generated from CDCgov/template
-
Notifications
You must be signed in to change notification settings - Fork 1
236 lines (232 loc) · 10.6 KB
/
ps-remote-cicd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
name: Trigger Processing Status CI/CD Workflow
on:
workflow_dispatch:
inputs:
data-exchange-hl7-workflow:
description: '(Required) Specify CI/CD workflow associated with one function app to trigger autodeploy from CDCEnt/data-exchange-hl7-devops repo'
required: true
type: choice
default: 'deploy-processing-status.yml'
options:
- deploy-processing-status.yml
commitID:
description: '(Optional) Enter Full Commit Hash to trigger redeploy of prior version'
required: false
type: string
data-exchange-hl7-branch:
description: '(Optional) Enter Source Branch to trigger deployment of tip revision to the development or test environment. Defaults to develop branch'
required: false
type: string
default: 'develop'
targetEnv:
description: 'Environment to deploy'
required: true
type: string
default: 'dev'
pull_request:
types:
- synchronize
- opened
branches:
- 'develop'
- 'main'
paths:
- processing-status-api-function-app/**
push:
branches:
- 'develop'
- 'main'
paths:
- processing-status-api-function-app/**
jobs:
invoke-manual-cicd-trigger:
if: github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
name: Invoke ${{ inputs.data-exchange-hl7-workflow }}
environment: dev
env:
GH_TOKEN: ${{ github.token }}
steps:
- name: Gen GitHub App Access Token For Manual Trigger
id: github-app-token
run: |
echo ${{ github.workspace }}
if [ ! -d data-exchange-hl7 ]; then git clone https://github.com/kave/github-app-token.git; fi;
sudo tree -df
cd github-app-token
sudo gem install jwt
echo "${{ secrets.CDC_COE_BOTFREY_PEM }}" > app-private-key.pem
chmod +x ./get-github-app-access-token.sh;
. ./get-github-app-access-token.sh;
echo "access_token=${TOKEN}" >> "$GITHUB_ENV"
- name: Git Commit SHA
id: getsha
run: |
echo "sha=${{ inputs.commitID }}" >> "$GITHUB_ENV"
- name: Manually Dispatch Remote CICD Trigger Event
id: manual-devops-wkflow-dispatch
uses: aurelien-baudet/[email protected]
with:
workflow: '${{ github.event.inputs.data-exchange-hl7-workflow }}'
repo: cdcent/data-exchange-hl7-devops
token: ${{ env.access_token }}
inputs: '{ "targetEnv": "${{ github.event.inputs.targetEnv }}", "commitID": "${{ env.sha }}", "data-exchange-hl7-branch": "${{ github.event.inputs.data-exchange-hl7-branch }}" }'
ref: 'main'
wait-for-completion: true
wait-for-completion-timeout: 120m
wait-for-completion-interval: 300s
display-workflow-run-url: true
# workflow-logs: print --- This nice-to-have feature is documented in readme but apparantly not implemented in current version - follow up required
# uses: actions/[email protected]
# with:
# debug: ${{ secrets.ACTIONS_RUNNER_DEBUG }}
# github-token: '${{ env.access_token }}'
# script: |
# try {
# const result = await github.rest.actions.createWorkflowDispatch({
# owner: 'cdcent',
# repo: 'data-exchange-hl7-devops',
# workflow_id: '${{ github.event.inputs.data-exchange-hl7-workflow }}',
# ref: 'main',
# inputs: {
# commitID: '${{ steps.getsha.outputs.commitID }}',
# 'data-exchange-hl7-branch': '${{ github.event.inputs.data-exchange-hl7-branch }}'
# }
# })
# console.log(result);
# } catch(error) {
# console.error(error);
# core.setFailed(error);
# }
prepare-remote-cicd:
permissions: write-all
if: github.event_name != 'workflow_dispatch'
runs-on: ubuntu-latest
environment: dev
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
merge_branch: ${{ steps.gettargetbranch.outputs.target_branch }}
env:
GH_TOKEN: ${{ github.token }}
steps:
- name: Get PR Commits
if: ${{ github.event_name }} == 'pull_request'
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Get User Commits
uses: actions/checkout@v3
with:
ref: ${{ github.ref }}
fetch-depth: 0
- name: Get PR Merge Target Branch
id: gettargetbranch
run: |
if [[ ${{ github.event_name }} == 'pull_request' ]];
then
