From 2cf4897d3b5dcec1acc9cdb54ed966bf26a966c5 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 11:41:22 -0400 Subject: [PATCH 01/15] fix: build & deploy ci/cd --- .../{build_prod.yml => build-deploy-prod.yml} | 12 +++++- .github/workflows/deploy_prod.yml | 41 ------------------- 2 files changed, 11 insertions(+), 42 deletions(-) rename .github/workflows/{build_prod.yml => build-deploy-prod.yml} (79%) delete mode 100644 .github/workflows/deploy_prod.yml diff --git a/.github/workflows/build_prod.yml b/.github/workflows/build-deploy-prod.yml similarity index 79% rename from .github/workflows/build_prod.yml rename to .github/workflows/build-deploy-prod.yml index 782369a..3e6cbf6 100644 --- a/.github/workflows/build_prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -13,7 +13,8 @@ env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ECR_REPO: ${{ secrets.AWS_ECR_REPO }} - + ENVIRONMENT: PROD + jobs: build: name: build_prod @@ -49,3 +50,12 @@ jobs: tags: | ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }}:latest ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }}:${{ steps.vars.outputs.sha }} + + # deploy to AWS ECS + - name: Deploy to Amazon ECS + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json + service: nodewatch-${{ env.ENVIRONMENT }}-service + cluster: nodewatch-${{ env.ENVIRONMENT }}-cluster + wait-for-service-stability: true diff --git a/.github/workflows/deploy_prod.yml b/.github/workflows/deploy_prod.yml deleted file mode 100644 index 022df08..0000000 --- a/.github/workflows/deploy_prod.yml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 2020 ChainSafe Systems -# SPDX-License-Identifier: LGPL-3.0-only - -name: Deploy ECS Prod - -on: - release: - types: [published] - -env: - AWS_REGION: ${{ secrets.AWS_REGION }} - AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID } - ECR_REPO: ${{ secrets.AWS_ECR_REPO }} - ENVIRONMENT: PROD - -jobs: - deploy: - name: Deploy - runs-on: ubuntu-latest - - permissions: - contents: read - id-token: write - - steps: - - uses: actions/checkout@v2 - - run: sleep 5 - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-${{ env.ENVIRONMENT }}-nodewatch - aws-region: ${{ env.AWS_REGION }} - role-session-name: GithubActions - - - name: Deploy to Amazon ECS - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json - service: nodewatch-${{ env.ENVIRONMENT }}-service - cluster: nodewatch-${{ env.ENVIRONMENT }}-cluster - wait-for-service-stability: true From d5b33029727e41e2c416ed1fbc0f0f748c6037bf Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 13:53:25 -0400 Subject: [PATCH 02/15] added aws creds to gh action --- .github/workflows/build-deploy-prod.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 226a24c..87e2cec 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -30,6 +30,13 @@ jobs: id: vars run: echo "::set-output name=sha::$(git rev-parse --short HEAD)" + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + # role-to-assume: arn:aws:iam::123456789012:role/my-github-actions-role + aws-region: ${{env.AWS_REGION}} + # gather metadata from git & github actions to reference in docker - name: git & github metadata id: metadata From af16d381f23047c93139515af3739863d450635c Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 16:22:38 -0400 Subject: [PATCH 03/15] updating ci config --- .github/workflows/build-deploy-prod.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 87e2cec..3506b8a 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -34,8 +34,7 @@ jobs: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: - # role-to-assume: arn:aws:iam::123456789012:role/my-github-actions-role - aws-region: ${{env.AWS_REGION}} + role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role # gather metadata from git & github actions to reference in docker - name: git & github metadata From e57520962f14112044c6430c9f73797ec004d82a Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 16:24:41 -0400 Subject: [PATCH 04/15] fix config --- .github/workflows/build-deploy-prod.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 3506b8a..ddc0e19 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -35,7 +35,8 @@ jobs: uses: aws-actions/configure-aws-credentials@v1 with: role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role - + region: ${{ env.AWS_REGION }} + # gather metadata from git & github actions to reference in docker - name: git & github metadata id: metadata From b7ba1526f0ab1655f1c926d9b57f6f5f691d1412 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 16:25:47 -0400 Subject: [PATCH 05/15] syntax fix --- .github/workflows/build-deploy-prod.