-
Notifications
You must be signed in to change notification settings - Fork 0
131 lines (131 loc) · 5.19 KB
/
alpha-build-and-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Main branch Build and Deployment
on:
pull_request:
types: [closed]
branches:
- main
jobs:
build-and-push-docker-image:
if: github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'no-deploy')
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-20.04
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Store release tag in env
id: vars
shell: bash
run: |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
# This step will configure environment variables to be used by all steps
# involving AWS interaction further down
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image
aws-region: us-east-1
- name: Amazon ECR login
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: agr_mati
IMAGE_TAG: ${{ env.tagname }}
run: |
docker build --build-arg OVERWRITE_VERSION=${IMAGE_TAG} -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:${GITHUB_REF#refs/heads/}
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:${GITHUB_REF#refs/heads/}
deploy-to-alpha:
if: github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'no-deploy')
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
needs: [build-and-push-docker-image]
runs-on: ubuntu-20.04
steps:
- name: Slack Notification
uses: tokorom/action-slack-incoming-webhook@main
env:
INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
text: "Auto Deployment to mati-alpha initiated"
attachments: |
[
{
"color": "good",
"author_name": "${{ github.actor }}",
"author_icon": "${{ github.event.sender.avatar_url }}",
"fields": [
{
"title": "GitHub Actions URL",
"value": "${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}"
}
]
}
]
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Store release tag in env
id: vars
shell: bash
run: |
echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
- name: Save mati app version to be deployed in EB env variables through config file
run: |
sed -i.bak "s/0.0.0/${{ env.tagname }}/g" .ebextensions/version.config
echo "Stored version config:"
echo "----------------------"
cat .ebextensions/version.config
- name: Generate deployment package
run: zip -r ${{ env.tagname }}.zip docker-compose.yml .ebextensions/
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deploy
aws-region: us-east-1
- name: Deploy to EB
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws_session_token: ${{ env.AWS_SESSION_TOKEN }}
application_name: mati-app
environment_name: mati-alpha
version_label: ${{ env.tagname }}
deployment_package: ${{ env.tagname }}.zip
use_existing_version_if_available: true
region: us-east-1
- name: Set COMMIT_MESSAGE
run: echo "COMMIT_MESSAGE=${{ github.event.head_commit.message }}" | tr '\n' ' ' >> $GITHUB_ENV
- name: Slack Notification
uses: tokorom/action-slack-incoming-webhook@main
env:
INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
text: "Deployment of mati release ${{ env.tagname }} to alpha completed! :tada:"
attachments: |
[
{
"color": "good",
"author_name": "${{ github.actor }}",
"author_icon": "${{ github.event.sender.avatar_url }}",
"fields": [
{
"title": "Commit Message",
"value": "${{ env.COMMIT_MESSAGE }}"
},
{
"title": "Deployment URL",
"value": "https://alpha-mati.alliancegenome.org"
}
]
}
]