fix(ci): add new stg pipeline

.github/workflows/release.yml

@@ -498,6 +498,15 @@ jobs:
       env:
         SEMVER: ${{ needs.release.outputs.version }}
 
+    - name: Push Lambda functions to S3 New Staging
+      shell: bash
+      run: |
+        echo Push Lambda functions to S3 Test
+        echo aws s3 cp ~/lambda.zip s3://s3-vbr-stg-basisregisters-lam-par-sqsbackofficefunction/$SEMVER/lambda.zip
+        aws s3 cp ~/lambda.zip s3://s3-vbr-stg-basisregisters-lam-par-sqsbackofficefunction/$SEMVER/lambda.zip
+      env:
+        SEMVER: ${{ needs.release.outputs.version }}
+
     - name: Configure AWS credentials (Staging)
       uses: aws-actions/configure-aws-credentials@v4.0.2
       with:
@@ -783,68 +792,6 @@ jobs:
           SEMVER: ${{ needs.release.outputs.version }}
           WORKSPACE: ${{ github.workspace }}
 
-  push_images_to_newproduction:
-    if: needs.release.outputs.version != 'none'
-    needs: [ release ]
-    name: Push images to New Production
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        image: [
-          'api-backoffice',
-          'api-legacy',
-          'api-oslo',
-          'api-extract',
-          'projector',
-          'projections-syndication',
-          'projections-backoffice',
-          'consumer-address',
-          'producer',
-          'producer-snapshot-oslo',
-          'importer-grb',
-          'snapshot-verifier'
-          ]
-    steps:
-      - name: Configure AWS credentials (New Production)
-        uses: aws-actions/configure-aws-credentials@v4.0.2
-        with:
-          aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_NEWPRD }}
-          aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_NEWPRD }}
-          aws-region: ${{ secrets.VBR_AWS_REGION_PRD }}
-
-      - name: Login to Amazon ECR (New Production)
-        uses: aws-actions/amazon-ecr-login@v2
-
-      # Download artifact
-      - name: Download artifact
-        uses: actions/download-artifact@v4
-        continue-on-error: false
-        with:
-          name: ${{ matrix.image }}-${{ needs.release.outputs.version }}
-          path: ~/
-
-      # Load artifact
-      - name: Load artifact
-        shell: bash
-        run: |
-          echo pr-$IMAGE-image.tar
-          docker image load -i ~/pr-$IMAGE-image.tar
-        env:
-          IMAGE: ${{ matrix.image }}
-
-      - name: Push artifacts to ECR New Production
-        shell: bash
-        run: |
-          echo $IMAGE:$SEMVER
-          docker tag $BUILD_DOCKER_REGISTRY_TST/parcel-registry/$IMAGE:$SEMVER $BUILD_DOCKER_REGISTRY_NEWPRD/parcel-registry/$IMAGE:$SEMVER
-          docker push $BUILD_DOCKER_REGISTRY_NEWPRD/parcel-registry/$IMAGE:$SEMVER
-        env:
-          BUILD_DOCKER_REGISTRY_TST: ${{ vars.VBR_DEVOPS_DOCKER_REGISTRY }}
-          BUILD_DOCKER_REGISTRY_NEWPRD: ${{ secrets.VBR_BUILD_DOCKER_REGISTRY_NEWPRD }}
-          IMAGE: ${{ matrix.image }}
-          SEMVER: ${{ needs.release.outputs.version }}
-          WORKSPACE: ${{ github.workspace }}
-
   deploy_to_test_start_slack:
     if: github.repository_owner == 'Informatievlaanderen'
     needs: [ push_images, upload-lambda, release ]
@@ -1001,6 +948,162 @@ jobs:
         SLACK_CHANNEL: ${{ secrets.VBR_NOTIFIER_CHANNEL_NAME }}
         REPOSITORY_NAME: ${{ env.REPOSITORY_NAME }}
 