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index ddc0e19..249dfb7 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -1,7 +1,7 @@ # Copyright 2020 ChainSafe Systems # SPDX-License-Identifier: LGPL-3.0-only -name: Build & Deploy to AWS +name: Build & Deploy PROD on: push: @@ -35,8 +35,8 @@ jobs: uses: aws-actions/configure-aws-credentials@v1 with: role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role - region: ${{ env.AWS_REGION }} - + aws-region: ${{ env.AWS_REGION }} + # gather metadata from git & github actions to reference in docker - name: git & github metadata id: metadata From 1a155765f94f74b5f1f4cbd2a4593727bed894b7 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 16:30:19 -0400 Subject: [PATCH 06/15] fixing sts token issue --- .github/workflows/build-deploy-prod.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 249dfb7..6f0d6b6 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -11,8 +11,8 @@ on: env: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ECR_REPO: ${{ secrets.AWS_ECR_REPO }} ENVIRONMENT: PROD From 7c6c1903ee6edd0622d968ed7ef2a6ba24aacff0 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Thu, 27 Oct 2022 16:41:06 -0400 Subject: [PATCH 07/15] added permissions --- .github/workflows/build-deploy-prod.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 6f0d6b6..d87b6c3 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -20,7 +20,10 @@ jobs: build: name: build_deploy_prod runs-on: ubuntu-latest - + permissions: + id-token: write + contents: write + steps: # download the source code into the runner - name: checkout @@ -67,3 +70,4 @@ jobs: service: nodewatch-${{ env.ENVIRONMENT }}-service cluster: nodewatch-${{ env.ENVIRONMENT }}-cluster wait-for-service-stability: true + \ No newline at end of file From c304d1d3b59483257ae322c222438fd0d9e8d3fc Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 11:16:14 -0400 Subject: [PATCH 08/15] typo fixed --- .github/workflows/build-deploy-prod.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index d87b6c3..44cef20 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -23,7 +23,7 @@ jobs: permissions: id-token: write contents: write - + steps: # download the source code into the runner - name: checkout @@ -33,7 +33,6 @@ jobs: id: vars run: echo "::set-output name=sha::$(git rev-parse --short HEAD)" - - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -59,8 +58,8 @@ jobs: file: ./Dockerfile push: true tags: | - ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }}:latest - ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }}:${{ steps.vars.outputs.sha }} + ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:latest + ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:${{ steps.vars.outputs.sha }} # deploy to AWS ECS - name: Deploy to Amazon ECS From 0c1f1a0b0c9de48b8dade377341f7ef90a17d03d Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 11:25:34 -0400 Subject: [PATCH 09/15] ecs deploy fix --- .github/workflows/build-deploy-prod.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 44cef20..f22481f 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -14,6 +14,8 @@ env: # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ECR_REPO: ${{ secrets.AWS_ECR_REPO }} + ECS_CLUSTER: ${{ secrets.AWS_ECS_CLUSTER}} + ECS_SERVICE: ${{ secrets.AWS_ECS_SERVICE}} ENVIRONMENT: PROD jobs: @@ -66,7 +68,7 @@ jobs: uses: aws-actions/amazon-ecs-deploy-task-definition@v1 with: task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json - service: nodewatch-${{ env.ENVIRONMENT }}-service - cluster: nodewatch-${{ env.ENVIRONMENT }}-cluster + service: ${{ env.ECS_CLUSTER }} + cluster: ${{ env.ECR_SERVICE }} wait-for-service-stability: true \ No newline at end of file From 7272222ac4cdc3abefbc6b9efd1a34dca6d646fd Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 11:32:44 -0400 Subject: [PATCH 10/15] syntax fix --- .github/workflows/build-deploy-prod.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index f22481f..a920a23 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -14,8 +14,8 @@ env: # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ECR_REPO: ${{ secrets.AWS_ECR_REPO }} - ECS_CLUSTER: ${{ secrets.AWS_ECS_CLUSTER}} - ECS_SERVICE: ${{ secrets.AWS_ECS_SERVICE}} + ECS_CLUSTER: ${{ secrets.AWS_ECS_CLUSTER }} + ECS_SERVICE: ${{ secrets.AWS_ECS_SERVICE }} ENVIRONMENT: PROD jobs: From 5c6eb9d0463b0465c78e1cfe5ad7cc8f45aa7e32 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 11:52:43 -0400 Subject: [PATCH 11/15] ecs task def updated --- .github/workflows/build-deploy-prod.yml | 4 ++-- infra/aws-ecs/task_definition_PROD.