Skip to content

Release

Release #50

Workflow file for this run

# This workflow runs whenever a GitHub release is created. It gets the version
# number from the git tag, builds and tests TEA, and then uploads the artifacts
# to the public bucket for distribution.
name: Release
on:
release:
types:
- published
jobs:
build:
uses: ./.github/workflows/re-build.yml
with:
environment: prod
test-e2e:
needs:
- build
if: ${{ vars.RUN_TESTS }}
uses: ./.github/workflows/re-test-e2e.yml
with:
environment: test
secrets: inherit
publish:
runs-on: ubuntu-latest
environment: prod
needs:
- build
- test-e2e
if: success() || needs.test-e2e.result == 'skipped'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
AWS_DEFAULT_REGION: ${{ vars.AWS_REGION || 'us-west-2' }}
steps:
- uses: actions/checkout@v3
- name: Load environment defaults
run: cat .github/workflows/config-public/prod.env >> $GITHUB_ENV
- uses: actions/download-artifact@v3
- name: Upload to public code bucket
env:
S3_PATH_PREFIX: s3://${{ env.CODE_BUCKET }}/${{ env.CODE_PREFIX }}
run: |
aws s3 cp ./dependency-layer/thin-egress-app-dependencies.zip ${S3_PATH_PREFIX}${{ needs.build.outputs.dependency-zip }} --acl bucket-owner-full-control --acl public-read
aws s3 cp ./code/thin-egress-app-code.zip ${S3_PATH_PREFIX}${{ needs.build.outputs.code-zip }} --acl bucket-owner-full-control --acl public-read
aws s3 cp ./cloudformation/thin-egress-app.yaml ${S3_PATH_PREFIX}${{ needs.build.outputs.cloudformation-yaml }} --acl bucket-owner-full-control --acl public-read
aws s3 cp ./terraform/thin-egress-app-terraform.zip ${S3_PATH_PREFIX}${{ needs.build.outputs.terraform-zip }} --acl bucket-owner-full-control --acl public-read
echo '{"schemaVersion": 1, "label": "Last Release", "message": "'$GITHUB_REF_NAME'", "color": "success"}' > lastrelease.json
aws s3 cp lastrelease.json s3://${CODE_BUCKET}/thin-egress-app/ \
--metadata-directive REPLACE \
--cache-control no-cache \
--expires '2016-06-14T00:00:00Z' \
--content-type 'application/json' \
--acl bucket-owner-full-control --acl public-read
release-assets:
runs-on: ubuntu-latest
needs:
- build
- test-e2e
if: success() || needs.test-e2e.result == 'skipped'
steps:
- uses: actions/download-artifact@v3
- uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ./dependency-layer/thin-egress-app-dependencies.zip
asset_name: ${{ needs.build.outputs.dependency-zip }}
asset_content_type: application/zip
- uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ./code/thin-egress-app-code.zip
asset_name: ${{ needs.build.outputs.code-zip }}
asset_content_type: application/zip
- uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ./cloudformation/thin-egress-app.yaml
asset_name: ${{ needs.build.outputs.cloudformation-yaml }}
asset_content_type: application/vnd.yaml
- uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ./terraform/thin-egress-app-terraform.zip
asset_name: ${{ needs.build.outputs.terraform-zip }}
asset_content_type: application/zip
status:
if: always()
needs:
- build
- publish
uses: ./.github/workflows/re-status.yml
with:
environment: prod
build_tag: ${{ needs.build.outputs.version }}
success: ${{ needs.build.result != 'failure' && needs.publish.result != 'failure' }}
secrets: inherit