im-practices · hpractv · Feb 6, 2024 · Feb 2, 2024 · Feb 2, 2024 · Feb 2, 2024
@@ -28,10 +28,9 @@
 #        { "name": "Version", "value": "${{ inputs.tag }}" }
 #      ]
 #    secrets:
-#      MS_TEAMS_URI: ${{ vars.MS_TEAMS_URI }}  
+#      MS_TEAMS_URI: ${{ vars.MS_TEAMS_URI }}
 #      DEPLOY_NOTIFICATIONS_CHANNEL: ${{ vars.DEPLOY_NOTIFICATIONS_CHANNEL}}
 
-
 on:
   workflow_call:
     inputs:
@@ -68,11 +67,6 @@ on:
         required: false
         type: string
         default: 'america/denver'
-      deployment-board-number:
-        description: 'The number of the deployment board that should be updated.  Defaults to 1.'
-        required: false
-        type: number
-        default: 1
       deployable-type:
         description: 'Identifier if there are multiple deployables in the repo, like MFE, DB, API.  Defaults to an empty string for single deployables.'
         required: false
@@ -83,6 +77,11 @@ on:
         required: false
         type: string
         default: null
+      entity:
+        description: 'The catalog-info.yml metadata.name value for mapping in Tech Hub.'
+        required: false
+        type: string
+        default: null
       enable-deployment-slot-tracking:
         description: 'Enable App Service deployment slot tracking on deployment board? [true|false]'
         required: false
@@ -103,6 +102,11 @@ on:
         type: string
         required: false
         default: 'production'
+      instance:
+        description: 'The instance of the deployment.  This is used to create a deployment instance name in the GitHub deployment API.'
+        required: false
+        type: string
+        default: null
       custom-facts-for-team-channel:
         description: The custom facts that will be included in the post in the team's channel.  By default Workflow, Run, Actor and Version are included.
         required: false
@@ -129,23 +133,18 @@ jobs:
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Update deployment board
-        if: always()
-        uses: im-open/[email protected]
+      # Only run this step if Tech Hub metadata.name value is passed in
+      - name: Create GitHub Deployment
+        if: ${{ inputs.entity != null }}
+        uses: im-open/[email protected]
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          workflow-actor: ${{ github.actor }} # This will add the user who kicked off the workflow to the deployment payload
+          token: ${{ secrets.GITHUB_TOKEN }} # Special per-job token generated by GH for interacting with the repo
           environment: ${{ inputs.deployment-environment }}
-          board-number: ${{ inputs.deployment-board-number }}
-          ref: ${{ inputs.release-tag }}
-          ref-type: 'tag'
-          deployable-type: ${{ inputs.deployable-type }}
-          deploy-label: ${{ inputs.deployable-label }}
-          deploy-status: ${{ steps.conclusion.outputs.workflow_conclusion }}
-          enable-deployment-slot-tracking: ${{ inputs.enable-deployment-slot-tracking }}
-          slot-swapped-with-production-slot: ${{ inputs.slot-swapped-with-production-slot }}
-          target-slot: ${{ inputs.target-slot }}
-          source-slot: ${{ inputs.source-slot }}
-          timezone: ${{ inputs.timezone }}
+          release-ref: ${{ inputs.release-tag }}
+          deployment-status: ${{ steps.conclusion.outputs.workflow_conclusion }}
+          entity: ${{ inputs.entity }}
+          instance: ${{ inputs.instance || inputs.target-slot }}
 
       - name: Configure facts for team's notification channel
         if: always()
@@ -156,7 +155,7 @@ jobs:
             const rawFacts = process.env.FACTS;
             console.log(`"${rawFacts}"`);
             let facts = rawFacts && rawFacts.trim().length > 0 ? JSON.parse(rawFacts) : null;
-            
+
             if (!facts || facts.length === 0){
               console.log(`Custom facts were not provided for the Team's Notification channel, use the default facts:`);
               facts = [
@@ -174,7 +173,7 @@ jobs:
             core.setOutput('facts', facts);
         env:
           FACTS: ${{ inputs.custom-facts-for-team-channel }}
-      
+
       - name: Send status to team's notification channel
         if: always()
         uses: im-open/[email protected]
@@ -195,9 +194,9 @@ jobs:
             const postInProd = ${{ inputs.post-status-in-deployment-notifications-channel }};
             const deployEnv = '${{ inputs.deployment-environment }}';
             const workflowConclusion = '${{ steps.conclusion.outputs.workflow_conclusion }}';
-            
+
             const isProdEnv = deployEnv === 'prod' || deployEnv === 'prod-secondary';
-            
+
             const post = postInProd && isProdEnv && workflowConclusion === 'success';
             core.setOutput('post', post);
 
