest reference to a UI container build'
required: false
default: ':main'
worker_tag:
description: 'bucket key to fetch worker from'
required: false
default: '' # Empty will try using current main branch hash
jobs:
deploy_terraform:
name: Deploy Terraform
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_version: ^1.1.4
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v0
with:
project_id: ${{ secrets.GCS_PROJECT_ID }}
service_account_key: ${{ secrets.GCS_TF_KEY }}
export_default_credentials: true
- name: Get Google Secrets (they keep them in a box under a tree)
id: secrets
uses: google-github-actions/get-secretmanager-secrets@main
with:
secrets: |-
secretJSON:${{ secrets.GCS_PROJECT_ID }}/${{github.event.inputs.environment}}-tfvars
- name: Pull necessary artifacts
working-directory: ./terraform
run: |
currentHash=${{ github.sha }}
targetArtifact=${{ github.event.inputs.worker_tag }}
selected="${targetArtifact:-$currentHash}"
mkdir worker-dist
gsutil cp -r "gs://roleypoly-artifacts/workers/$selected/*" worker-dist/
- name: Terraform init
working-directory: ./terraform
run: |
terraform init --backend-config "prefix=${{github.event.inputs.environment}}"
- name: Write *.auto.tfvars.json files
working-directory: ./terraform
run: |
echo \
'{"bot_tag": "${{github.event.inputs.bot_tag}}", "worker_tag": "${{github.event.inputs.worker_tag}}", "path_to_worker": "./worker-dist/index.mjs"}' \
| jq . \
| tee tags.auto.tfvars.json
echo ${SECRET_TFVARS} > secrets.auto.tfvars.json
env:
SECRET_TFVARS: ${{ steps.secrets.outputs.secretJSON }}
- name: Terraform plan
working-directory: ./terraform
run: |
terraform plan \
-var-file variables/global.tfvars \
-var-file variables/${{github.event.inputs.environment}}.tfvars \
-out=./deployment.tfplan
- name: Terraform apply
working-directory: ./terraform
run: |
terraform apply \
-auto-approve \
deployment.tfplan
- name: Yell Success at Discord
if: success()
run: |
DATA='{
"embeds": [
{
"title": "Roleypoly Deployment Success",
"description": "Roleypoly was successfully deployed at '$(date)'",
"color": 4634182,
"author": {
"name": "Deployment Notification",
"url": "https://github.com/roleypoly/roleypoly/actions/runs/${{ github.run_id }}"
},
"footer": {
"text": "GitHub Actions"
}
}
]
}'
curl -X POST -H "content-type: application/json" --data "$DATA" ${{ secrets.DEPLOYMENT_WEBHOOK_URL }}
- name: Yell Failure at Discord
if: failure()
run: |
DATA='{
"embeds": [
{
"title": "Roleypoly Deployment Failed",
"description": "Roleypoly failed to be deployed at '$(date)'",
"color": 15291219,
"author": {
"name": "Deployment Notification",
"url": "https://github.com/roleypoly/roleypoly/actions/runs/${{ github.run_id }}"
},
"footer": {
"text": "GitHub Actions"
}
}
]
}'
curl -X POST -H "content-type: application/json" --data "$DATA" ${{ secrets.DEPLOYMENT_WEBHOOK_URL }}
Reference in a new issue View git blame Copy permalink