Untitled

mail@pastecode.io avatar
unknown
plain_text
18 days ago
4.4 kB
2
Indexable
Never
# makes sure only one of the CI/CD pipeline is running for a given ref
concurrency:
  group : ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress : false
on:
  workflow_call:
    inputs:
      aws-environment:
        description: The environment to use for IaC deployment (one of dev, staging, prod)
        required: true
        type: string
      aws-account:
        description: The account to use for deployment
        required: true
        type: string
      aws-primary-region:
        description: The primary AWS region to deploy stacks for
        required: true
        type: string
      aws-secondary-region:
        description: The secondary AWS region to deploy stacks for
        required: true
        type: string
      node-version:
        description: The version of Node to use for IaC deployment
        required: false
        type: string
        default: '18'
      python-version:
        description: The version of python to use for IaC deployment
        required: false
        type: string
        default: '3.9'
      stack-specifier:
        description: Parameter specifying service name(s) as a comma separated list to deploy for; can also be set to `all` which will deploy for all available services
        required: false
        type: string
        default: 'all'

jobs:
  deploy-IaC:
    runs-on: ubuntu-latest
    environment: ${{ inputs.aws-environment }}
    strategy:
      fail-fast: false
      max-parallel: 9
      matrix:
        stack-name:
          - prinam-my-fa-${{ inputs.aws-environment }}
          - prinam-my-fa-crims-${{ inputs.aws-environment }}
          - prinam-my-fa-custodians-${{ inputs.aws-environment }}
          - prinam-my-fa-hsbc-${{ inputs.aws-environment }}
          - prinam-my-fa-fnz-${{ inputs.aws-environment }}
          - prinam-my-fa-epam-${{ inputs.aws-environment }}
          - prinam-my-fa-prenav-report-${{ inputs.aws-environment }}
          - prinam-my-fa-redemption-letter-${{ inputs.aws-environment }}

    steps:
      - name: checkout
        uses: actions/checkout@v3

      - name: Download CDK Artifacts
        uses: actions/download-artifact@v4.1.8
        with:
          name: cdk-${{ inputs.aws-environment }}-synth-output

      - name: Unzip CDK Artifacts
        run: unzip cdk-${{ inputs.aws-environment }}.zip

      - name: Verify Stack Available in Current Environment
        id: verify-stack-available
        run: |
          echo "### Stack Availability Summary" >> $GITHUB_STEP_SUMMARY
          if ls -U "cdk.out/${{ inputs.aws-environment }}/${{ inputs.aws-primary-region }}/${{ matrix.stack-name }}.template.json" 1> /dev/null 2>&1; then
            available_templates=$(ls -U "cdk.out/${{ inputs.aws-environment }}/${{ inputs.aws-primary-region }}/${{ matrix.stack-name }}.template.json")
            echo 'template-available=true' >> $GITHUB_OUTPUT
            stack_name=$(echo $available_templates | rev | cut -d/ -f1 | cut -c15- | rev)
            echo "stack-name=$stack_name" >> $GITHUB_OUTPUT
            number_templates_available=$(echo "$available_templates" | wc -l)
            echo ":white_check_mark: $number_templates_available Template(s) Available" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "Available templates:" >> $GITHUB_STEP_SUMMARY
          else
            echo 'template-available=false' >> $GITHUB_OUTPUT
            echo ":x: No Available Templates to Deploy" >> $GITHUB_STEP_SUMMARY
          fi

      - name: Run Deployment with DR
        if: ( steps.verify-stack-available.outputs.template-available == 'true' ) && ( inputs.stack-specifier == 'all' || contains(matrix.stack-name, inputs.stack-specifier) )
        uses: ./.github/actions/cdk-deploy-with-dr
        with:
          aws-environment: ${{ inputs.aws-environment }}
          aws-account: ${{ inputs.aws-account }}
          aws-primary-region: ${{ inputs.aws-primary-region }}
          aws-secondary-region: ${{ inputs.aws-secondary-region }}
          aws-ci-deployment-role: ${{ secrets.AWS_CI_DEPLOYMENT_ROLE }}
          aws-ci-stack-exec-role: ${{ secrets.AWS_CI_CFN_STACK_EXEC_ROLE }}
          aws-ci-post-deployment-role: ${{ secrets.AWS_CI_POST_DEPLOYMENT_ROLE }}
          stack-name: ${{ steps.verify-stack-available.outputs.stack-name }}
Leave a Comment