diff --git a/.github/workflows/deploy_qa.yml b/.github/workflows/deploy_qa.yml new file mode 100644 index 00000000..b2b3ce03 --- /dev/null +++ b/.github/workflows/deploy_qa.yml @@ -0,0 +1,56 @@ +name: Deploy QA + +on: + workflow_dispatch: + inputs: + branch: + description: Branch to deploy + required: true + proceedDeploy: + description: Set to true to skip CDK diff and directly proceed with deployment. Default is false. + required: true + default: 'false' + +concurrency: deploy-qa + +env: + DOCKER_BUILDKIT: '1' + +defaults: + run: + shell: bash + +jobs: + deploy_qa: + name: 05-deploy-qa.sh + permissions: + packages: read + id-token: write + contents: write + runs-on: 'ubuntu-24.04' + steps: + - uses: actions/checkout@v4.2.1 + - name: Checkout all branches and tags with full history + uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} + fetch-depth: 0 + - name: Configure qa AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_AOE_QA_ROLE_ARN }} + role-session-name: aoe-runner-deploy-qa + aws-region: eu-west-1 + + - name: Run CDK Diff + if: ${{ github.event.inputs.proceedDeploy == 'false' }} + run: ./deploy-scripts/05-deploy-qa.sh diff + env: + UTILITY_ACCOUNT_ID: ${{ secrets.UTILITY_ACCOUNT_ID }} + + - name: Run CDK Deploy + if: ${{ github.event.inputs.proceedDeploy == 'true' }} + run: ./deploy-scripts/05-deploy-qa.sh deploy + env: + UTILITY_ACCOUNT_ID: ${{ secrets.UTILITY_ACCOUNT_ID }} + diff --git a/aoe-infra/cdk.sh b/aoe-infra/cdk.sh index 5199248d..1d6a7aca 100755 --- a/aoe-infra/cdk.sh +++ b/aoe-infra/cdk.sh @@ -5,7 +5,7 @@ source "$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/../scripts/common-func main() { use_correct_node_version npm_ci_if_package_lock_has_changed - npx cdk --context environment="$ENV" --context UTILITY_ACCOUNT_ID="$UTILITY_ACCOUNT_ID" "$@" + npx cdk --require-approval never --context environment="$ENV" --context UTILITY_ACCOUNT_ID="$UTILITY_ACCOUNT_ID" "$@" } main "$@"