3224 Audit Logger #7437
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
########################################################################### | |
# GitHub Action Workflow | |
# On assignment of the explicit label `Deploy with CircleCI` to an open PR | |
# in GitHub this action will trigger a deploy job within CircleCI for the | |
# branch defined in the given PR. | |
# | |
# Step 0: Checkout latest commit on current branch | |
# | |
# Step 1: Using the GitHub API make a request to get the latest Status Checks | |
# for the current branch. This will be used to ensure that all checks | |
# have passed in CircleCI prior to making the deployment | |
# Leverages the open source GitHub Action: | |
# https://github.com/octokit/request-action | |
# Makes a request to the combined status checks API in GitHub | |
# https://docs.github.com/en/rest/reference/repos#statuses | |
# | |
# Step 2: Extract the combined state from the GitHub API response and store | |
# only the state value as an output for future steps | |
# | |
# Step 3: If the PR State is `success` make a request to the V2 CircleCI API | |
# to initiate the `dev-deployment` workflow for the current branch. | |
# Leverages the open source GitHub Action: | |
# https://github.com/promiseofcake/circleci-trigger-action | |
########################################################################### | |
name: Deploy PR based on Label | |
on: | |
pull_request: | |
types: | |
- labeled | |
jobs: | |
pr_labeled_deployment: | |
if: startsWith(github.event.label.name, 'Deploy with CircleCI') | |
runs-on: ubuntu-latest | |
name: Initiate deploy job in CircleCI | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Extract Deploy ENV | |
id: extract-deploy-env | |
run: | | |
IFS='-' # hyphen (-) is set as delimiter | |
read -ra ADDR <<< "${{ github.event.label.name }}" # str is read into an array as tokens separated by IFS | |
DEPLOY_ENV="${ADDR[1]}" | |
echo "::set-output name=DEPLOY_ENV::$DEPLOY_ENV" | |
IFS=' ' | |
- name: Get PR Status Checks | |
id: get-pr-checks | |
uses: octokit/[email protected] | |
with: | |
route: GET /repos/{owner}/{repo}/commits/{ref}/status | |
owner: ${{ github.repository_owner }} | |
repo: TANF-app | |
ref: ${{ github.event.pull_request.head.ref }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract current PR state | |
id: get-pr-state | |
run: | | |
STATE=${{ fromJson(steps.get-pr-checks.outputs.data).state }} | |
echo "::set-output name=STATE::$STATE" | |
echo "Current PR state: $STATE" | |
- name: Live Environment Badge | |
uses: schneegans/[email protected] | |
with: | |
auth: ${{ secrets.LIVE_ENV_GIST }} | |
gistID: ded3a260ed8245a5b231ba726b3039df | |
filename: Live-Environments-${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}.json | |
label: ${{steps.extract-deploy-env.outputs.DEPLOY_ENV}} | |
message: "${{ github.head_ref }} - ${{ github.sha }}" | |
color: blue | |
- name: Circle CI Deployment Trigger | |
id: curl-circle-ci | |
if: steps.get-pr-state.outputs.STATE == 'success' | |
uses: promiseofcake/circleci-trigger-action@v1 | |
with: | |
user-token: ${{ secrets.CIRCLE_CI_V2_TOKEN }} | |
project-slug: ${{ github.repository }} | |
branch: ${{ github.head_ref }} | |
payload: '{ | |
"run_dev_deployment": true, | |
"target_env": "${{steps.extract-deploy-env.outputs.DEPLOY_ENV}}", | |
"triggered": true | |
}' |