added steps to trigger ECS task #721
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: run_build | ||
| on: [push, pull_request] | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| issues: write | ||
| env: | ||
| GITHUB_ORGANIZATION: ${{ github.repository_owner }} | ||
| GITHUB_REPO_NAME: ${{ github.event.repository.name }} | ||
| GITHUB_BRANCH_OR_TAG: ${{ github.ref_name }} | ||
| GITHUB_REF: ${{ github.ref }} | ||
| BUILD_NAME: ${{github.event_name}} | ||
| BUILD_NUMBER: ${{github.run_id}} | ||
| ECR_ADDRESS: 917902836630.dkr.ecr.us-east-1.amazonaws.com | ||
| OUT_DIR: ./out | ||
| AWS_REGION : "us-east-1" | ||
| ECR_REPO: 917902836630.dkr.ecr.us-east-1.amazonaws.com/api-server | ||
| jobs: | ||
| build_job: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v2 | ||
| - name: configure aws credentials | ||
| uses: aws-actions/configure-aws-credentials@v3 | ||
| with: | ||
| role-to-assume: arn:aws:iam::917902836630:role/cmiml-devops-oidc-github-role | ||
| role-session-name: OIDC-GHA-session | ||
| aws-region: ${{ env.AWS_REGION }} | ||
| - name: Get secrets by name and by ARN | ||
| uses: aws-actions/aws-secretsmanager-get-secrets@v2 | ||
| with: | ||
| parse-json-secrets: true | ||
| secret-ids: | | ||
| ,cmiml-devops | ||
| - name: Extract Jira ticket numbers from commit message | ||
| run: | | ||
| tickets=$(git log -1 --pretty=%B | grep -io 'M2-[0-9]\+' | tr '[:lower:]' '[:upper:]' | sort | uniq | tr '\n' ' ') | ||
| if [ -z "$tickets" ]; then | ||
| echo "No Jira tickets found in the latest commit message." | ||
| else | ||
| echo "Jira ticket numbers found: ${tickets}" | ||
| if [ "${GITHUB_BRANCH_OR_TAG}" != "develop" ]; then | ||
| echo "Skipping saving Jira ticket numbers to a file because the branch is not develop" | ||
| else | ||
| file="${OUT_DIR}/jira-tickets.json" | ||
| echo "{ \"issues\": $(echo "${tickets}" | jq -R -s -c 'split(" ")[:-1]') }" > "${file}" | ||
| echo "Jira ticket numbers saved to ${file}" | ||
| fi | ||
| fi | ||
| - name: Build image for ECR | ||
| run: | | ||
| docker build -t ${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} -f ./compose/fastapi/Dockerfile . | ||
| docker tag ${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} ${ECR_ADDRESS}/${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} | ||
| - name: Push image to ECR | ||
| run: | | ||
| aws ecr get-login-password | docker login --username AWS --password-stdin ${ECR_ADDRESS} | ||
| docker push ${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} | ||
| - name: Upload artifacts | ||
| uses: actions/upload-artifact@v2 | ||
| with: | ||
| name: build-artifacts | ||
| path: | | ||
| ${GITHUB_REPO_NAME}/${OUT_DIR}/build.yml | ||
| ${GITHUB_REPO_NAME}/${OUT_DIR}/jira-tickets.json | ||
| deploy_to_dev: | ||
| needs: build_job | ||
| uses: ChildMindInstitute/mindlogger-backend-refactor/.github/workflows/run_deploy_dev.yaml@develop | ||
| with: | ||
| COMMIT_HASH: ${{ github.sha }} | ||
| IMAGE_PREFIX: ${{ github.ref_name }} | ||
| IMAGE_TAG: ${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} | ||
| deploy_to_uat: | ||
| needs: build_job | ||
| uses: ChildMindInstitute/mindlogger-backend-refactor/.github/workflows/run_deploy_uat.yaml@develop | ||
| with: | ||
| COMMIT_HASH: ${{ github.sha }} | ||
| IMAGE_PREFIX: ${{ github.ref_name }} | ||
| deploy_to_test: | ||
| needs: build_job | ||
| uses: ChildMindInstitute/mindlogger-backend-refactor/.github/workflows/run_deploy_test.yaml@develop | ||
| with: | ||
| COMMIT_HASH: ${{ github.sha }} | ||
| IMAGE_PREFIX: ${{ github.ref_name }} | ||
