v0.20.0 #51
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Deployment | |
| on: | |
| release: | |
| types: [published] | |
| jobs: | |
| build-release-image: | |
| permissions: | |
| id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| - name: AWS credentials configuration | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}} | |
| role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image | |
| aws-region: us-east-1 | |
| - name: Amazon ECR login | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag, and push image to Amazon ECR | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| ECR_REPOSITORY: agr_mati | |
| run: | | |
| docker build --build-arg OVERWRITE_VERSION=${{ github.event.release.tag_name }} -t $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.event.release.tag_name }} . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.event.release.tag_name }} | |
| build-deploy-maven-central-package: | |
| needs: [build-release-image] | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| - name: Set up Maven Central Repository | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| server-id: ossrh | |
| server-username: MAVEN_USERNAME | |
| server-password: MAVEN_PASSWORD | |
| - name: Set Proper version | |
| run: mvn versions:set -ntp -DnewVersion=${{ github.event.release.tag_name }} | |
| - id: install-secret-key | |
| name: Install gpg secret key | |
| run: | | |
| cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import | |
| gpg --list-secret-keys --keyid-format LONG | |
| - name: Publish package | |
| run: mvn -ntp --batch-mode deploy -DskipITs=true | |
| env: | |
| MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
| MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} | |
| generate-deployment-package: | |
| needs: [build-release-image] | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| - name: Save mati app version to be deployed in EB env variables through config file | |
| run: | | |
| cat .ebextensions/version.config | |
| sed -i.bak "s/0.0.0/${{ github.event.release.tag_name }}/g" .ebextensions/version.config | |
| cat .ebextensions/version.config | |
| - name: Generate deployment package | |
| run: zip -r ${{ github.event.release.tag_name }}.zip docker-compose.yml .ebextensions/ | |
| - name: Store deployment package in cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ github.event.release.tag_name }}.zip | |
| key: ${{github.workflow}}.${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deployment-zip | |
| deploy-to-production: | |
| if: github.event.release.prerelease == false | |
| permissions: | |
| id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions | |
| needs: [generate-deployment-package] | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Slack Notification | |
| uses: tokorom/action-slack-incoming-webhook@main | |
| env: | |
| INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| with: | |
| text: "Auto Deployment to mati production initiated" | |
| attachments: | | |
| [ | |
| { | |
| "color": "good", | |
| "author_name": "${{ github.actor }}", | |
| "author_icon": "${{ github.event.sender.avatar_url }}", | |
| "fields": [ | |
| { | |
| "title": "GitHub Actions URL", | |
| "value": "${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" | |
| } | |
| ] | |
| } | |
| ] | |
| - name: Fetch deployment package from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ github.event.release.tag_name }}.zip | |
| key: ${{github.workflow}}.${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deployment-zip | |
| - name: AWS credentials configuration | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}} | |
| role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deploy-production | |
| aws-region: us-east-1 | |
| - name: Deploy to EB | |
| uses: einaregilsson/beanstalk-deploy@v22 | |
| with: | |
| aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }} | |
| aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| aws_session_token: ${{ env.AWS_SESSION_TOKEN }} | |
| application_name: mati-app | |
| environment_name: mati-production | |
| version_label: ${{ github.event.release.tag_name }} | |
| deployment_package: ${{ github.event.release.tag_name }}.zip | |
| use_existing_version_if_available: true | |
| region: us-east-1 | |
| - name: Slack Notification | |
| uses: tokorom/action-slack-incoming-webhook@main | |
| env: | |
| INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| with: | |
| text: "Deployment of release ${{ github.event.release.tag_name }} to mati production completed! :tada:" | |
| attachments: | | |
| [ | |
| { | |
| "color": "good", | |
| "author_name": "${{ github.actor }}", | |
| "author_icon": "${{ github.event.sender.avatar_url }}", | |
| "fields": [ | |
| { | |
| "title": "Commit Message", | |
| "value": "${{ env.COMMIT_MESSAGE }}" | |
| }, | |
| { | |
| "title": "Deployment URL", | |
| "value": "https://mati.alliancegenome.org/q/swagger-ui/index.html" | |
| } | |
| ] | |
| } | |
| ] | |
| deploy-to-beta: | |
| if: github.event.release.prerelease == true | |
| permissions: | |
| id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions | |
| needs: [generate-deployment-package] | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Slack Notification | |
| uses: tokorom/action-slack-incoming-webhook@main | |
| env: | |
| INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| with: | |
| text: "Auto Deployment to mati beta initiated" | |
| attachments: | | |
| [ | |
| { | |
| "color": "good", | |
| "author_name": "${{ github.actor }}", | |
| "author_icon": "${{ github.event.sender.avatar_url }}", | |
| "fields": [ | |
| { | |
| "title": "GitHub Actions URL", | |
| "value": "${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" | |
| } | |
| ] | |
| } | |
| ] | |
| - name: Fetch deployment package from cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ github.event.release.tag_name }}.zip | |
| key: ${{github.workflow}}.${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deployment-zip | |
| - name: AWS credentials configuration | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}} | |
| role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deploy-beta | |
| aws-region: us-east-1 | |
| - name: Deploy to EB | |
| uses: einaregilsson/beanstalk-deploy@v22 | |
| with: | |
| aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }} | |
| aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| aws_session_token: ${{ env.AWS_SESSION_TOKEN }} | |
| application_name: mati-app | |
| environment_name: mati-beta | |
| version_label: ${{ github.event.release.tag_name }} | |
| deployment_package: ${{ github.event.release.tag_name }}.zip | |
| use_existing_version_if_available: true | |
| region: us-east-1 | |
| - name: Slack Notification | |
| uses: tokorom/action-slack-incoming-webhook@main | |
| env: | |
| INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| with: | |
| text: "Deployment of release ${{ github.event.release.tag_name }} to mati beta completed! :tada:" | |
| attachments: | | |
| [ | |
| { | |
| "color": "good", | |
| "author_name": "${{ github.actor }}", | |
| "author_icon": "${{ github.event.sender.avatar_url }}", | |
| "fields": [ | |
| { | |
| "title": "Commit Message", | |
| "value": "${{ env.COMMIT_MESSAGE }}" | |
| }, | |
| { | |
| "title": "Deployment URL", | |
| "value": "https://beta-mati.alliancegenome.org/q/swagger-ui/index.html" | |
| } | |
| ] | |
| } | |
| ] |