mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 00:49:03 +00:00
7b31344988
These items fix the github action for use with the updates to the monitoring module. Additionally there were some changes needed to the monitoring module to make it behave inside the GH action. Once this is approved/merged, the new tag for them monitoring module will be created as `tf-mod-addon-monitoring-v1.1.1`
76 lines
2.9 KiB
YAML
76 lines
2.9 KiB
YAML
name: Deploy Dogfood Environment
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
DOCKER_IMAGE:
|
|
description: 'The full name of the docker image to be deployed. (e.g. fleetdm/fleet:v4.30.0). Note: do not use fleetdm/fleet:main directly. Use the short hash instead. If pull-rate limited, try using the quay.io/fleetdm/fleet mirror.'
|
|
required: true
|
|
|
|
# This allows a subsequently queued workflow run to interrupt previous runs
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
|
|
cancel-in-progress: true
|
|
|
|
defaults:
|
|
run:
|
|
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
|
|
shell: bash
|
|
working-directory: infrastructure/dogfood/terraform/aws-tf-module
|
|
|
|
env:
|
|
AWS_REGION: us-east-2
|
|
ECR_REPOSITORY: fleet-test
|
|
AWS_IAM_ROLE: arn:aws:iam::160035666661:role/github-actions-role
|
|
TF_ACTIONS_WORKING_DIR: infrastructure/dogfood/terraform/aws-tf-module
|
|
TF_WORKSPACE: fleet
|
|
TF_VAR_fleet_image: ${{ github.event.inputs.DOCKER_IMAGE || 'fleetdm/fleet:main' }}
|
|
TF_VAR_fleet_license: ${{ secrets.DOGFOOD_LICENSE_KEY }}
|
|
TF_VAR_slack_webhook: ${{ secrets.SLACK_G_HELP_P1_WEBHOOK_URL }}
|
|
TF_VAR_fleet_sentry_dsn: ${{ secrets.DOGFOOD_SENTRY_DSN }}
|
|
TF_VAR_elastic_url: ${{ secrets.ELASTIC_APM_SERVER_URL }}
|
|
TF_VAR_elastic_token: ${{ secrets.ELASTIC_APM_SECRET_TOKEN }}
|
|
|
|
permissions:
|
|
id-token: write
|
|
contents: read # This is required for actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
|
|
|
jobs:
|
|
deploy:
|
|
name: Deploy Fleet Dogfood Environment
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
|
- id: fail-on-main
|
|
run: "false"
|
|
if: ${{ github.ref == 'main' }}
|
|
- uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
|
|
with:
|
|
role-to-assume: ${{env.AWS_IAM_ROLE}}
|
|
aws-region: ${{ env.AWS_REGION }}
|
|
- name: Set up Go
|
|
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
|
|
with:
|
|
go-version: '1.21'
|
|
- uses: hashicorp/setup-terraform@633666f66e0061ca3b725c73b2ec20cd13a8fdd1 # v2.0.3
|
|
with:
|
|
terraform_version: 1.6.3
|
|
terraform_wrapper: false
|
|
- name: Terraform Init
|
|
id: init
|
|
run: terraform init
|
|
- name: Terraform fmt
|
|
id: fmt
|
|
run: terraform fmt -check
|
|
continue-on-error: true
|
|
- name: Terraform Validate
|
|
id: validate
|
|
run: terraform validate -no-color
|
|
- name: Terraform Plan
|
|
id: plan
|
|
run: terraform plan -no-color
|
|
continue-on-error: true
|
|
# first we'll scale everything down and create the new task definitions
|
|
- name: Terraform Apply
|
|
id: apply
|
|
run: terraform apply -auto-approve
|