Deploying Keycloak-user-management Lambda v0.0.231 to staging #357
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Lambda | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| type: choice | |
| description: 'Environment' | |
| required: true | |
| options: | |
| - intg | |
| - staging | |
| - prod | |
| default: 'intg' | |
| toDeploy: | |
| description: 'Version to deploy' | |
| required: true | |
| run-name: Deploying Keycloak-user-management Lambda ${{inputs.toDeploy}} to ${{inputs.environment}} | |
| permissions: | |
| id-token: write | |
| contents: write | |
| actions: write | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets.WORKFLOW_PAT }} | |
| - name: Configure AWS credentials from management account | |
| uses: aws-actions/configure-aws-credentials@v1-node16 | |
| with: | |
| role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_NUMBER }}:role/TDRGithubActionsDeployLambda${{ secrets.TITLE_STAGE }} | |
| aws-region: eu-west-2 | |
| role-session-name: DeployLambda | |
| - name: Deploy lambda | |
| run: | | |
| aws lambda update-function-code --function-name tdr-create-keycloak-user-s3-${{ github.event.inputs.environment }} --s3-bucket tdr-backend-code-mgmt --s3-key ${{ github.event.inputs.toDeploy }}/keycloak-user-management.jar > /dev/null | |
| aws lambda update-function-code --function-name tdr-create-keycloak-user-api-${{ github.event.inputs.environment }} --s3-bucket tdr-backend-code-mgmt --s3-key ${{ github.event.inputs.toDeploy }}/keycloak-user-management.jar > /dev/null | |
| - name: Send service updated message | |
| uses: slackapi/[email protected] | |
| with: | |
| payload: | | |
| { | |
| "service" : "Keycloak user management", | |
| "version" : "${{ github.event.inputs.toDeploy }}", | |
| "environment": "${{ github.event.inputs.environment }}" | |
| } | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_SUCCESS_WORKFLOW }} | |
| - name: Update release branch | |
| run: | | |
| git branch -f release-${{ github.event.inputs.environment }} HEAD | |
| git push -f origin release-${{ github.event.inputs.environment }} | |
| - name: Run E2E tests | |
| if: github.event.inputs.environment != 'prod' | |
| uses: octokit/[email protected] | |
| with: | |
| route: POST /repos/nationalarchives/tdr-e2e-tests/actions/workflows/ci.yml/dispatches | |
| ref: master | |
| inputs: "{\"environment\": \"${{ github.event.inputs.environment }}\"}" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.WORKFLOW_PAT }} | |
| - name: Send failure message | |
| id: slack | |
| uses: slackapi/[email protected] | |
| if: ${{ failure() }} | |
| with: | |
| payload: | | |
| { | |
| "service" : "Keycloak user management", | |
| "version" : "${{ github.event.inputs.toDeploy }}", | |
| "environment": "${{ github.event.inputs.environment }}" | |
| } | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_FAILURE_WORKFLOW }} |