refactor: Update workflow.yaml to use secrets for AWS credentials and… #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuos Integration -Testing, Build and Deploy Backend Catalog Microservice to ECS | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| # Setting an environment variable with the value of a configuration variable | |
| ECR_BACKEND_IMAGE: ${{ secrets.ECR_BACKEND_IMAGE }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
| ECS_CLUSTER: ${{ secrets.ECS_CLUSTER }} | |
| ECS_BACKEND_SERVICE: ${{ secrets.ECS_BACKEND_SERVICE }} | |
| jobs: | |
| continuos-integration: | |
| name: Continuos Integration - Testing and Deploy | |
| runs-on: ubuntu-latest | |
| environment: production-catalog-microservice | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12.X' | |
| - name: Install dependencies with poetry | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install poetry | |
| poetry install | |
| - name: Install libs for testing | |
| run: | | |
| poetry install | |
| - name: Run tests | |
| run: | | |
| poetry run pytest | |
| - name: Set up QEMU for arm64 | |
| run: | | |
| docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | |
| if: runner.os == 'Linux' | |
| - name: Set up Docker for arm64 | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: linux/arm64 | |
| - name: Set up Docker | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| - name: Login to Amazon ECR | |
| run: | | |
| aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com | |
| - name: Build and push Docker image | |
| run: | | |
| docker buildx create --use | |
| docker buildx inspect --bootstrap | |
| docker buildx build --platform linux/arm64 -t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$ECR_BACKEND_IMAGE:latest --push . | |
| - name: Deploy to ECS | |
| uses: imehedi/actions-awscli-v2@latest | |
| with: | |
| args: ecs update-service --cluster $ECS_CLUSTER --service e-commerce-microservice --force-new-deployment | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} |