[ISSUE 406] Fix deploy Github Actions workflow (#407)

.github/workflows/build-and-publish.yml

@@ -3,12 +3,20 @@ name: Build and Publish
 on:
   workflow_call:
     inputs:
+      app_name:
+        description: "name of application folder under infra directory"
+        required: true
+        type: string
       ref:
         description: The branch, tag or SHA to checkout. When checking out the repository that triggered a workflow, this defaults to the reference or SHA for that event. Otherwise, use branch or tag that triggered the workflow run.
         required: true
         type: string
   workflow_dispatch:
     inputs:
+      app_name:
+        description: "name of application folder under infra directory"
+        required: true
+        type: string
       ref:
         description: The branch, tag or SHA to checkout. When checking out the repository that triggered a workflow, this defaults to the reference or SHA for that event. Otherwise, use branch or tag that triggered the workflow run.
         required: true
@@ -29,13 +37,13 @@ jobs:
           ref: ${{ inputs.ref }}
 
       - name: Build release
-        run: make release-build
+        run: make APP_NAME=${{ inputs.app_name }} release-build
 
       - name: Configure AWS credentials
         uses: ./.github/actions/configure-aws-credentials
         with:
-          app_name: frontend
+          app_name: ${{ inputs.app_name }}
           environment: shared
 
       - name: Publish release
-        run: make release-publish
+        run: make APP_NAME=${{ inputs.app_name }} release-publish

.github/workflows/cd-frontend.yml

@@ -0,0 +1,36 @@
+name: Deploy Frontend
+# Need to set a default value for when the workflow is triggered from a git push
+# which bypasses the default configuration for inputs
+run-name: Deploy ${{ github.ref_name }} to Frontend ${{ inputs.environment || 'dev' }}
+
+on:
+  push:
+    branches:
+      - "main"
+    paths:
+      - "frontend/**"
+      - "bin/**"
+      - "infra/**"
+  workflow_dispatch:
+    inputs:
+      app_name:
+        description: "name of application folder under infra directory"
+        default: frontend
+        required: true
+        type: string
+      environment:
+        description: "target environment"
+        required: true
+        default: "dev"
+        type: choice
+        options:
+          - dev
+          - prod
+
+jobs:
+  deploy:
+    name: Deploy
+    uses: ./.github/workflows/deploy.yml
+    with:
+      app_name: ${{ inputs.app_name || 'frontend' }}
+      environment: ${{ inputs.environment || 'dev' }}

.github/workflows/ci-infra.yml

@@ -13,6 +13,9 @@ on:
       - test/**
       - .github/workflows/ci-infra.yml
 
+env:
+  APP_NAME: frontend
+
 jobs:
   check-terraform-format:
     name: Check Terraform format
@@ -71,33 +74,33 @@ jobs:
         uses: aquasecurity/[email protected]
         with:
           github_token: ${{ github.token }}
-  # !! Uncomment to trigger automated infra tests once dev environment is set up
-  # infra-test-e2e:
-  #   name: End-to-end tests
-  #   runs-on: ubuntu-latest
-  #
-  #   permissions:
-  #     contents: read
-  #     id-token: write
-  #
-  #   steps:
-  #     - uses: actions/checkout@v3
 
-  #     - uses: hashicorp/setup-terraform@v2
-  #       with:
-  #         terraform_version: 1.2.1
-  #         terraform_wrapper: false
+  infra-test-e2e:
+    name: End-to-end tests
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      id-token: write
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.2.1
+          terraform_wrapper: false
 
-  #     - uses: actions/setup-go@v3
-  #       with:
-  #         go-version: ">=1.19.0"
+      - uses: actions/setup-go@v3
+        with:
+          go-version: ">=1.19.0"
 
-  #     - name: Configure AWS credentials
-  #       uses: ./.github/actions/configure-aws-credentials
-  #       with:
-  #         app_name: frontend
-  #         # Run infra CI on dev environment
-  #         environment: dev
+      - name: Configure AWS credentials
+        uses: ./.github/actions/configure-aws-credentials
+        with:
+          app_name: frontend
+          # Run infra CI on dev environment
+          environment: dev
 
-  #     - name: Run Terratest
-  #       run: make infra-test
+      - name: Run Terratest
+        run: make APP_NAME=${{ env.APP_NAME }} infra-test

.github/workflows/ci-vulnerability-scans.yml

@@ -56,8 +56,8 @@ jobs:
       - name: Build and tag Docker image for scanning
         id: build-image
         run: |
-          make release-build
-          IMAGE_NAME=$(make release-image-name)
+          make APP_NAME=${{ env.APP_NAME }} release-build
+          IMAGE_NAME=$(make APP_NAME=${{env.APP_NAME}} release-image-name)
           IMAGE_TAG=$(make release-image-tag)
           echo "image=$IMAGE_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
 