+  deploy_to_new_stg_start_slack:
+    if: github.repository_owner == 'Informatievlaanderen'
+    needs: [ deploy_to_test_finish_slack, release ]
+    name: Deploy to staging started
+    environment: stg
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Parse repository name
+      run: echo REPOSITORY_NAME=$(echo ""$GITHUB_REPOSITORY"" | awk -F / '{print $2}' | sed -e ""s/:refs//"") >> $GITHUB_ENV
+      shell: bash
+
+    - name: Notify deployment started
+      uses: slackapi/slack-github-action@v1.25.0
+      with:
+        channel-id: '#team-dinosaur-dev'
+        slack-message: Deployment of parcel-registry to staging has started
+      env:
+        SLACK_BOT_TOKEN: ${{ secrets.VBR_SLACK_BOT_TOKEN }}
+        SLACK_CHANNEL: ${{ secrets.VBR_NOTIFIER_CHANNEL_NAME }}
+        REPOSITORY_NAME: ${{ env.REPOSITORY_NAME }}
+
+  deploy_services_to_new_stg:
+    if: github.repository_owner == 'Informatievlaanderen'
+    needs: [ deploy_to_new_stg_start_slack, release ]
+    name: Deploy services to new staging
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        services: [
+          'parcel-api',
+          'parcel-backoffice-api',
+          'parcel-consumer-address',
+          'parcel-producer',
+          'parcel-producer-snapshot-oslo',
+          'parcel-projections',
+          'parcel-projections-backoffice'
+          ]
+    steps:
+    - name: Deploy services
+      env:
+        BUILD_URL: ${{ vars.VBR_AWS_BUILD_API_DEVOPS }}/${{matrix.services}}
+        STATUS_URL: ${{ vars.VBR_AWS_BUILD_STATUS_API_DEVOPS }}/${{matrix.services}}
+      uses: informatievlaanderen/awscurl-polling-action/polling-action@main
+      with:
+          environment: stg
+          version: ${{ needs.release.outputs.version }}
+          status-url: $STATUS_URL
+          deploy-url: $BUILD_URL
+          access-key: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_DEVOPS }}
+          secret-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_DEVOPS }}
+          deploy-target: 'agb_ecs_service'
+          interval: 2
+          domain: 'basisregisters'
+          project: 'basisregisters'
+
+    - name: Deploy services output
+      shell: bash
+      run: |
+        echo build-uuid: ${{ steps.awscurl-polling-action.outputs.build-uuid }}
+        echo Status: ${{ steps.awscurl-polling-action.outputs.status }}
+        echo ${{ steps.awscurl-polling-action.outputs.final-message }}
+
+  deploy_tasks_to_new_stg:
+    if: github.repository_owner == 'Informatievlaanderen'
+    needs: [ deploy_to_new_stg_start_slack, release ]
+    name: Deploy tasks to staging
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        services: [
+          'parcel-importer-grb',
+          'parcel-snapshot-verifier'
+          ]
+
+    steps:
+    - name: Deploy tasks
+      env:
+        BUILD_URL: ${{ vars.VBR_AWS_BUILD_API_DEVOPS }}/${{matrix.services}}
+        STATUS_URL: ${{ vars.VBR_AWS_BUILD_STATUS_API_DEVOPS }}/${{matrix.services}}
+      uses: informatievlaanderen/awscurl-polling-action/polling-action@main
+      with:
+          environment: stg
+          version: ${{ needs.release.outputs.version }}
+          status-url: $STATUS_URL
+          deploy-url: $BUILD_URL
+          access-key: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_DEVOPS }}
+          secret-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_DEVOPS }}
+          deploy-target: 'ecs_scheduled_task'
