-
Notifications
You must be signed in to change notification settings - Fork 8
99 lines (84 loc) · 3.47 KB
/
run_build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
name: run_build
on: [push, pull_request]
permissions:
id-token: write
contents: read
issues: write
env:
GITHUB_ORGANIZATION: ${{ github.repository_owner }}
GITHUB_REPO_NAME: ${{ github.event.repository.name }}
GITHUB_BRANCH_OR_TAG: ${{ github.ref_name }}
GITHUB_REF: ${{ github.ref }}
BUILD_NAME: ${{github.event_name}}
BUILD_NUMBER: ${{github.run_id}}
ECR_ADDRESS: 917902836630.dkr.ecr.us-east-1.amazonaws.com
OUT_DIR: ./out
AWS_REGION : "us-east-1"
ECR_REPO: 917902836630.dkr.ecr.us-east-1.amazonaws.com/api-server
jobs:
build_job:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: arn:aws:iam::917902836630:role/cmiml-devops-oidc-github-role
role-session-name: OIDC-GHA-session
aws-region: ${{ env.AWS_REGION }}
- name: Get secrets by name and by ARN
uses: aws-actions/aws-secretsmanager-get-secrets@v2
with:
parse-json-secrets: true
secret-ids: |
,cmiml-devops
- name: Extract Jira ticket numbers from commit message
run: |
tickets=$(git log -1 --pretty=%B | grep -io 'M2-[0-9]\+' | tr '[:lower:]' '[:upper:]' | sort | uniq | tr '\n' ' ')
if [ -z "$tickets" ]; then
echo "No Jira tickets found in the latest commit message."
else
echo "Jira ticket numbers found: ${tickets}"
if [ "${GITHUB_BRANCH_OR_TAG}" != "develop" ]; then
echo "Skipping saving Jira ticket numbers to a file because the branch is not develop"
else
file="${OUT_DIR}/jira-tickets.json"
echo "{ \"issues\": $(echo "${tickets}" | jq -R -s -c 'split(" ")[:-1]') }" > "${file}"
echo "Jira ticket numbers saved to ${file}"
fi
fi
- name: Build image for ECR
run: |
docker build -t ${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} -f ./compose/fastapi/Dockerfile .
docker tag ${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5} ${ECR_ADDRESS}/${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5}
- name: Push image to ECR
run: |
aws ecr get-login-password | docker login --username AWS --password-stdin ${ECR_ADDRESS}
docker push ${ECR_REPO}:${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5}
- name: Upload artifacts
uses: actions/upload-artifact@v2
with:
name: build-artifacts
path: |
${GITHUB_REPO_NAME}/${OUT_DIR}/build.yml
${GITHUB_REPO_NAME}/${OUT_DIR}/jira-tickets.json
deploy_to_dev:
needs: build_job
uses: ChildMindInstitute/mindlogger-backend-refactor/.github/workflows/run_deploy_dev.yaml@develop
with:
COMMIT_HASH: ${{ github.sha }}
IMAGE_PREFIX: ${{ github.ref_name }}
IMAGE_TAG: ${GITHUB_BRANCH_OR_TAG/\//-}-${GITHUB_SHA:0:5}
deploy_to_uat:
needs: build_job
uses: ChildMindInstitute/mindlogger-backend-refactor/.github/workflows/run_deploy_uat.yaml@develop
with:
COMMIT_HASH: ${{ github.sha }}
IMAGE_PREFIX: ${{ github.ref_name }}
deploy_to_test:
needs: build_job
uses: ChildMindInstitute/mindlogger-backend-refactor/.github/workflows/run_deploy_test.yaml@develop
with:
COMMIT_HASH: ${{ github.sha }}
IMAGE_PREFIX: ${{ github.ref_name }}