@@ -221,7 +220,7 @@ jobs:
           script: |
             const rawFacts = process.env.FACTS;
             let facts = rawFacts && rawFacts.trim().length > 0 ? JSON.parse(rawFacts) : null;
-            
+
             if (!facts || facts.length === 0){
               console.log('Custom facts were not provided for the Deployment Notifications channel, use the default facts:');
               facts = [
@@ -237,7 +236,7 @@ jobs:
             core.setOutput('facts', facts);
         env:
           FACTS: ${{ inputs.custom-facts-for-deployment-notifications-channel }}
-      
+
       - name: Send Status to Deployment Notifications Channel for Prod Deploys
         if: always() && steps.post-to-deployment-channel.outputs.post == 'true'
         uses: im-open/[email protected]

@@ -1,4 +1,4 @@
-# Workflow Code: AmbitiousLizard_v46    DO NOT REMOVE
+# Workflow Code: AmbitiousLizard_v47    DO NOT REMOVE
 # Purpose:
 #    Gathers various stakeholder and attestor approvals, downloads artifacts from a release
 #    with the specified tags, makes changes to any configuration files for the specified
@@ -66,18 +66,16 @@ permissions:
   # Required for secretless azure access and deploys
   id-token: write
   contents: read
-  # Required for update-deployment-board
-  repository-projects: write
-  issues: write
-  actions: read
+  # Required for create-github-deployment
+  deployments: write
 
 env:
   RELEASE_TAG: ${{ inputs.tag }} # This is the tag that we'll be deploying
 
 jobs:
   # This job utilizes a reusable workflow which will:
   #   1 - Verify the tag provided is a valid ref.
-  #   2 - If deploying to a production environment, verify the tag is reachable from the default branch 
+  #   2 - If deploying to a production environment, verify the tag is reachable from the default branch
   #       and that the corresponding release is production ready (not pre-release or a draft).
   setup-deployment-workflow:
     uses: im-practices/.github/.github/workflows/im-reusable-setup-deployment-workflow.yml@v2
@@ -187,7 +185,7 @@ jobs:
 
   # Each env has their own stakeholder approval environment.  If no required reviewers are set for
   # that environment, the workflow will continue without requiring anyone to approve the deployment.
-  
+
   stakeholder-approval:
     needs: [set-vars]
     runs-on: ubuntu-latest # Force this to run on github-hosted runner by using a tag that does not exist on self-hosted runners
@@ -238,7 +236,7 @@ jobs:
 
       # TODO: Use this for any variables that change per environment
       # With the Variables feature available now in GitHub this action may not be necessary.  If values are populated
-      # as env-level variables, they can be used directly inside of subsequent actions (octostache and var-substitution) 
+      # as env-level variables, they can be used directly inside of subsequent actions (octostache and var-substitution)
       # like secrets are.  The choice of which to use is up to the team and what works best for the project.
       # Variables - pros & cons
       #   - Pros: streamlined workflow, ability to change values without creating a new release/build (helpful for values that change a lot)
@@ -454,17 +452,20 @@ jobs:
   #  1 - Update the deployment board based on the workflow conclusion
   #  2 - Post a deployment status in the repo owner's Teams channel (connected to the MS_TEAMS_URI secret)
   #  3 - Post a deployment status in the Deployment Notifications Teams channel if the deploy is for prod, is successful and the flag to do so is not set to false
-  update-deployment-board-and-send-teams-notification:
+  update-github-deployments-and-send-teams-notification:
     needs: [set-vars, deploy-code]
     if: always()
     uses: im-practices/.github/.github/workflows/im-reusable-finish-deployment-workflow.yml@v2
     with:
       # Required Inputs
-      deployment-environment: ${{ inputs.environment-or-target }}                     # The environment/target that was deployed to (dev, qa, stage, stage-secondary, uat, demo, prod, prod-secondary)
+      deployment-environment: ${{ inputs.environment-or-target }} # The environment/target that was deployed to (dev, qa, stage, stage-secondary, uat, demo, prod, prod-secondary)
       gh-secrets-environment: ${{ needs.set-vars.outputs.GITHUB_SECRETS_ENVIRONMENT}} # The GitHub environment that secrets are pulled from
       release-tag: ${{ inputs.tag }}
       title-of-teams-post: 'Deploy ${{ needs.set-vars.outputs.AZ_APP_NAME }} ${{ inputs.tag }} to ${{ inputs.environment-or-target }}' # TODO:  Verify title to ensure it is descriptive/readable.
-
+      # Inputs for Tech Hub deployment tracking
+      # entity: '' # TODO: This the catalog-info.yml value in metadata.name value
+      # instance: '' # TODO: This the specific target deployment location, i.e., testing-slot-1, primary-app-service, failover-slot-2, NA26-production-slot
+
       # Optional Inputs with their default values.  These items can be removed if the default value does not need to be adjusted.
       # post-status-in-deployment-notifications-channel: true # TODO:  Include this arg and set to false if you do not want a status post in the Deployment Notifications channel for prod deploys
       # timezone: 'america/denver'                            # TODO:  Include this argument and update if your timezone is not america/denver
@@ -485,4 +486,4 @@ jobs:
       #   ]
     secrets:
       MS_TEAMS_URI: ${{ vars.MS_TEAMS_URI }}
-      DEPLOY_NOTIFICATIONS_CHANNEL: ${{ vars.DEPLOY_NOTIFICATIONS_CHANNEL }}
+      DEPLOY_NOTIFICATIONS_CHANNEL: ${{ vars.DEPLOY_NOTIFICATIONS_CHANNEL }}
@@ -1,4 +1,4 @@
-# Workflow Code: BetrayedCod_v31    DO NOT REMOVE
+# Workflow Code: BetrayedCod_v32    DO NOT REMOVE
 # Purpose:
 #    Gathers the required approvals from stakeholders and attestors, ensures
 #    tags are valid for production deployments and runs the migrations against
@@ -53,18 +53,16 @@ on:
   #       6. Delete the 'attestor-approval' job
   #       7. Delete the 'setup-deployment-workflow' job
   #       8. Under the 'deploy-az-db' job, delete the needs property
-  #       9. Under the 'update-deployment-board-and-send-teams-notification' job, update the needs property to be: "needs: [deploy-az-db]"
+  #       9. Under the 'update-github-deployments-and-send-teams-notification' job, update the needs property to be: "needs: [deploy-az-db]"
   # repository_dispatch:
   #   types: [<deployable_name>_deploy] # TODO: Replace <deployable_name>.  This will be used in the 'Deploy Multiple Items' workflow to target this deployment workflow.
 
