-
Notifications
You must be signed in to change notification settings - Fork 451
57 lines (53 loc) · 1.65 KB
/
release_and_deploy_passport.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: Release and Deploy Passport
## To use this in a new repo
## 1. Copy this file
## 2. Configure secrets shown below
# PULUMI_ACCESS_TOKEN
# AWS_ACCESS_KEY_ID_PRODUCTION
# AWS_ACCESS_KEY_ID_STAGING
# AWS_SECRET_ACCESS_KEY_PRODUCTION
# AWS_SECRET_ACCESS_KEY_STAGING
# ECR_URL_PRODUCTION
# ECR_URL_STAGING
# ROUTE53_ZONE_ID_PRODUCTION
# ROUTE53_ZONE_ID_STAGING
# IAM_SERVER_SSM_ARN_PRODUCTION
# IAM_SERVER_SSM_ARN_STAGING
## 3. Update input values ("with") below
## 4. Create an environment called "production" and add Required Reviewers
on:
workflow_dispatch:
inputs:
commit:
description: "Leave blank to use current HEAD, or provide an override commit SHA"
type: string
required: false
jobs:
ref:
name: Load Commit Ref
runs-on: ubuntu-latest
steps:
- id: ref
shell: bash
# Default to HEAD of the branch from
# which this workflow was triggered
run: |
echo "refspec=${{ inputs.commit || github.sha }}" >> $GITHUB_OUTPUT
outputs:
refspec: ${{ steps.ref.outputs.refspec }}
deploy_passport:
needs: [ref]
name: Deploy
permissions: write-all
uses: gitcoinco/gh-workflows/.github/workflows/release_and_deploy.yml@main
with:
refspec: ${{ needs.ref.outputs.refspec }}
repo_owner: gitcoinco
repo_name: passport
staging_frontend_branch: staging-app
production_frontend_branch: production-app
# TODO: use values from secrets
staging_domain: iam.staging.passport.gitcoin.co
production_domain: passport-iam.gitcoin.co
ecr_repository: passport
secrets: inherit