From f3dadfb3d0ffc399744be2bc6e44bbd6dc101e0c Mon Sep 17 00:00:00 2001 From: Sergey Melnikov Date: Wed, 1 Feb 2023 16:01:27 +0100 Subject: [PATCH] Confirm that there is an emergency before manual execution of prod deploy workflow (#3507) ![image](https://user-images.githubusercontent.com/7127190/215840037-69eda3ee-920e-4b90-bf7d-aa58f0bdfb50.png) --- .github/workflows/build_and_test.yml | 2 +- .github/workflows/deploy-prod.yml | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 89e12360f9..de5bd7efd2 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -868,7 +868,7 @@ jobs: if [[ "$GITHUB_REF_NAME" == "main" ]]; then gh workflow run deploy-dev.yml --ref main -f branch=${{ github.sha }} -f dockerTag=${{needs.tag.outputs.build-tag}} elif [[ "$GITHUB_REF_NAME" == "release" ]]; then - gh workflow run deploy-prod.yml --ref release -f branch=${{ github.sha }} -f dockerTag=${{needs.tag.outputs.build-tag}} + gh workflow run deploy-prod.yml --ref release -f branch=${{ github.sha }} -f dockerTag=${{needs.tag.outputs.build-tag}} -f disclamerAcknowledged=true else echo "GITHUB_REF_NAME (value '$GITHUB_REF_NAME') is not set to either 'main' or 'release'" exit 1 diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index fbd6bdfd93..16041d0fe8 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -11,7 +11,7 @@ on: description: 'Branch or commit used for deploy scripts and configs' required: true type: string - default: 'main' + default: 'release' deployStorage: description: 'Deploy storage' required: true @@ -27,6 +27,11 @@ on: required: true type: boolean default: true + disclamerAcknowledged: + description: 'I confirm that there is an emergency and I can not use regular release workflow' + required: true + type: boolean + default: false concurrency: group: deploy-prod @@ -36,7 +41,7 @@ jobs: deploy-prod-new: runs-on: prod container: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest - if: inputs.deployStorage + if: inputs.deployStorage && inputs.disclamerAcknowledged defaults: run: shell: bash @@ -67,7 +72,7 @@ jobs: deploy-proxy-prod-new: runs-on: prod container: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest - if: inputs.deployProxy + if: inputs.deployProxy && inputs.disclamerAcknowledged defaults: run: shell: bash @@ -125,7 +130,7 @@ jobs: deploy-storage-broker-prod-new: runs-on: prod container: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest - if: inputs.deployStorageBroker + if: inputs.deployStorageBroker && inputs.disclamerAcknowledged defaults: run: shell: bash @@ -164,7 +169,7 @@ jobs: deploy: runs-on: prod container: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest - if: inputs.deployStorage + if: inputs.deployStorage && inputs.disclamerAcknowledged defaults: run: shell: bash @@ -202,7 +207,7 @@ jobs: deploy-proxy: runs-on: [ self-hosted, gen3, small ] container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned - if: inputs.deployProxy + if: inputs.deployProxy && inputs.disclamerAcknowledged defaults: run: shell: bash @@ -238,7 +243,7 @@ jobs: name: deploy storage broker on old staging and old prod runs-on: [ self-hosted, gen3, small ] container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned - if: inputs.deployStorageBroker + if: inputs.deployStorageBroker && inputs.disclamerAcknowledged defaults: run: shell: bash