diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 4f14a7c..afabcd9 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -4,10 +4,11 @@ name: Build & Deploy PROD on: - push: - tags: - - 'v*' - workflow_dispatch: + workflow_call: + inputs: + tag: + required: true + type: string env: AWS_REGION: ${{ secrets.AWS_REGION }} @@ -21,9 +22,10 @@ jobs: build: name: build_deploy_prod runs-on: ubuntu-latest + permissions: - id-token: write - contents: write + contents: read + id-token: write steps: # download the source code into the runner @@ -39,6 +41,7 @@ jobs: with: role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role aws-region: ${{ env.AWS_REGION }} + role-session-name: GithubActions # gather metadata from git & github actions to reference in docker - name: git & github metadata @@ -70,4 +73,3 @@ jobs: service: ${{ env.ECS_SERVICE }} cluster: ${{ env.ECS_CLUSTER }} wait-for-service-stability: true - \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 11fc62b..6e18691 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,18 +1,27 @@ # Copyright 2020 ChainSafe Systems -# SPDX-License-Identifier: LGPL-3.0-only - -name: Release +# SPDX-License-Identifier: LGPL-3.0-only +name: Deploy Release on: push: branches: - - main - + - main jobs: - release-please: + release: + permissions: write-all runs-on: ubuntu-latest + outputs: + release_created: ${{ steps.release.outputs.release_created }} + tag: ${{ steps.release.outputs.tag_name }} steps: - uses: GoogleCloudPlatform/release-please-action@v3.1 - id: release + id: release with: release-type: go - + token: ${{secrets.GITHUB_TOKEN}} + + deploy-services: + needs: release + uses: ChainSafe/nodewatch-api/.github/workflows/build-deploy-prod.yml@main + if: ${{ needs.release.outputs.release_created }} + with: + tag: ${{ needs.release.outputs.tag }}