-
Notifications
You must be signed in to change notification settings - Fork 1
84 lines (77 loc) · 3.27 KB
/
reusable-database-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
name: Azure Deployment - CosmosDB
on:
workflow_call:
inputs:
ghaEnvironment:
required: true
type: string
azResourceGrpNetworkEncrypted:
required: true
type: string
apiFunctionName:
required: true
type: string
dataflowsFunctionName:
required: true
type: string
environmentHash:
required: true
type: string
outputs:
e2eCosmosDbExists:
description: 'Does E2E Cosmos DB Already Exists before deployment'
value: ${{ jobs.deploy-db.outputs.e2eCosmosDbExists }}
jobs:
deploy-db:
runs-on: ubuntu-latest
environment: ${{ inputs.ghaEnvironment }}
outputs:
e2eCosmosDbExists: ${{ steps.e2eDbExists.outputs.e2eCosmosDbExists }}
steps:
- uses: actions/checkout@main
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- uses: cloudposse/github-action-secret-outputs@main
id: rgNetwork
with:
secret: ${{ secrets.PGP_SIGNING_PASSPHRASE }}
op: decode
in: ${{ inputs.azResourceGrpNetworkEncrypted }}
- name: Generate E2E name
id: generateE2eName
run: |
e2eDatabaseName="${{ secrets.AZ_COSMOS_DATABASE_NAME }}-e2e"
if [[ ${{ inputs.ghaEnvironment }} != "Main-Gov" ]]; then
echo "Adding suffix to database name"
e2eDatabaseName="${e2eDatabaseName}-${{ inputs.environmentHash }}"
fi
echo "e2eDatabaseName=${e2eDatabaseName}" >> $GITHUB_OUTPUT
- name: Check if E2E CosmosDb exists
uses: azure/cli@v2
id: e2eDbExists
with:
azcliversion: 2.62.0
inlineScript: |
cmd="az cosmosdb mongodb database exists --account-name ${{ secrets.AZ_COSMOS_MONGO_ACCOUNT_NAME }} -n ${{ steps.generateE2eName.outputs.e2eDatabaseName }} -g ${{ secrets.AZURE_RG }} -o tsv"
echo $cmd
e2eCosmosDbExists=$($cmd)
echo "e2eCosmosDbExists=${e2eCosmosDbExists}" >> $GITHUB_OUTPUT
- name: Deploy Cosmos MongoDB
id: azure-mongodb-deploy
run: |
allowedNetworks=$(az network vnet subnet list -g ${{ steps.rgNetwork.outputs.out }} --vnet-name ${{ vars.AZ_NETWORK_VNET_NAME }} --query "[?name=='snet-${{ inputs.apiFunctionName }}' || name=='snet-${{inputs.dataflowsFunctionName}}'].id" -o json)
./ops/scripts/pipeline/az-cosmos-deploy.sh \
-g ${{ secrets.AZURE_RG }} \
--accountName ${{ secrets.AZ_COSMOS_MONGO_ACCOUNT_NAME }} \
--databaseName ${{ secrets.AZ_COSMOS_DATABASE_NAME }} \
--environmentName ${{ inputs.ghaEnvironment }} \
--allowedNetworks "${allowedNetworks}" \
--analyticsWorkspaceId ${{ secrets.AZ_ANALYTICS_WORKSPACE_ID }} \
--actionGroupResourceGroup ${{ secrets.AZ_ANALYTICS_RG }} \
--actionGroupName ${{ secrets.AZ_ACTION_GROUP_NAME }} \
--keyVaultName ${{ secrets.AZ_KV_APP_CONFIG_NAME }} \
--kvResourceGroup ${{ secrets.AZ_KV_APP_CONFIG_RG_NAME }} \
--branchHashId ${{ inputs.environmentHash || 'DOES_NOT_EXIST' }} \
--e2eCosmosDbExists ${{ steps.e2eDbExists.outputs.e2eCosmosDbExists }}