+          interval: 2
+          domain: 'basisregisters'
+          project: 'basisregisters'
+
+    - name: Deploy tasks output
+      shell: bash
+      run: |
+        echo build-uuid: ${{ steps.awscurl-polling-action.outputs.build-uuid }}
+        echo Status: ${{ steps.awscurl-polling-action.outputs.status }}
+        echo ${{ steps.awscurl-polling-action.outputs.final-message }}
+
+  deploy_lambda_to_new_stg:
+    if: github.repository_owner == 'Informatievlaanderen'
+    needs: [ deploy_tasks_to_new_stg, deploy_services_to_new_stg, release ]
+    name: Deploy lambda to staging
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: CD Lambda(s) Configure credentials
+      uses: aws-actions/configure-aws-credentials@v4.0.2
+      with:
+        aws-access-key-id: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_DEVOPS }}
+        aws-secret-access-key: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_DEVOPS }}
+        aws-region: ${{ secrets.VBR_AWS_REGION_PRD }}
+
+    - name: Prepare Lambda(s)
+      shell: bash
+      run: |
+        echo aws s3 cp s3://s3-vbr-stg-basisregisters-lam-par-sqsbackofficefunction/$VERSION/lambda.zip s3://s3-vbr-stg-basisregisters-lam-par-sqsbackofficefunction/lambda.zip --copy-props none
+        aws s3 cp s3://s3-vbr-stg-basisregisters-lam-par-sqsbackofficefunction/$VERSION/lambda.zip s3://s3-vbr-stg-basisregisters-lam-par-sqsbackofficefunction/lambda.zip --copy-props none
+      env:
+        VERSION: ${{ needs.release.outputs.version }}
+
+    - name: Promote Lambda(s)
+      shell: bash
+      run: |
+        echo pulling awscurl docker image
+        docker pull ghcr.io/okigan/awscurl:latest
+        echo docker run --rm okigan/awscurl --access_key $ACCESS_KEY_ID --secret_key $SECRET_ACCESS_KEY_ID --region $REGION -X POST -d '{ "functionName": "par-sqsbackofficefunction", "project": "basisregisters", "domain": "basisregisters" }' $PROMOTEURL/stg
+        docker run --rm okigan/awscurl --access_key $ACCESS_KEY_ID --secret_key $SECRET_ACCESS_KEY_ID --region $REGION -X POST -d '{ "functionName": "par-sqsbackofficefunction", "project": "basisregisters", "domain": "basisregisters" }' $PROMOTEURL/stg
+      env:
+        ACCESS_KEY_ID: ${{ secrets.VBR_AWS_ACCESS_KEY_ID_DEVOPS }}
+        SECRET_ACCESS_KEY_ID: ${{ secrets.VBR_AWS_SECRET_ACCESS_KEY_DEVOPS }}
+        REGION: ${{ secrets.VBR_AWS_REGION_PRD }}
+        PROMOTEURL: ${{ vars.VBR_AWS_PROMOTE_LAMBDA_DEVOPS_BASEURL }}
+
+  deploy_to_new_stg_finish_slack:
+    if: github.repository_owner == 'Informatievlaanderen'
+    needs: [ deploy_lambda_to_new_stg ]
+    name: Deploy to staging finished
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Parse repository name
+      run: echo REPOSITORY_NAME=$(echo ""$GITHUB_REPOSITORY"" | awk -F / '{print $2}' | sed -e ""s/:refs//"") >> $GITHUB_ENV
+      shell: bash
+
+    - name: Notify deployment finished
+      uses: slackapi/slack-github-action@v1.25.0
+      with:
+        channel-id: '#team-dinosaur-dev'
+        slack-message: Deployment of parcel-registry to staging has finished
+      env:
+        SLACK_BOT_TOKEN: ${{ secrets.VBR_SLACK_BOT_TOKEN }}
+        SLACK_CHANNEL: ${{ secrets.VBR_NOTIFIER_CHANNEL_NAME }}
+        REPOSITORY_NAME: ${{ env.REPOSITORY_NAME }}
+
   deploy_to_staging_start_slack:
     if: github.repository_owner == 'Informatievlaanderen'
     needs: [ push_images_to_staging, upload-lambda, release ]