🚀 Terraform Deploy - dvsa/des-workflow-actions GitHub Wiki
Description
This reusable workflow is used for deployments of the backend to nonprod and prod environments. It is also possible to deploy individual components to the dev environment. This is not required for other environments at the moment as we currently deploy all components when releasing a new version of the backend. The purpose of this reusable workflow is to define the flow of a Terraform deployment, respecting the dependency between components. It uses this reusable workflow to run the Terraform actions for each component. A matrix is used for each component deployment so that we can run a plan and apply. Deployments to UAT, PREP, and LIVE environments have a protection rule to ensure that the plan is reviewed prior to deployment (like a Jenkins gate stage). Each job runs on an EC2 instance, which will have been set up using this action.
Workflow Triggers
On Workflow Call
This workflow is called from the des-terraform repository, where there are caller workflows for deploying to a particular environment. These caller workflows must be manually run to trigger this reusable workflow.
Environment Variables
| Name | Description |
|---|---|
| TARS_DB_CNAME | The DNS record that maps to the TARS database |
| TARS_DB_USERNAME | The username to assume to perform actions on the TARS database |
| TARS_DB_PASSWORD | The password of the user for the TARS database |
| TARS_DMS_USER_PASSWORD | The password of the DMS user for the TARS database |
| TARS_REFDATA_USER_PASSWORD | The password of the ref-data user for the TARS database |
Inputs
| Name | Description | Options |
|---|---|---|
| branch | The Terraform branch to deploy | N/A |
| aws-account | The AWS account to deploy to | N/A |
| tf-environment | The Terraform environment to deploy to | N/A |
| api | Whether to deploy the API component when deploying to dev (default is true for other environments) | true | false |
| drs | Whether to deploy the DRS component when deploying to dev (default is true for other environments) | true | false |
| dms | Whether to deploy the DMS component when deploying to dev (default is true for other environments) | true | false |
| release-tag | The version of the microservices to be deployed | N/A |
| drs-early-run | Whether to deploy the DRS component before the API component (required when changes are made to the ref-data VPC endpoint service) | true | false |
| tf-args | Additional Terraform arguments | N/A |
| full-dms-deploy | Whether to run a full static load when there are changes to the static task | true | false |
| tars-replica-db-script-branch | The branch to run the DB scripts from | N/A |
Artefacts
- A plan is uploaded for each component to the summary.
Notes
artefact-name-prefixis required to avoid GitHub Actions errors relating to uploading identical artefacts to GitHub summary whendrs-early-runis set to true.release-taginput is required for UAT, PREP, and LIVE - dev environments collate the latest function versions.