This repository has been archived by the owner on Aug 16, 2024. It is now read-only.

CD QA SELFSERVE WEB #6

Workflow file for this run

.github/workflows/qa-selfserve-web-approval.yaml at 2ca671c

	name: CD QA SELFSERVE WEB
	run-name: CD QA SELFSERVE WEB

	on:
	workflow_dispatch:
	inputs:
	ssweb_image_tag:
	description: 'Tag of SelfServe Web Image'
	required: true

	env:
	AWS_REGION : ${{ vars.DVSA_AWS_REGION }}
	SSWEB_NONPROD_TOOLING_REPO_URL: ${{ secrets.SSWEB_NONPROD_TOOLING_ECR_REPO_URL }}
	SSWEB_PROD_TOOLING_REPO_URL: ${{ secrets.SSWEB_PROD_TOOLING_ECR_REPO_URL }}

	# Permission can be added at job level or workflow level
	permissions:
	id-token: write # This is required for requesting the JWT
	contents: read # This is required for actions/checkout

	jobs:

	deploy-on-qa-cluster:

	name: Deploy on QA Cluster
	# if: github.ref == 'refs/heads/master'
	runs-on: ubuntu-latest

	steps:

	- name: Configure AWS credentials on Non Production SSWEB ECR
	uses: aws-actions/configure-aws-credentials@v4.0.1
	with:
	role-to-assume: ${{ secrets.VOL_AWS_ROLE_TOOLING_NONPROD }}
	role-session-name: GitHub_to_AWS_via_FederatedOIDC
	aws-region: ${{ env.AWS_REGION}}

	- name: Login to Non Production SSWEB ECR
	id: login-ecr-ssweb-tooling-non-prod
	uses: aws-actions/amazon-ecr-login@v2.0.1

	- name: Validate SelfServe Web Image
	uses: dvsa/.github/.github/actions/image-integrity@feature/AddMiscAuxilaryWorkflows
	with:
	ecr_tagged_image: ${{ secrets.SSWEB_NONPROD_TOOLING_ECR_REPO_URL }}:${{ github.event.inputs.SSWEB_image_tag }}
	image_sign_inspect: 'true'

	- name: Deploy on QA
	run: \|
	echo 'Deploy on QA'

	# uses: dvsa/.github/.github/workflows/trigger-github-workflow.yaml@feature/AddMiscAuxilaryWorkflows
	# with:
	# branch: 'feature/AWSRESET1-514'
	# git_repository: 'dvsa/dvsa-container-registry'
	# workflow_name: 'CD NON-PROD SELFSERVE WEB'
	# input_arguments: 'ssweb_image_tag=${{ github.event.inputs.ssweb_image_tag }}'
	# secrets:
	# gh_token: ${{ secrets.DVSA_VOL_TERRAFORM_ACCESS_TOKEN }}


	qa-automation-tests:

	name: Run QA Automation Tests
	# if: github.ref == 'refs/heads/master'
	runs-on: ubuntu-latest

	needs:
	- deploy-on-qa-cluster

	steps:

	- name: Run automation tests
	run: \|
	echo 'Run automation tests'

	prod-approve-image:

	name: Approval PROD SelfServe Web Image
	# if: github.ref == 'refs/heads/master'
	runs-on: ubuntu-latest

	needs:
	- qa-automation-tests

	steps:

	- name: Set NONPROD_SSWEB_IMAGE_TAG & PROD_SSWEB_IMAGE_TAG
	# if: github.ref == 'refs/heads/master'
	run: \|
	inputImageTag=${{ github.event.inputs.SSWEB_image_tag }}
	echo "NONPROD_SSWEB_IMAGE_TAG=${inputImageTag}" >> $GITHUB_ENV
	echo "PROD_SSWEB_IMAGE_TAG=${inputImageTag#non}" >> $GITHUB_ENV

	- name: Configure AWS credentials on SSWEB Non Production Tooling ECR
	uses: aws-actions/configure-aws-credentials@v4.0.1
	with:
	role-to-assume: ${{ secrets.VOL_AWS_ROLE_TOOLING_NONPROD }}
	role-session-name: GitHub_to_AWS_via_FederatedOIDC
	aws-region: ${{ vars.DVSA_AWS_REGION}}

	- name: Login to ECR
	id: login-ecr-ssweb-tooling-non-prod
	uses: aws-actions/amazon-ecr-login@v2.0.1

	- name: Tag & Push PROD Approved SelfServe Web image
	# if: github.ref == 'refs/heads/master'
	id: push-image
	run: \|
	docker pull ${SSWEB_NONPROD_TOOLING_REPO_URL}:${NONPROD_SSWEB_IMAGE_TAG}
	docker tag ${SSWEB_NONPROD_TOOLING_REPO_URL}:${NONPROD_SSWEB_IMAGE_TAG} ${SSWEB_PROD_TOOLING_REPO_URL}:${PROD_SSWEB_IMAGE_TAG}
	docker push ${SSWEB_PROD_TOOLING_REPO_URL}:${PROD_SSWEB_IMAGE_TAG}

	- name: Sign PROD SelfServe Web image
	uses: dvsa/olcs-backend/.github/actions/image-integrity@feature/AWSRESET1-514
	with:
	aws_signer_profile_arn: ${{ secrets.DVSA_AWS_SSWEB_NONPROD_TOOLING_IMAGE_SIGNING_PROFILE }}
	ecr_tagged_image: ${SSWEB_PROD_TOOLING_REPO_URL}:${PROD_SSWEB_IMAGE_TAG}
	image_sign_create: 'true'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CD QA SELFSERVE WEB #6

Workflow file

CD QA SELFSERVE WEB #6

Jobs

Run details

Workflow file for this run