.github/workflows/apply-prod.yml
name: "Prod"
on:
release:
types: [created]
workflow_dispatch:
inputs:
gratibot_limit:
description: "The amount of fistbumps that a user can give for one day."
required: false
default: "5"
type: string
env:
IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/gratibot
IMAGE_PATH: ${{ github.repository_owner }}/gratibot
permissions:
id-token: write
contents: read
packages: write
jobs:
build:
name: Tag image
runs-on: ubuntu-latest
if: github.event_name == 'push' || contains(fromJSON('["Pactionly", "gesparza3"]'), github.actor)
steps:
- uses: actions/checkout@v4
- name: Generate tag
id: tag
run: echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
- name: Build image
run: docker build . --file Dockerfile --tag $IMAGE_NAME:${{ steps.tag.outputs.tag }} --label "runnumber=${GITHUB_RUN_ID}"
- name: Log into registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Push image
run: docker push $IMAGE_NAME:${{ steps.tag.outputs.tag }}
outputs:
docker_tag: ${{ steps.tag.outputs.tag }}
plan:
name: "Terraform Prod plan"
runs-on: ubuntu-latest
environment:
name: "plan"
needs: build
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Terragrunt
run: |
wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.45.11/terragrunt_linux_amd64
sudo mv terragrunt_linux_amd64 /usr/local/bin/terragrunt
sudo chmod +x /usr/local/bin/terragrunt
- name: Plan Gratibot prod deployment
working-directory: infra/terragrunt/prod/gratibot/
run: |
terragrunt plan
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_TENANT_ID: "1b4a4fed-fed8-4823-a8a0-3d5cea83d122"
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_PROD_SUBSCRIPTION_ID }}
ARM_USE_OIDC: true
TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}"
TF_VAR_gratibot_limit: ${{ inputs.gratibot_limit }}
apply:
name: "Terraform Prod Apply"
runs-on: ubuntu-latest
environment:
name: "prod"
needs: [build, plan]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Terragrunt
run: |
wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.45.11/terragrunt_linux_amd64
sudo mv terragrunt_linux_amd64 /usr/local/bin/terragrunt
sudo chmod +x /usr/local/bin/terragrunt
- name: Deploy Gratibot to Prod
working-directory: infra/terragrunt/prod/gratibot/
run: |
terragrunt apply --terragrunt-non-interactive -auto-approve
env:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_TENANT_ID: "1b4a4fed-fed8-4823-a8a0-3d5cea83d122"
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_PROD_SUBSCRIPTION_ID }}
ARM_USE_OIDC: true
TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}"
GRATIBOT_LIMIT: ${{ inputs.gratibot_limit }}