-
Notifications
You must be signed in to change notification settings - Fork 5
executable file
·74 lines (67 loc) · 2.53 KB
/
dev-arcgis-system-deploy-app-blue.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
name: sequence 2 - Manual Action for Blue Deployment
##########################
### Run Manually ###
##########################
on:
workflow_dispatch:
inputs:
subdomain:
required: true
default: "seed1"
deploypurpose:
required: false
default: "dev"
env:
# set with your preferred AWS region, e.g. us-west-1
AWS_REGION: ap-southeast-2
# set with GitHub Actions role name
AWS_ROLE_ARN: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-action-to-ec2
ROLLE_SESSION_NAME: GithubAction-Deploy-Blue
CODEBUILD_PROJECT_NAME: ${{ secrets.AWS_CODEBUILD_PROJECT }}
DEPLOY_SUBDOMAIN: ${{ github.event.inputs.subdomain }}
DEPLOY_PURPOSE: ${{ github.event.inputs.deploypurpose }}
defaults:
run:
working-directory: ./envs/dev/app/ansible/
jobs:
deploy-blue:
if: ${{ github.ref == 'refs/heads/main' }}
runs-on: ubuntu-20.04
# These permissions are needed to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
steps:
- uses: actions/checkout@v2
id: checkout
# if manual-run, please comment out the following
# if: contains(toJSON(github.event.commits.*.message), '@builddev-aws')
with:
submodules: true # Fetch submodules
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
- name: Configure AWS credentials from IAM Role for Github Action
if: ${{ !env.ACT }}
id: configure_aws_credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ env.AWS_REGION }}
role-session-name: ${{ env.ROLLE_SESSION_NAME }}-${{ github.run_id }}
role-to-assume: ${{ env.AWS_ROLE_ARN }}
- name: Configure AWS credentials from IAM Role for Local
if: ${{ env.ACT }}
id: configure_aws_credentials_local
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ env.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: run codebuild
uses: aws-actions/aws-codebuild-run-build@v1.0.4
with:
project-name: ${{ env.CODEBUILD_PROJECT_NAME }}
buildspec-override: ./envs/dev/codebuild/configuration/buildspec_deploy_provisioning_blue.yaml
env-vars-for-codebuild: |
DEPLOY_SUBDOMAIN,
DEPLOY_PURPOSE