new cd.yml deployment workflow added + deployment job call in ci work…

…flow
octodemo · Sep 18, 2024 · fd0aab0 · fd0aab0
1 parent a323b1b
commit fd0aab0
Show file tree

Hide file tree

Showing 2 changed files with 90 additions and 3 deletions.
diff --git a/.github/cd.yml b/.github/cd.yml
@@ -0,0 +1,78 @@
+name: CD
+
+concurrency:
+  group: production
+  cancel-in-progress: true
+
+on:
+  workflow_dispatch:
+    inputs:
+      image_tag:
+        required: true
+        type: string
+
+  workflow_call:
+    inputs:
+      image_tag:
+        required: true
+        type: string
+      debug:
+        required: false
+        type: string
+        default: 'false'
+env:
+  RESOURCE_GROUP: "tsvi-rg"
+  VM_NAME: "tsvi-vm"
+
+jobs:
+  staging-end2end-tests:
+    permissions:
+      actions: read
+      id-token: write # This is required for requesting the JWT
+      contents: read  # This is required for actions/checkout
+
+    runs-on: ubuntu-latest
+    environment: STAGE
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Deploy to Kubernetes [STAGING ENVIRONMENT]
+        run: |
+          echo "kubectl apply -f deployments/"
+      
+      - name: UAT TESTS [STAGING ENVIRONMENT]
+        run: |
+          echo "running UAT tests with version tag: ${{ inputs.image_tag }}"
+
+      - name: SMOKE TESTS [STAGING ENVIRONMENT]
+        run: |
+          echo "running SMOKE tests with version tag: ${{ inputs.image_tag }}"
+
+      - name: PERFORMANCE TESTS [STAGING ENVIRONMENT]
+        run: |
+          echo "running PERFORMANCE tests with version tag: ${{ inputs.image_tag }}"
+  
+  production:
+    permissions:
+      actions: read
+      id-token: write # This is required for requesting the JWT
+      contents: read  # This is required for actions/checkout
+
+    runs-on: ubuntu-latest
+    environment: PROD
+    needs: [staging-end2end-tests]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: 'Az CLI Login via OIDC'
+        uses: azure/[email protected]
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Deploy to Azure App [PRODUCTION ENVIRONMENT]
+        run: az vm run-command invoke --resource-group $RESOURCE_GROUP --name $VM_NAME --command-id RunShellScript --scripts "/home/azureuser/dotnet-razor-pages-movie/build_run_in_container.sh IMAGE_TAG=${{ inputs.image_tag }} VERBOSE=${{ inputs.debug }}"
+
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -11,10 +11,10 @@ on:
         required: false
         default: false
       debug_deployment:
-        type: boolean
+        type: string
         description: 'Run the pipeline with debug deployment enabled'
         required: false
-        default: false
+        default: 'false'
 
   # runnnig on push to main and develop branches
   push:
@@ -205,7 +205,7 @@ jobs:
   build-and-publish-docker-image: # job to build the docker image and publish it to the GitHub Container Registry
     runs-on: ubuntu-latest # using the latest ubuntu runner
     outputs:
-      image_tag: ghcr.io/${{ github.repository }}:${{ github.run_number }} # output the image tag to be used in the build-and-publish-docker-image job
+      image_tag: ${{ github.run_number }} # output the image tag to be used in the build-and-publish-docker-image job
     needs: [build, test] # depend on the build job to get the published app artifact
     if: github.ref == 'refs/heads/main' # run this job only when the branch is main branch and not on pull requests or other branches - https://docs.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context
     # permissions for write acces to the packages and id-token and push access to the repository to create the container registry token
@@ -243,6 +243,15 @@ jobs:
           cache-from: type=registry,ref=ghcr.io/${{ github.repository }}:latest # use the docker layer caching to speed up the docker image build process
           cache-to: type=inline
 
+  deploy:
+    needs: [build-and-publish-docker-image] # this job needs build-and-publish-docker-image job as a requirement to run
+    uses: ./.github/workflows/cd.yml
+    with:
+      # with tag from the build-and-publish-docker-image job in the output_tags step
+      image_tag: "${{ needs.build-and-publish-docker-image.outputs.image_tag }}"
+      debug: "${{ github.event.inputs.debug_deployment }}"
+    secrets: inherit
+
   runner-indexes: # job to generate the runner indexes for the unit-parallel-tests job
     runs-on: ubuntu-latest
     name: Generate runner indexes