Skip to content

Pass health check IDs to deploy #10

Pass health check IDs to deploy

Pass health check IDs to deploy #10

Workflow file for this run

name: Deploy hosted zone and checks
on:
workflow_dispatch:
push:
branches:
- main
paths:
- .github/workflows/deploy.yml
- template.yml
- package.json
- yarn.lock
- components/**
concurrency:
group: ${{ github.workflow }}
permissions:
id-token: write
contents: read
jobs:
check-project-std:
uses: ./.github/workflows/check-project-std.yml
deploy-connection-checks:
runs-on: ubuntu-latest
needs: [check-project-std]
strategy:
matrix:
# Regions where FTP servers are running
target-region: [us-east-1, us-west-2]
# Regions where connection checks should be run from
check-region: [us-east-1, us-east-2, us-west-2]
steps:
- uses: actions/checkout@v4
- uses: aws-actions/setup-sam@v2
with:
use-installer: true
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ matrix.check-region }}
role-to-assume: arn:aws:iam::561178107736:role/PRX-GHA-AccessRole
role-session-name: gha-deploy-prxtransfer-dns-connection-checker
- name: Deploy connection check
working-directory: components/ftp-connection-check
env:
FTP_USER: ${{ secrets.ftp_user }}
FTP_PASSWORD: ${{ secrets.ftp_password }}
# Lookup the Transfer Family NLB hostname for the current matrix target
# region and deploy a connection check to the current check region
# for that server.
run: |
stack_name="ftp-connection-check-targeting-${{ matrix.target-region }}"
nlb_hostname=$(aws cloudformation describe-stacks --region ${{ matrix.target-region }} --stack-name infrastructure-cd-root-production --query "Stacks[0].Outputs[?OutputKey=='ExchangeFtpServerNlbDnsName'].OutputValue" --output text)
sam build && sam deploy \
--region ${{ matrix.check-region }} \
--no-confirm-changeset \
--no-fail-on-empty-changeset \
--stack-name "$stack_name" \
--resolve-s3 \
--no-progressbar \
--s3-prefix prxtransfer-dns \
--capabilities CAPABILITY_IAM \
--role-arn arn:aws:iam::561178107736:role/PRX-GHA-ServiceRoleForCloudFormation \
--parameter-overrides "FtpServerHostname=$nlb_hostname HealthCheckFtpUser=\"$FTP_USER\" HealthCheckFtpPassword=\"$FTP_PASSWORD\""
check_id=$(aws cloudformation describe-stacks --region ${{ matrix.check-region }} --stack-name "$stack_name" --query "Stacks[0].Outputs[?OutputKey=='HealthCheckId'].OutputValue" --output text)
echo "$check_id" > health_check_id
- name: Capture health check ID
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.check-region }}-targeting-${{ matrix.target-region }}
path: components/ftp-connection-check/health_check_id
retention-days: 1
deploy-hosted-zone:
runs-on: ubuntu-latest
needs: [deploy-connection-checks]
steps:
- uses: actions/checkout@v4
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::561178107736:role/PRX-GHA-AccessRole
role-session-name: gha-deploy-prxtransfer-dns-connection-checker
- name: Fetch health check IDs
uses: actions/download-artifact@v4
with:
path: components/hosted-zone
- name: Deploy hosted zone stack
working-directory: components/hosted-zone
run: |
ls -R
# Look up NLB hostnames for staging servers
stag_use1_nlb_hostname=$(aws cloudformation describe-stacks --stack-name infrastructure-cd-root-staging --query "Stacks[0].Outputs[?OutputKey=='ExchangeFtpServerNlbDnsName'].OutputValue" --output text --region us-east-1)
stag_usw2_nlb_hostname=$(aws cloudformation describe-stacks --stack-name infrastructure-cd-root-staging --query "Stacks[0].Outputs[?OutputKey=='ExchangeFtpServerNlbDnsName'].OutputValue" --output text --region us-west-2)
# Look up NLB hostnames for production servers
prod_use1_nlb_hostname=$(aws cloudformation describe-stacks --stack-name infrastructure-cd-root-production --query "Stacks[0].Outputs[?OutputKey=='ExchangeFtpServerNlbDnsName'].OutputValue" --output text --region us-east-1)
prod_usw2_nlb_hostname=$(aws cloudformation describe-stacks --stack-name infrastructure-cd-root-production --query "Stacks[0].Outputs[?OutputKey=='ExchangeFtpServerNlbDnsName'].OutputValue" --output text --region us-west-2)
# Create a comma-delimited list of us-east-1 health check IDs
find . -path "*-targeting-us-east-1/health_check_id" -type f -exec cat {} \; > us_east_1
us_east_1_check_ids=$(cat us_east_1 | awk '{printf("%s,",$0)}' | sed 's/,\s*$//')
# Create a comma-delimited list of us-west-2 health check IDs
find . -path "*-targeting-us-west-2/health_check_id" -type f -exec cat {} \; > us_west_2
us_west_2_check_ids=$(cat us_west_2 | awk '{printf("%s,",$0)}' | sed 's/,\s*$//')
# Deploy the stack using all the values collected
aws cloudformation deploy \
--template-file template.yml \
--no-fail-on-empty-changeset \
--region us-east-1 \
--stack-name dev-hostedzone-prxtransfer-org \
--role-arn arn:aws:iam::561178107736:role/PRX-GHA-ServiceRoleForCloudFormation \
--parameter-overrides \
StagNlbHostnameUSEAST1=$stag_use1_nlb_hostname \
StagNlbHostnameUSWEST2=$stag_usw2_nlb_hostname \
ProdNlbHostnameUSEAST1=$prod_use1_nlb_hostname \
ProdNlbHostnameUSWEST2=$prod_usw2_nlb_hostname \
ProdHealthCheckIdsTargetingUSEAST1=$us_east_1_check_ids
ProdHealthCheckIdsTargetingUSWEST2=$us_west_2_check_ids