forked from techmatters/hrm
-
Notifications
You must be signed in to change notification settings - Fork 0
121 lines (107 loc) · 4.62 KB
/
hrm-ecs-reload.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Copyright (C) 2021-2023 Technology Matters
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see https://www.gnu.org/licenses/.
name: 'Reload HRM configuration via forced update'
on:
workflow_dispatch:
inputs:
environment:
description: HRM environment to update. E.G = development, staging, production (must match with the AWS environment value). Default value = development
default: development
required: true
type: choice
options:
- development
- staging
- production
region:
description: AWS region to update. E.G = us-east-1, eu-west-1 (must match with the AWS environment value). Default value = us-east-1
default: us-east-1
required: true
type: choice
options:
- us-east-1
- eu-west-1
- ca-central-1
workflow_call:
secrets:
AWS_ACCESS_KEY_ID:
required: true
AWS_SECRET_ACCESS_KEY:
required: true
# Should probably use the passed in region for everything but the GITHUB_ACTIONS_SLACK_BOT_TOKEN SSM parameter only exists in us-east-1
AWS_DEFAULT_REGION:
required: true
inputs:
environment:
description: HRM environment to update. E.G = development, staging, production (must match with the AWS environment value). Default value = development
type: string
default: development
required: true
region:
description: AWS region to update. E.G = us-east-1, eu-west-1 (must match with the AWS environment value). Default value = us-east-1
type: string
default: us-east-1
required: true
send-slack-message:
description: 'Specifies if should send a Slack message at the end of successful run. Defaults to true'
required: false
default: 'true'
type: string
env:
AWS_DEFAULT_REGION: ${{ inputs.region }}
jobs:
deploy:
name: Update
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ inputs.region }}
- name: Force update of ECS poller service
run: aws ecs update-service --cluster ${{ inputs.environment }}-ecs-cluster --service ${{ inputs.environment }}-job-processor --force-new-deployment
- name: Force update of ECS service
run: aws ecs update-service --cluster ${{ inputs.environment }}-ecs-cluster --service ${{ inputs.environment }}-ecs-service --force-new-deployment
# TODO: force reload of lambdas as well
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
# Set any env vars needed from Parameter Store here
- name: Set GITHUB_ACTIONS_SLACK_BOT_TOKEN
uses: 'marvinpinto/action-inject-ssm-secrets@latest'
with:
ssm_parameter: 'GITHUB_ACTIONS_SLACK_BOT_TOKEN'
env_variable_name: 'GITHUB_ACTIONS_SLACK_BOT_TOKEN'
- name: Set ASELO_DEPLOYS_CHANNEL_ID
uses: 'marvinpinto/action-inject-ssm-secrets@latest'
with:
ssm_parameter: 'ASELO_DEPLOYS_CHANNEL_ID'
env_variable_name: 'ASELO_DEPLOYS_CHANNEL_ID'
# Send Slack notifying success
- name: Slack Aselo channel
id: slack
uses: slackapi/[email protected]
with:
channel-id: ${{ env.ASELO_DEPLOYS_CHANNEL_ID }}
slack-message: '`[HRM]` Service reload requested by `${{ github.triggering_actor }}` to region `${{ inputs.region }}`, environment `${{ inputs.environment }}` :rocket:.'
env:
SLACK_BOT_TOKEN: ${{ env.GITHUB_ACTIONS_SLACK_BOT_TOKEN }}
if: ${{ inputs.send-slack-message != 'false' }}