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index a920a23..f8f4323 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -68,7 +68,7 @@ jobs: uses: aws-actions/amazon-ecs-deploy-task-definition@v1 with: task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json - service: ${{ env.ECS_CLUSTER }} - cluster: ${{ env.ECR_SERVICE }} + service: ${{ env.ECS_SERVICE }} + cluster: ${{ env.ECR_CLUSTER }} wait-for-service-stability: true \ No newline at end of file diff --git a/infra/aws-ecs/task_definition_PROD.json b/infra/aws-ecs/task_definition_PROD.json index c535c43..0105f68 100644 --- a/infra/aws-ecs/task_definition_PROD.json +++ b/infra/aws-ecs/task_definition_PROD.json @@ -3,7 +3,7 @@ "containerDefinitions": [ { "name": "nodewatch-prod-container", - "image": "381177214925.dkr.ecr.us-east-2.amazonaws.com/nodewatch-prod-ecr:v1.3.1", + "image": "381177214925.dkr.ecr.us-east-2.amazonaws.com/nodewatch-prod-ecr", "cpu": 256, "portMappings": [ { From 5be0cbc9ccc70382b624f7072fa3be937b1522c9 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 11:56:00 -0400 Subject: [PATCH 12/15] typo fix --- .github/workflows/build-deploy-prod.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index f8f4323..863935c 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -69,6 +69,6 @@ jobs: with: task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECR_CLUSTER }} + cluster: ${{ env.ECS_CLUSTER }} wait-for-service-stability: true \ No newline at end of file From f8d5690f2fd935f7bce5dac24ee3148bc6d165bb Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 12:27:58 -0400 Subject: [PATCH 13/15] testing tags var --- .github/workflows/build-deploy-prod.yml | 87 ++++++++++++++----------- 1 file changed, 49 insertions(+), 38 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 863935c..9f93553 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -6,13 +6,13 @@ name: Build & Deploy PROD on: push: branches: - - 'fix/ci' + - fix/ci + # release: + # types: [published] env: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} - # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ECR_REPO: ${{ secrets.AWS_ECR_REPO }} ECS_CLUSTER: ${{ secrets.AWS_ECS_CLUSTER }} ECS_SERVICE: ${{ secrets.AWS_ECS_SERVICE }} @@ -30,45 +30,56 @@ jobs: # download the source code into the runner - name: checkout uses: actions/checkout@v2 - - - name: short sha + + - name: Set output id: vars - run: echo "::set-output name=sha::$(git rev-parse --short HEAD)" + run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} + + - name: Check output + env: + RELEASE_VERSION: ${{ steps.vars.outputs.tag }} + run: | + echo $RELEASE_VERSION + echo ${{ steps.vars.outputs.tag }} + + # - name: short sha + # id: vars + # run: echo "::set-output name=sha::$(git rev-parse --short HEAD)" - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role - aws-region: ${{ env.AWS_REGION }} + # - name: Configure AWS credentials + # uses: aws-actions/configure-aws-credentials@v1 + # with: + # role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role + # aws-region: ${{ env.AWS_REGION }} - # gather metadata from git & github actions to reference in docker - - name: git & github metadata - id: metadata - uses: docker/metadata-action@v3 - with: - images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }} + # # gather metadata from git & github actions to reference in docker + # - name: git & github metadata + # id: metadata + # uses: docker/metadata-action@v3 + # with: + # images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }} - # login in docker repository - - name: docker login - uses: aws-actions/amazon-ecr-login@v1 + # # login in docker repository + # - name: docker login + # uses: aws-actions/amazon-ecr-login@v1 - # build a docker image - - name: docker & push image - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile - push: true - tags: | - ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:latest - ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:${{ steps.vars.outputs.sha }} + # # build a docker image + # - name: docker & push image + # uses: docker/build-push-action@v2 + # with: + # context: . + # file: ./Dockerfile + # push: true + # tags: | + # ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:latest + # ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:${{ steps.vars.outputs.sha }} - # deploy to AWS ECS - - name: Deploy to Amazon ECS - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json - service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECS_CLUSTER }} - wait-for-service-stability: true + # # deploy to AWS ECS + # - name: Deploy to Amazon ECS + # uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + # with: + # task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json + # service: ${{ env.ECS_SERVICE }} + # cluster: ${{ env.ECS_CLUSTER }} + # wait-for-service-stability: true \ No newline at end of file From e0b4c40d220fa48d7cbc10d29f15879ce7856382 Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 12:29:28 -0400 Subject: [PATCH 14/15] testing tags var --- .github/workflows/build-deploy-prod.