Deploy to AWS - EC2 #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS - EC2 | |
| on: | |
| workflow_dispatch: | |
| env: | |
| AWS_REGION: il-central-1 | |
| PROJECT: T17 | |
| BUCKET: 8400-igs-prod | |
| jobs: | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: free disk space | |
| run: | | |
| sudo swapoff -a | |
| sudo rm -f /swapfile | |
| sudo apt clean | |
| docker rmi $(docker image ls -aq) | |
| df -h | |
| - name: Launch new EC2 instance from template | |
| id: launch_ec2 | |
| run: | | |
| VERSION=$(cat ${{ env.PROJECT }}/publication-request.json| jq -r .version) | |
| INSTANCE_ID=$(aws ec2 run-instances --launch-template LaunchTemplateName=IGPublisher \ | |
| --tag-specifications 'ResourceType=instance,Tags=[{Key=proj,Value=${{ env.PROJECT }}-Prod},{Key=Name,Value=${{ env.PROJECT }}-'$VERSION'}]' \ | |
| --query 'Instances[0].InstanceId' --output text) | |
| echo "INSTANCE_ID=$INSTANCE_ID" >> $GITHUB_ENV | |
| - name: Wait for new EC2 instance to be running | |
| run: | | |
| aws ec2 wait instance-running --instance-ids ${{ env.INSTANCE_ID }} | |
| - name: Get new EC2 instance public DNS | |
| run: | | |
| PUBLIC_DNS=$(aws ec2 describe-instances --instance-ids ${{ env.INSTANCE_ID }} --query 'Reservations[0].Instances[0].PublicDnsName' --output text) | |
| echo "PUBLIC_DNS=$PUBLIC_DNS" >> $GITHUB_ENV | |
| - name: clone repos ig-history & ig-registry | |
| run: | | |
| git clone https://github.com/HL7/fhir-ig-history-template.git ig-history | |
| git clone https://github.com/FHIR/ig-registry.git ig-registry | |
| - name: Install jekyll & jre | |
| run: | | |
| sudo rm /etc/apt/sources.list.d/microsoft-prod.list && \ | |
| sudo apt-get update && \ | |
| sudo apt-get install -y curl gnupg ruby-full build-essential && \ | |
| sudo gem install jekyll bundler && \ | |
| sudo apt install default-jre -y | |
| - name: Install sushi | |
| run: | | |
| sudo apt-get install npm -y && \ | |
| sudo apt-get install -y nodejs && \ | |
| sudo npm install -g fsh-sushi -y | |
| - name: Download older versions | |
| run: | | |
| aws s3 sync s3://${{ env.BUCKET }}/${{ env.PROJECT }} ./webroot --region eu-west-1 | |
| if [ -d "./webroot/core" ]; then | |
| versions=$(jq -r '.list[] | select( .version != "current" ) | .version' ./webroot/core/package-list.json) | |
| for version in $versions; do | |
| mkdir "./webroot/$version" | |
| echo "Folder 'webroot/$version' created." | |
| done | |
| else | |
| echo "First Version" | |
| fi | |
| - name: Run Genonce.sh | |
| run: | | |
| # download publisher | |
| mkdir ./${{ env.PROJECT }}/input-cache/ && \ | |
| curl -L https://github.com/HL7/fhir-ig-publisher/releases/latest/download/publisher.jar -o "./${{ env.PROJECT }}/input-cache/publisher.jar" | |
| # run genonce.sh | |
| chmod +x ./${{ env.PROJECT }}/_genonce.sh && \ | |
| cd ${{ env.PROJECT }} && \ | |
| ./_genonce.sh | |
| - name: Publish Version | |
| run: | | |
| java -Xms512m -Xmx4g -XX:+UseG1GC -jar ./${{ env.PROJECT }}/input-cache/publisher.jar -go-publish -no-sushi -source ./${{ env.PROJECT }} -web ./webroot -registry ./ig-registry/fhir-ig-list.json -history ./ig-history -templates ./webroot/templates | |
| - name: Convert project name to lowercase | |
| id: set-lowercase-project | |
| run: | | |
| # Extract the destination value using jq | |
| publish=$(jq -r '.["layout-rules"][0].destination' "webroot/publish-setup.json") | |
| # Set environment variables | |
| echo "SRC=$publish" >> $GITHUB_ENV | |
| - name: Deploy application to new EC2 instance using SSH | |
| uses: easingthemes/ssh-deploy@main | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| REMOTE_USER: ec2-user | |
| REMOTE_HOST: ${{ env.PUBLIC_DNS }} | |
| TARGET: /var/www/html/${{ env.SRC }} | |
| SOURCE: ./webroot/${{ env.SRC }}/ | |
| SCRIPT_BEFORE: | | |
| whoami | |
| ls -al /var/www | |
| df -h | |
| SCRIPT_AFTER: | | |
| whoami | |
| ls -al /var/www/html | |
| df -h | |
| echo $RSYNC_STDOUT | |
| - name: Copy version to S3 | |
| run: | | |
| aws s3 sync ./webroot s3://${{ env.BUCKET }}/${{ env.PROJECT }} --region eu-west-1 | |
| - name: Get Target Group ARN | |
| id: get_target_group_arn | |
| run: | | |
| TARGET_GROUP_NAME="${{ env.PROJECT }}-prod-tg" | |
| TARGET_GROUP_ARN=$(aws elbv2 describe-target-groups --names $TARGET_GROUP_NAME --query "TargetGroups[0].TargetGroupArn" --output text) | |
| echo "TARGET_GROUP_ARN=${TARGET_GROUP_ARN}" >> $GITHUB_ENV | |
| - name: Register and Terminate old EC2 instances with tag proj=${{ env.PROJECT }}-Prod | |
| if: success() | |
| run: | | |
| aws elbv2 register-targets --target-group-arn ${{ env.TARGET_GROUP_ARN }} --targets Id=${{ env.INSTANCE_ID }} | |
| OLD_INSTANCE_IDS=$(aws ec2 describe-instances \ | |
| --filters "Name=tag:proj,Values=${{ env.PROJECT }}-Prod" "Name=instance-state-name,Values=running" \ | |
| --query 'Reservations[*].Instances[?InstanceId!=`${{ env.INSTANCE_ID }}`].[InstanceId]' \ | |
| --output text) | |
| if [ -n "$OLD_INSTANCE_IDS" ]; then | |
| aws ec2 terminate-instances --instance-ids $OLD_INSTANCE_IDS | |
| echo "Terminating old instances: $OLD_INSTANCE_IDS" | |
| else | |
| echo "No old running instances found with the specified tag." | |
| fi | |
| - name: Terminate new EC2 instance if any previous step fails | |
| if: failure() | |
| run: | | |
| aws ec2 terminate-instances --instance-ids ${{ env.INSTANCE_ID }} |