 permissions:
   # Required for secretless azure access and deploys
   id-token: write
   contents: read
-  # Required for update-deployment-board
-  repository-projects: write
-  issues: write
-  actions: read
+  # Required for create-github-deployment
+  deployments: write
 
 env:
   RELEASE_TAG: ${{ inputs.tag == 0 && github.ref_name || inputs.tag }} # This is the tag that we'll be deploying
@@ -270,17 +268,20 @@ jobs:
   #  1 - Update the deployment board based on the workflow conclusion
   #  2 - Post a deployment status in the repo owner's Teams channel (connected to the MS_TEAMS_URI secret)
   #  3 - Post a deployment status in the Deployment Notifications Teams channel if the deploy is for prod, is successful and the flag to do so is not set to false
-  update-deployment-board-and-send-teams-notification:
+  update-github-deployments-and-send-teams-notification:
     needs: [set-vars, deploy-az-db]
     if: always()
     uses: im-practices/.github/.github/workflows/im-reusable-finish-deployment-workflow.yml@v2
     with:
       # Required Inputs
-      deployment-environment: ${{ inputs.environment-or-target }}                      # The environment/target that was deployed to (dev, qa, stage, stage-secondary, uat, demo, prod, prod-secondary)
+      deployment-environment: ${{ inputs.environment-or-target }} # The environment/target that was deployed to (dev, qa, stage, stage-secondary, uat, demo, prod, prod-secondary)
       gh-secrets-environment: ${{ needs.set-vars.outputs.GITHUB_SECRETS_ENVIRONMENT }} # The GitHub environment that secrets are pulled from
       release-tag: ${{ inputs.tag == 0 && github.ref_name || inputs.tag }}
       title-of-teams-post: 'Deploy ${{ needs.deploy-az-db.outputs.DB_NAME }} ${{ inputs.tag == 0 && github.ref_name || inputs.tag }} to ${{ inputs.environment-or-target }}' # TODO:  Verify title to ensure it is descriptive/readable.
-
+      # Inputs for Tech Hub deployment tracking
+      # entity: '' # TODO: This the catalog-info.yml value in metadata.name value
+      # instance: '' # TODO: This the specific target deployment location, i.e., testing-slot-1, primary-app-service, failover-slot-2, NA26-production-slot
+
       # Optional Inputs with their default values.  These items can be removed if the default value does not need to be adjusted.
       # post-status-in-deployment-notifications-channel: true # TODO:  Include this arg and set to false if you do not want a status post in the Deployment Notifications channel for prod deploys
       # timezone: 'america/denver'                            # TODO:  Include this argument and update if your timezone is not america/denver
@@ -301,4 +302,4 @@ jobs:
       #   ]
     secrets:
       MS_TEAMS_URI: ${{ vars.MS_TEAMS_URI }}
-      DEPLOY_NOTIFICATIONS_CHANNEL: ${{ vars.DEPLOY_NOTIFICATIONS_CHANNEL }}    
+      DEPLOY_NOTIFICATIONS_CHANNEL: ${{ vars.DEPLOY_NOTIFICATIONS_CHANNEL }}