These steps always fail because the runner has no kubeconfig. Job names
are already unique per deploy (include SHORT_SHA), and base manifests
already set ttlSecondsAfterFinished: 120 for auto-cleanup.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Both promote-to-uat and promote-prod workflows now delete any
existing completed Jobs with the same short SHA suffix before Flux
reconciles. This prevents the immutable-podTemplate error that was
blocking UAT at image tag a67e541:
Job.batch "migrate-schema-xxx" is invalid: spec.template: field is immutable
Also added missing failure notification step to promote-prod workflow.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Both workflows now update base migration/seed Job names with short SHA
extracted from the image tag, matching the dev CI cd job pattern.
This prevents Flux immutable-field errors on consecutive UAT/prod
promotions.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Adds a manual workflow_dispatch workflow to promote a specific image tag
to the UAT environment. This separates UAT promotion from the automated
dev pipeline, enforcing the 3-stage SDLC review gate.
- Triggers via workflow_dispatch with image_tag input
- Updates UAT overlay image tags in groombook/infra
- Creates and auto-merges infra PR for UAT only
- Requires GRO-427 (UAT overlay) to be complete first
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Flea Flicker
Pawla Abdul