Skip to content

Deploy Application

Deploy Application #10

Workflow file for this run

name: Deploy Application
on:
workflow_run:
workflows: ["Build Pipeline"]
types: [completed]
jobs:
setup:
runs-on: ubuntu-latest
outputs:
DB_USERNAME: ${{ steps.get-secrets.outputs.db_username }}
DB_PASSWORD: ${{ steps.get-secrets.outputs.db_password }}
DB_HOST: ${{ steps.get-secrets.outputs.db_host }}
DB_NAME: ${{ steps.get-secrets.outputs.db_name }}
DJANGO_KEY: ${{ steps.get-secrets.outputs.django_key }}
AWS_STORAGE_BUCKET_NAME: ${{ steps.get-secrets.outputs.aws_storage_bucket_name }}
AWS_S3_REGION_NAME: ${{ steps.get-secrets.outputs.aws_s3_region_name }}
COGNITO_USER_POOL_ID: ${{ steps.get-secrets.outputs.cognito_user_pool_Id }}
COGNITO_APP_CLIENT_ID: ${{ steps.get-secrets.outputs.cognito_app_client_id }}
COGNITO_APP_CLIENT_SECRET: ${{ steps.get-secrets.outputs.congito_app_client_secret }}
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-southeast-1
- name: Retrieve secrets from AWS Secrets Manager
id: get-secrets
run: |
DB_SECRET_STRING=$(aws secretsmanager get-secret-value --secret-id db_credentials --query SecretString --output text)
echo "db_username=$(echo $DB_SECRET_STRING | jq -r .username)" >> $GITHUB_OUTPUT
echo "db_password=$(echo $DB_SECRET_STRING | jq -r .password)" >> $GITHUB_OUTPUT
echo "db_host=$(echo $DB_SECRET_STRING | jq -r .host)" >> $GITHUB_OUTPUT
echo "db_name=$(echo $DB_SECRET_STRING | jq -r .dbname)" >> $GITHUB_OUTPUT
SECRET_STRING=$(aws secretsmanager get-secret-value --secret-id secrets --query SecretString --output text)
echo "django_key=$(echo $SECRET_STRING | jq -r .DJANGO_KEY)" >> $GITHUB_OUTPUT
echo "aws_storage_bucket_name=$(echo $SECRET_STRING | jq -r .AWS_STORAGE_BUCKET_NAME)" >> $GITHUB_OUTPUT
echo "aws_s3_region_name=$(echo $SECRET_STRING | jq -r .AWS_S3_REGION_NAME)" >> $GITHUB_OUTPUT
echo "cognito_user_pool_Id=$(echo $SECRET_STRING | jq -r .COGNITO_USER_POOL_ID)" >> $GITHUB_OUTPUT
echo "cognito_app_client_id=$(echo $SECRET_STRING | jq -r .COGNITO_APP_CLIENT_ID)" >> $GITHUB_OUTPUT
echo "congito_app_client_secret=$(echo $SECRET_STRING | jq -r .COGNITO_APP_CLIENT_SECRET)" >> $GITHUB_OUTPUT
terraform:
env:
TF_CLOUD_ORGANIZATION: "microvan"
TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}"
TF_WORKSPACE: "microvan"
CONFIG_DIRECTORY: "./terraform"
name: "Terraform Apply"
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Upload Configuration
uses: hashicorp/tfc-workflows-github/actions/[email protected]
id: apply-upload
with:
workspace: ${{ env.TF_WORKSPACE }}
directory: ${{ env.CONFIG_DIRECTORY }}
- name: Create Apply Run
uses: hashicorp/tfc-workflows-github/actions/[email protected]
id: apply-run
with:
workspace: ${{ env.TF_WORKSPACE }}
configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
- name: Apply
uses: hashicorp/tfc-workflows-github/actions/[email protected]
if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
id: apply
with:
run: ${{ steps.apply-run.outputs.run_id }}
comment: "Apply Run from GitHub Actions CI ${{ github.sha }}"
deploy_backend:
needs: ["terraform", "setup"]
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./backend
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
DB_USERNAME: ${{ needs.setup.outputs.DB_USERNAME }}
DB_PASSWORD: ${{ needs.setup.outputs.DB_PASSWORD }}
DB_HOST: ${{ needs.setup.outputs.DB_HOST }}
DB_NAME: ${{ needs.setup.outputs.DB_NAME }}
SECRET_KEY: ${{ needs.setup.outputs.DJANGO_KEY }}
AWS_STORAGE_BUCKET_NAME: ${{ needs.setup.outputs.AWS_STORAGE_BUCKET_NAME }}
AWS_S3_REGION_NAME: ${{ needs.setup.outputs.AWS_S3_REGION_NAME }}
COGNITO_USER_POOL_ID: ${{ needs.setup.outputs.COGNITO_USER_POOL_ID }}
COGNITO_APP_CLIENT_ID: ${{ needs.setup.outputs.COGNITO_APP_CLIENT_ID }}
COGNITO_APP_CLIENT_SECRET: ${{ needs.setup.outputs.COGNITO_APP_CLIENT_SECRET }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v3
with:
python-version: '3.10'
- name: Install dependencies
run: |
pip install pipenv
pipenv install --dev
- name: Zappa Deploy or Update
run: |
pipenv run zappa update production
- name: Apply Django migrations
run: |
pipenv run zappa manage production "migrate"
deploy_frontend:
needs: ["terraform", "setup"]
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./frontend
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: '14'
- name: Install dependencies
run: |
npm install
- name: Build
run: |
npm run build
- name: Install Railway
run: npm i -g @railway/cli
- name: Deploy
run: railway up
env:
RAILWAY_TOKEN: ${{ secrets.RAILWAY_TOKEN }}