@@ -86,8 +86,8 @@ jobs:
       - name: Build and tag Docker image for scanning
         id: build-image
         run: |
-          make release-build
-          IMAGE_NAME=$(make release-image-name)
+          make APP_NAME=${{ env.APP_NAME }} release-build
+          IMAGE_NAME=$(make APP_NAME=${{ env.APP_NAME }} release-image-name)
           IMAGE_TAG=$(make release-image-tag)
           echo "image=$IMAGE_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
 
@@ -111,8 +111,8 @@ jobs:
       - name: Build and tag Docker image for scanning
         id: build-image
         run: |
-          make release-build
-          IMAGE_NAME=$(make release-image-name)
+          make APP_NAME=${{ env.APP_NAME }} release-build
+          IMAGE_NAME=$(make APP_NAME=${{ env.APP_NAME }} release-image-name)
           IMAGE_TAG=$(make release-image-tag)
           echo "image=$IMAGE_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
 

.github/workflows/database-migrations.yml

@@ -5,7 +5,7 @@ on:
     inputs:
       app_name:
         description: "name of application folder under infra directory"
-        default: frontend
+        required: true
         type: string
       environment:
         description: "the name of the application environment (e.g. dev, staging, prod)"
@@ -19,6 +19,7 @@ jobs:
     name: Build
     uses: ./.github/workflows/build-and-publish.yml
     with:
+      app_name: ${{ inputs.app_name }}
       ref: ${{ github.ref }}
   run-migrations:
     name: Run migrations

.github/workflows/deploy.yml

@@ -1,37 +1,18 @@
 name: Deploy
-# Need to set a default value for when the workflow is triggered from a git push,
-# which bypasses the default configuration for inputs and cannot use env.ENVIRONMENT
-# since env context is not accessible in this context
-run-name: Deploy ${{ github.ref_name }} to ${{ inputs.environment || 'dev' }}
 
 on:
-  # !! Uncomment the following lines once you've set up the dev environment and ready to turn on continuous deployment
-  # push:
-  #   branches:
-  #     - 'main'
-  #   paths:
-  #     - 'frontend/**'
-  #     - 'bin/**'
-  #     - 'infra/**'
-  workflow_dispatch:
+  workflow_call:
     inputs:
+      app_name:
+        description: "name of application folder under infra directory"
+        required: true
+        type: string
       environment:
-        description: "target environment"
+        description: "the name of the application environment (e.g. dev, staging, prod)"
         required: true
-        default: "dev"
-        type: choice
-        options:
-          - dev
-          - prod
-
-env:
-  APP_NAME: frontend
-  # Need to set a default value for when the workflow is triggered from a git push,
-  # which bypasses the default configuration for inputs
-  ENVIRONMENT: ${{ inputs.environment || 'dev' }}
+        type: string
 
-# Need to repeat the expression since env.ENVIRONMENT is not accessible in this context
-concurrency: cd-${{ inputs.environment || 'dev' }}
+concurrency: cd-${{ inputs.environment }}
 
 jobs:
   # Don't need to call the build-and-publish workflow since the database-migrations
@@ -40,7 +21,8 @@ jobs:
     name: Database migrations
     uses: ./.github/workflows/database-migrations.yml
     with:
-      environment: ${{ inputs.environment || 'dev' }}
+      app_name: ${{ inputs.app_name }}
+      environment: ${{ inputs.environment }}
   deploy:
     name: Deploy
     runs-on: ubuntu-latest
@@ -54,8 +36,8 @@ jobs:
       - name: Configure AWS credentials
         uses: ./.github/actions/configure-aws-credentials
         with:
-          app_name: ${{ env.APP_NAME }}
-          environment: ${{ env.ENVIRONMENT }}
+          app_name: ${{ inputs.app_name }}
+          environment: ${{ inputs.environment }}
 
       - name: Deploy release
-        run: make release-deploy APP_NAME=$APP_NAME ENVIRONMENT="$ENVIRONMENT"
+        run: make release-deploy APP_NAME=${{ inputs.app_name }} ENVIRONMENT=${{ inputs.environment }}

Makefile

@@ -47,6 +47,7 @@ infra-set-up-account: ## Configure and create resources for current AWS profile
 	./bin/set-up-current-account.sh $(ACCOUNT_NAME)
 
 infra-configure-app-build-repository: ## Configure infra/$APP_NAME/build-repository tfbackend and tfvars files
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
 	./bin/configure-app-build-repository.sh $(APP_NAME)
 
 infra-configure-app-database: ## Configure infra/$APP_NAME/database module's tfbackend and tfvars files for $ENVIRONMENT
@@ -55,6 +56,7 @@ infra-configure-app-database: ## Configure infra/$APP_NAME/database module's tfb
 	./bin/configure-app-database.sh $(APP_NAME) $(ENVIRONMENT)
 
 infra-configure-monitoring-secrets: ## Set $APP_NAME's incident management service integration URL for $ENVIRONMENT
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
 	@:$(call check_defined, ENVIRONMENT, the name of the application environment e.g. "prod" or "staging")
 	@:$(call check_defined, URL, incident management service (PagerDuty or VictorOps) integration URL)
 	./bin/configure-monitoring-secret.sh $(APP_NAME) $(ENVIRONMENT) $(URL)
@@ -125,7 +127,8 @@ infra-format: ## Format infra code
 	terraform fmt -recursive infra
 
 infra-test: ## Run end-to-end infra Terratest test suite
-	cd infra/test && go test -v -timeout 30m
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
+	cd infra/test && go test -v -timeout 30m -app_name=$(APP_NAME)
 
