ministryofjustice · babuharidass11 · Apr 24, 2024 · Apr 23, 2024
diff --git a/.github/actions/cloud-platform-deploy/action.yml b/.github/actions/cloud-platform-deploy/action.yml
@@ -29,6 +29,12 @@ runs:
   steps:
     - uses: actions/checkout@v3
 
+    - name: Get environment details
+      uses: ./.github/actions/get-env-details
+      id: env
+      with:
+        environment: ${{ inputs.environment }}
+
     - name: Authenticate
       uses: ./.github/actions/cloud-platform-auth
       with:
@@ -43,10 +49,9 @@ runs:
       run: |
         eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
         brew install helm
-        cd helm_deploy/${{ github.event.repository.name }}
-        yq -i ".appVersion = \"${{ inputs.version }}\"" "Chart.yaml"
-        helm dependency update .
-        exec helm upgrade '${{ github.event.repository.name }}' . \
+        yq -i ".appVersion = \"${{ inputs.version }}\"" "helm_deploy/${{ github.event.repository.name }}/Chart.yaml"
+        helm dependency update "helm_deploy/${{ github.event.repository.name }}"
+        exec helm upgrade '${{ github.event.repository.name }}' 'helm_deploy/${{ github.event.repository.name }}' \
           --atomic \
           --history-max 10 \
           --force \
@@ -55,5 +60,5 @@ runs:
           --set 'generic-service.image.tag=${{ inputs.version }}' \
           --set 'version=${{ inputs.version }}' \
           --timeout 10m \
-          --values '../values-${{ inputs.environment }}.yaml' \
+          --values 'helm_deploy/${{ steps.env.outputs.values-file }}' \
           --wait
diff --git a/.github/actions/get-env-details/action.yml b/.github/actions/get-env-details/action.yml
@@ -0,0 +1,29 @@
+name: Get environment details
+description: Map the GitHub environment name to the corresponding Namespace environment details
+
+inputs:
+  environment:
+    description: GitHub environment name
+    required: true
+
+outputs:
+  values-file:
+    description: The filename for the values file containing environment configuration
+    value: ${{ steps.cloud-platform.outputs.values-file }}
+  cloud-platform-namespace:
+    description: The name of the corresponding Cloud Platform namespace
+    value: ${{ steps.cloud-platform.outputs.namespace }}
+
+runs:
+  using: "composite"
+  steps:
+    - uses: actions/checkout@v4
+
+    - name: Map GitHub environment to Cloud Platform namespace
+      id: cloud-platform
+      shell: bash
+      run: |
+        if [ '${{ inputs.environment }}' == 'development' ];    then namespace='dev'; fi
+        if [ '${{ inputs.environment }}' == 'production' ];    then namespace='prod'; fi
+        echo "namespace=${namespace}" | tee -a "$GITHUB_OUTPUT"
+        echo "values-file=values-${namespace}.yaml" | tee -a "$GITHUB_OUTPUT"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,9 +1,5 @@
 name: Build
 
-permissions:
-  packages: write
-  contents: read
-
 on:
   workflow_call:
     inputs:

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -2,13 +2,9 @@ name: Deploy
 
 on:
   workflow_call:
-    inputs:
-      github_environment:
-        description: The name of the github environment for deployment secrets
-        type: string
-        required: true        
+    inputs:      
       environment:
-        description: The name of the environment to deploy to
+        description: The name of the environment to deploy to (dev/prod)
         type: string
         required: true
       version:
@@ -18,19 +14,13 @@ on:
 
   workflow_dispatch:
     inputs:
-      github_environment:
-        description: The name of the github environment for deployment secrets
-        type: choice
-        required: true
-        options:
-          - development
-          - production
       environment:
         description: Environment
         type: choice
         required: true
         options:
-          - dev
+          - development
+          - production
       version:
         description: Image version
         type: string
@@ -41,18 +31,23 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
+
     environment:
-      name: ${{ inputs.github_environment }}
+      name: ${{ inputs.environment }}  
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/get-env-details
+        id: env
+        with:
+          environment: ${{ inputs.environment }}
 
-      - name: Deploy to Cloud Platform
+      - name: Deploy to Platform
         uses: ./.github/actions/cloud-platform-deploy
         with:
           environment: ${{ inputs.environment }}
           version: ${{ inputs.version }}
-          api: https://${{ secrets.DEVELOPMENT_KUBE_CLUSTER }}
-          cert: ${{ secrets.DEVELOPMENT_KUBE_CERT }}
-          cluster: ${{ secrets.DEVELOPMENT_KUBE_CLUSTER }}
-          namespace: ${{ secrets.DEVELOPMENT_KUBE_NAMESPACE }}
-          token: ${{ secrets.DEVELOPMENT_KUBE_TOKEN }}
+          api: https://${{ secrets.KUBE_CLUSTER }}
+          cert: ${{ secrets.KUBE_CERT }}
+          cluster: ${{ secrets.KUBE_CLUSTER }}
+          namespace: ${{ secrets.KUBE_NAMESPACE }}
+          token: ${{ secrets.KUBE_TOKEN }}    
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -1,14 +1,23 @@
 name: Pipeline
 
-permissions:
-  packages: write
-  contents: read
-
 on:
   push:
     branches:
       - main
-  workflow_dispatch: # Can be triggered manually from a branch
+
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: Environment
+        type: choice
+        required: true
+        options:
+          - development
+          - production
+      version:
+        description: Image version
+        type: string
+        required: true      
 
 jobs:
   build:
@@ -17,13 +26,23 @@ jobs:
     with:
       push: true
     secrets: inherit
-
-  deploy-to-dev:
+  
+  deploy_to_dev:
     name: Deploy to dev
     uses: ./.github/workflows/deploy.yml
     needs: build
     with:
-      github_environment: development
-      environment: dev
+      environment: development
+      version: ${{ needs.build.outputs.version }}
+    secrets: inherit
+
+  deploy_to_prod:
+    name: Deploy to prod
+    uses: ./.github/workflows/deploy.yml
+    needs:
+      - build
+      - deploy_to_dev # wait for the deploy_to_dev job to complete
+    with:
+      environment: production
       version: ${{ needs.build.outputs.version }}
     secrets: inherit