-
Notifications
You must be signed in to change notification settings - Fork 8
138 lines (118 loc) · 4.65 KB
/
run_deploy_dev.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: deploy_to_dev
on:
pull_request:
branches:
- develop
types:
- "closed"
workflow_call:
inputs:
COMMIT_HASH:
required: true
type: string
IMAGE_PREFIX:
required: true
type: string
IMAGE_TAG:
required: true
type: string
permissions:
id-token: write
contents: read
issues: write
jobs:
run_migration:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
env:
TASK_DEFINITION: migration
ECS_CLUSTER_NAME: cmiml-dev
ECS_SERVICE_NAME: migration
AWS_REGION : "us-east-1"
IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
steps:
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: arn:aws:iam::917902836630:role/cmiml-devops-oidc-github-role
role-session-name: OIDC-GHA-session
aws-region: ${{ env.AWS_REGION }}
- name: Download task definition
run: |
aws ecs describe-task-definition --task-definition ${{ env.TASK_DEFINITION }} > task-definition.json
- name: Render Amazon ECS task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
image: $IMAGE_TAG
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
cluster: ${{ env.ECS_CLUSTER_NAME }}
deploy_to_ecs:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
needs: run_migration
env:
TASK_FAMILY_PREFIX: backend
ECS_CLUSTER_NAME: cmiml-dev
ECS_SERVICE_NAME: backend
ECR_REPO: 917902836630.dkr.ecr.us-east-1.amazonaws.com
IMAGE_PREFIX: ${{ inputs.COMMIT_HASH }}
COMMIT_HASH: ${{ inputs.IMAGE_PREFIX }}
AWS_REGION : "us-east-1"
steps:
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::017925157769:role/cmiml-dev-oidc-github-role
role-session-name: OIDC-GHA-session
aws-region: ${{ env.AWS_REGION }}
- name: change image and register task definitions
run: |
NEW_IMAGE=${IMAGE_PREFIX/\//-}-$(echo $COMMIT_HASH | cut -c1-5)
for app in api worker scheduler; do
export NEW_TASK_DEFINITION=$(aws ecs describe-task-definition --task-definition ${TASK_FAMILY_PREFIX}_${app} --region ${AWS_REGION} | jq --arg IMAGE "$ECR_REPO:$NEW_IMAGE" '.taskDefinition | .containerDefinitions[0].image = $IMAGE | del(.taskDefinitionArn) | del(.revision) | del(.status) | del(.requiresAttributes) | del(.compatibilities) | del(.registeredAt) | del(.registeredBy)')
aws ecs register-task-definition --region ${AWS_REGION} --cli-input-json "$NEW_TASK_DEFINITION"
done
- name: update services
run: |
for app in scheduler worker; do
aws ecs update-service --cluster ${ECS_CLUSTER_NAME} --service ${ECS_SERVICE_NAME}-${app} --task-definition ${TASK_FAMILY_PREFIX}_${app}
done
#this step is separate because api sarvice and task definition names are different, need to be changed
aws ecs update-service --cluster ${ECS_CLUSTER_NAME} --service ${ECS_SERVICE_NAME} --task-definition ${TASK_FAMILY_PREFIX}_api
on-failure:
runs-on: ubuntu-latest
if: ${{ always() && (needs.deploy_to_ecs.result == 'failure' || needs.deploy_to_ecs.result == 'timed_out') }}
needs:
- deploy_to_ecs
steps:
- uses: actions/checkout@v4
- name: "Send Slack message on failure"
uses: rtCamp/action-slack-notify@v2
env:
SLACK_COLOR: failure
SLACK_WEBHOOK: ${{ secrets.DEV_SLACK_WEBHOOK }}
SLACK_CHANNEL: gha-deploy-to-dev
SLACK_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
SLACK_TITLE: Deployment to DEV environment
SLACK_MESSAGE: 'Error when executing deployment!'
on-success:
runs-on: ubuntu-latest
if: ${{ always() && (needs.deploy_to_ecs.result == 'success') }}
needs:
- deploy_to_ecs
steps:
- uses: actions/checkout@v4
- name: "Send Slack message on success"
uses: rtCamp/action-slack-notify@v2
env:
SLACK_COLOR: success
SLACK_WEBHOOK: ${{ secrets.DEV_SLACK_WEBHOOK }}
SLACK_CHANNEL: gha-deploy-to-dev
SLACK_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
SLACK_TITLE: Deployment to DEV environment
SLACK_MESSAGE: 'Deployment is successfull!'