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 9f93553..6027cb2 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -31,16 +31,12 @@ jobs: - name: checkout uses: actions/checkout@v2 - - name: Set output - id: vars - run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} - - - name: Check output - env: - RELEASE_VERSION: ${{ steps.vars.outputs.tag }} + - name: Set env + run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV + - name: Test run: | echo $RELEASE_VERSION - echo ${{ steps.vars.outputs.tag }} + echo ${{ env.RELEASE_VERSION }} # - name: short sha # id: vars From 0d36e9ee6c1403fb4ae08aeff03c86e310c5942f Mon Sep 17 00:00:00 2001 From: Priom Chowdhury Date: Fri, 28 Oct 2022 12:43:35 -0400 Subject: [PATCH 15/15] gh action workflow completed --- .github/workflows/build-deploy-prod.yml | 86 +++++++++++-------------- 1 file changed, 39 insertions(+), 47 deletions(-) diff --git a/.github/workflows/build-deploy-prod.yml b/.github/workflows/build-deploy-prod.yml index 6027cb2..4f14a7c 100644 --- a/.github/workflows/build-deploy-prod.yml +++ b/.github/workflows/build-deploy-prod.yml @@ -5,10 +5,9 @@ name: Build & Deploy PROD on: push: - branches: - - fix/ci - # release: - # types: [published] + tags: + - 'v*' + workflow_dispatch: env: AWS_REGION: ${{ secrets.AWS_REGION }} @@ -31,51 +30,44 @@ jobs: - name: checkout uses: actions/checkout@v2 - - name: Set env - run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - name: Test - run: | - echo $RELEASE_VERSION - echo ${{ env.RELEASE_VERSION }} + - name: Set output + id: vars + run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} - # - name: short sha - # id: vars - # run: echo "::set-output name=sha::$(git rev-parse --short HEAD)" + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role + aws-region: ${{ env.AWS_REGION }} - # - name: Configure AWS credentials - # uses: aws-actions/configure-aws-credentials@v1 - # with: - # role-to-assume: arn:aws:iam::${{ env.AWS_ACCOUNT_ID }}:role/github-actions-role - # aws-region: ${{ env.AWS_REGION }} + # gather metadata from git & github actions to reference in docker + - name: git & github metadata + id: metadata + uses: docker/metadata-action@v3 + with: + images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }} - # # gather metadata from git & github actions to reference in docker - # - name: git & github metadata - # id: metadata - # uses: docker/metadata-action@v3 - # with: - # images: ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.AWS_ECR_REPO }} + # login in docker repository + - name: docker login + uses: aws-actions/amazon-ecr-login@v1 - # # login in docker repository - # - name: docker login - # uses: aws-actions/amazon-ecr-login@v1 - - # # build a docker image - # - name: docker & push image - # uses: docker/build-push-action@v2 - # with: - # context: . - # file: ./Dockerfile - # push: true - # tags: | - # ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:latest - # ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:${{ steps.vars.outputs.sha }} - - # # deploy to AWS ECS - # - name: Deploy to Amazon ECS - # uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - # with: - # task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json - # service: ${{ env.ECS_SERVICE }} - # cluster: ${{ env.ECS_CLUSTER }} - # wait-for-service-stability: true + # build a docker image + - name: docker & push image + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + push: true + tags: | + ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:latest + ${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com/${{ env.ECR_REPO }}:${{ steps.vars.outputs.tag }} + + # deploy to AWS ECS + - name: Deploy to Amazon ECS + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: infra/aws-ecs/task_definition_${{ env.ENVIRONMENT }}.json + service: ${{ env.ECS_SERVICE }} + cluster: ${{ env.ECS_CLUSTER }} + wait-for-service-stability: true \ No newline at end of file