-
Notifications
You must be signed in to change notification settings - Fork 8
95 lines (84 loc) · 3.4 KB
/
run_deploy_dev.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: deploy_to_dev
on:
pull_request:
branches:
- develop
types:
- "closed"
workflow_call:
inputs:
COMMIT_HASH:
required: true
type: string
IMAGE_PREFIX:
required: true
type: string
permissions:
id-token: write
contents: read
issues: write
jobs:
deploy_to_ecs:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
env:
TASK_FAMILY_PREFIX: backend
ECS_CLUSTER_NAME: cmiml-dev
ECS_SERVICE_NAME: backend
ECR_REPO: 917902836630.dkr.ecr.us-east-1.amazonaws.com
IMAGE_PREFIX: ${{ inputs.COMMIT_HASH }}
COMMIT_HASH: ${{ inputs.IMAGE_PREFIX }}
AWS_REGION : "us-east-1"
steps:
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::017925157769:role/cmiml-dev-oidc-github-role
role-session-name: OIDC-GHA-session
aws-region: ${{ env.AWS_REGION }}
- name: change image and register task definitions
run: |
NEW_IMAGE=${IMAGE_PREFIX/\//-}-$(echo $COMMIT_HASH | cut -c1-5)
for app in api worker scheduler; do
export NEW_TASK_DEFINITION=$(aws ecs describe-task-definition --task-definition ${TASK_FAMILY_PREFIX}_${app} --region ${AWS_REGION} | jq --arg IMAGE "$ECR_REPO:$NEW_IMAGE" '.taskDefinition | .containerDefinitions[0].image = $IMAGE | del(.taskDefinitionArn) | del(.revision) | del(.status) | del(.requiresAttributes) | del(.compatibilities) | del(.registeredAt) | del(.registeredBy)')
aws ecs register-task-definition --region ${AWS_REGION} --cli-input-json "$NEW_TASK_DEFINITION"
done
- name: update services
run: |
for app in scheduler worker; do
aws ecs update-service --cluster ${ECS_CLUSTER_NAME} --service ${ECS_SERVICE_NAME}-${app} --task-definition ${TASK_FAMILY_PREFIX}_${app}
done
#this step is separate because api sarvice and task definition names are different, need to be changed
aws ecs update-service --cluster ${ECS_CLUSTER_NAME} --service ${ECS_SERVICE_NAME} --task-definition ${TASK_FAMILY_PREFIX}_api
on-failure:
runs-on: ubuntu-latest
if: ${{ always() && (needs.deploy_to_ecs.result == 'failure' || needs.deploy_to_ecs.result == 'timed_out') }}
needs:
- deploy_to_ecs
steps:
- uses: actions/checkout@v4
- name: "Send Slack message on failure"
uses: rtCamp/action-slack-notify@v2
env:
SLACK_COLOR: failure
SLACK_WEBHOOK: ${{ secrets.DEV_SLACK_WEBHOOK }}
SLACK_CHANNEL: gha-deploy-to-dev
SLACK_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
SLACK_TITLE: Deployment to DEV environment
SLACK_MESSAGE: 'Error when executing deployment!'
on-success:
runs-on: ubuntu-latest
if: ${{ always() && (needs.deploy_to_ecs.result == 'success') }}
needs:
- deploy_to_ecs
steps:
- uses: actions/checkout@v4
- name: "Send Slack message on success"
uses: rtCamp/action-slack-notify@v2
env:
SLACK_COLOR: success
SLACK_WEBHOOK: ${{ secrets.DEV_SLACK_WEBHOOK }}
SLACK_CHANNEL: gha-deploy-to-dev
SLACK_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
SLACK_TITLE: Deployment to DEV environment
SLACK_MESSAGE: 'Deployment is successfull!'