 ########################
 ## Release Management ##
@@ -150,23 +153,26 @@ DATE := $(shell date -u '+%Y%m%d.%H%M%S')
 INFO_TAG := $(DATE).$(USER)
 
 release-build: ## Build release for $APP_NAME and tag it with current git hash
-	@:$(call check_defined, APP_NAME)
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
 	cd $(APP_NAME) && $(MAKE) release-build \
 		OPTS="--tag $(IMAGE_NAME):latest --tag $(IMAGE_NAME):$(IMAGE_TAG)"
 
 release-publish: ## Publish release to $APP_NAME's build repository
-	@:$(call check_defined, APP_NAME)
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
 	./bin/publish-release.sh $(APP_NAME) $(IMAGE_NAME) $(IMAGE_TAG)
 
 release-run-database-migrations: ## Run $APP_NAME's database migrations in $ENVIRONMENT
-	@:$(call check_defined, APP_NAME)
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
+	@:$(call check_defined, ENVIRONMENT, the name of the application environment e.g. "prod" or "dev")
 	./bin/run-database-migrations.sh $(APP_NAME) $(IMAGE_TAG) $(ENVIRONMENT)
 
 release-deploy: ## Deploy release to $APP_NAME's web service in $ENVIRONMENT
-	@:$(call check_defined, APP_NAME, ENVIRONMENT, the name of the application environment e.g. "prod" or "dev")
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
+	@:$(call check_defined, ENVIRONMENT, the name of the application environment e.g. "prod" or "dev")
 	./bin/deploy-release.sh $(APP_NAME) $(IMAGE_TAG) $(ENVIRONMENT)
 
 release-image-name: ## Prints the image name of the release image
+	@:$(call check_defined, APP_NAME, the name of subdirectory of /infra that holds the application's infrastructure code)
 	@echo $(IMAGE_NAME)
 
 release-image-tag: ## Prints the image tag of the release image

infra/test/infra_test.go

@@ -1,6 +1,7 @@
 package test
 
 import (
+	"flag"
 	"fmt"
 	"strings"
 	"testing"
@@ -12,6 +13,8 @@ import (
 	"github.com/gruntwork-io/terratest/modules/terraform"
 )
 
+var appName = flag.String("app_name", "", "name of subdirectory that holds the app's infrastructure code")
+
 func TestDev(t *testing.T) {
 	BuildAndPublish(t)
 
@@ -24,7 +27,7 @@ func TestDev(t *testing.T) {
 	})
 	terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
 		Reconfigure:  true,
-		TerraformDir: "../app/service/",
+		TerraformDir: fmt.Sprintf("../%s/service/", *appName),
 		VarFiles:     []string{"dev.tfvars"},
 		Vars: map[string]interface{}{
 			"image_tag": imageTag,
@@ -45,18 +48,18 @@ func BuildAndPublish(t *testing.T) {
 	// after which we add BackendConfig: []string{"dev.s3.tfbackend": terraform.KeyOnly} to terraformOptions
 	// and replace the call to terraform.RunTerraformCommand with terraform.Init
 	terraform.RunTerraformCommand(t, &terraform.Options{
-		TerraformDir: "../app/build-repository/",
+		TerraformDir: fmt.Sprintf("../%s/build-repository/", *appName),
 	}, "init", "-backend-config=shared.s3.tfbackend")
 
 	shell.RunCommand(t, shell.Command{
 		Command:    "make",
-		Args:       []string{"release-build"},
+		Args:       []string{"release-build", fmt.Sprintf("APP_NAME=%s", *appName)},
 		WorkingDir: "../../",
 	})
 
 	shell.RunCommand(t, shell.Command{
 		Command:    "make",
-		Args:       []string{"release-publish"},
+		Args:       []string{"release-publish", fmt.Sprintf("APP_NAME=%s", *appName)},
 		WorkingDir: "../../",
 	})
 }
@@ -78,9 +81,8 @@ func CreateDevEnvironmentInWorkspace(t *testing.T, terraformOptions *terraform.O
 
 func WaitForServiceToBeStable(t *testing.T, workspaceName string) {
 	fmt.Println("::group::Wait for service to be stable")
-	appName := "app"
 	environmentName := "dev"
-	serviceName := fmt.Sprintf("%s-%s-%s", workspaceName, appName, environmentName)
+	serviceName := fmt.Sprintf("%s-%s-%s", workspaceName, *appName, environmentName)
 	shell.RunCommand(t, shell.Command{
 		Command:    "aws",
 		Args:       []string{"ecs", "wait", "services-stable", "--cluster", serviceName, "--services", serviceName},