echo "target_branch=${{ github.base_ref }}" >> "$GITHUB_ENV"
echo "target_branch=${{ github.base_ref }}" >> "$GITHUB_OUTPUT"
else
echo "target_branch=${{ github.ref_name }}" >> "$GITHUB_ENV"
echo "target_branch=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
fi
# Create a list (matrix) of workflow IDs to trigger based on folders impacted by file changes in current branch
# Convert workflow shell array into a stringified JSON so it can be bound to matrix workflow_id property used in invoke job
# Autodeploy on Push (PR merge) to develop or main branch. All other Push events targeting feature branches will be trated as
# Pull_Request event and will trigger CI (unit test) workflow
- name: Determine Processing Status Workflow(s) to Trigger
id: set-matrix
run: |
workflows=()
commitfldrs=$(git log -m -1 --name-only --pretty="format:"${{ github.sha }})
echo " Files Changed in PR commit: $commitfldrs"
if [[ ${{ github.event_name }} == 'push' && (${{ github.ref_name }} == 'develop' || ${{ github.ref_name }} == 'main' ) ]];
then
case $commitfldrs in
*processing-status-api-function-app*) workflows+=("deploy-processing-status.yml") ;;&
*) ;;
esac
else
case $commitfldrs in
*processing-status-api-function-app*) workflows+=("ci-processing-status.yml") ;;&
*) ;;
esac
fi
for value in "${workflows[@]}"
do
echo "$value will be triggered as part of this PR"
echo "matrix=${workflows[@]}" >> "$GITHUB_ENV"
echo "matrix=${workflows[@]}" >> "$GITHUB_OUTPUT"
done
echo "matrix=$(printf '%s\n' "${workflows[@]}" | jq -R . | jq -cs )" >> "$GITHUB_OUTPUT"
echo "matrix=$(printf '%s\n' "${workflows[@]}" | jq -R . | jq -cs )" >> "$GITHUB_ENV"
echo "deploy workflows=${workflows[@]}"
- name: No CI/CD Notification
id: no-cicd-notice
if: fromJson(env.matrix)[0] == null
run: |
echo "No testable,deployable changes Detected in Processing Status Build Workspace"
trigger-remote-cicd:
if: ${{ github.event_name != 'workflow_dispatch' && fromJson(needs.prepare-remote-cicd.outputs.matrix)[0] != null }}
needs: prepare-remote-cicd
runs-on: ubuntu-latest
name: Dispatch ${{ matrix.workflow_id }} Workflow
strategy:
fail-fast: false
matrix:
workflow_id: ${{fromJson(needs.prepare-remote-cicd.outputs.matrix)}}
environment: dev
steps:
- name: Gen GitHub App Access Token for Automated Trigger
id: github-app-token
run: |
echo ${{ github.workspace }}
if [ ! -d github-app-token ]; then git clone https://github.com/kave/github-app-token.git; fi;
sudo tree -df
cd github-app-token
sudo gem install jwt
echo "${{ secrets.CDC_COE_BOTFREY_PEM }}" > app-private-key.pem
chmod +x ./get-github-app-access-token.sh;
. ./get-github-app-access-token.sh;
echo "access_token=${TOKEN}" >> "$GITHUB_ENV"
- name: Get Commit SHA
id: getsha
run: |
echo "commitID=$(echo ${GITHUB_SHA})" >> $GITHUB_OUTPUT
- name: Automatically Dispatch Remote CICD Trigger Event
id: auto-devops-wkflow-dispatch
if: ${{ matrix.workflow_id != '' }}
uses: aurelien-baudet/[email protected]
with:
workflow: ${{ matrix.workflow_id }}
repo: cdcent/data-exchange-hl7-devops
token: ${{ env.access_token }}
inputs: '{ "targetEnv": "dev", "commitID": "${{ steps.getsha.outputs.commitID }}", "data-exchange-hl7-branch": "${{ needs.prepare-remote-cicd.outputs.merge_branch }}" }'
ref: 'main'
wait-for-completion: true
wait-for-completion-timeout: 120m
wait-for-completion-interval: 300s
display-workflow-run-url: true
# workflow-logs: print
# uses: actions/[email protected]
# with:
# debug: ${{ secrets.ACTIONS_RUNNER_DEBUG }}
# github-token: '${{ env.access_token }}'
# script: |
# try {
# const result = await github.rest.actions.createWorkflowDispatch({
# owner: 'cdcent',
# repo: 'data-exchange-hl7-devops',
# workflow_id: '${{ matrix.workflow_id }}',
# ref: 'main',
# inputs: {
# commitID: '${{ steps.getsha.outputs.commitID }}',
# 'data-exchange-hl7-branch': '${{ needs.prepare-remote-cicd.outputs.merge_branch }}'
# }
# })
# console.log(result);
# } catch(error) {
# console.error(error);
# core.setFailed(error);
# }