github-actions(deps): bump aws-actions/amazon-ecs-render-task-definition from c804dfbdd57f713b6c079302a4c01db7017a36fc to f8c43f6ac1655838457eae6236759f09b7b18558 #2399
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Based on https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service | |
| name: PR Updated triggers | |
| on: | |
| pull_request: | |
| types: [labeled, unlabeled, synchronize, closed, reopened] | |
| env: | |
| AWS_REGION: us-east-1 | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| ci: | |
| uses: ./.github/workflows/ci.yml | |
| build-all: | |
| uses: ./.github/workflows/ecrbuild-all.yml | |
| secrets: | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| e2e: | |
| needs: | |
| - build-all | |
| # could theoretically be skipped, but in practice is always faster | |
| # than waiting for the build-all job to finish anyway | |
| - ci | |
| uses: ./.github/workflows/e2e.yml | |
| secrets: | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| deploy-preview: | |
| permissions: write-all | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: | |
| - build-all | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Copy .env file | |
| run: cp ./self-host/.env.example ./self-host/.env | |
| - name: Configure pullpreview | |
| env: | |
| PLATFORM_IMAGE: ${{ needs.build-all.outputs.core-image }} | |
| JOBS_IMAGE: ${{ needs.build-all.outputs.jobs-image }} | |
| MIGRATIONS_IMAGE: ${{ needs.build-all.outputs.base-image }} | |
| run: | | |
| sed -i "s|image: PLATFORM_IMAGE|image: $PLATFORM_IMAGE|" docker-compose.preview.yml | |
| sed -i "s|image: JOBS_IMAGE|image: $JOBS_IMAGE|" docker-compose.preview.yml | |
| sed -i "s|image: MIGRATIONS_IMAGE|image: $MIGRATIONS_IMAGE|" docker-compose.preview.yml | |
| sed -i "s|email [email protected]|email [email protected]|" self-host/caddy/Caddyfile | |
| sed -i "s|example.com|{\$PUBLIC_URL}|" self-host/caddy/Caddyfile | |
| - name: Get ECR token | |
| id: ecrtoken | |
| run: echo "value=$(aws ecr get-login-password --region us-east-1)" >> $GITHUB_OUTPUT | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: "us-east-1" | |
| - uses: pullpreview/action@v5 | |
| with: | |
| label: preview | |
| admins: 3mcd | |
| compose_files: ./self-host/docker-compose.yml,docker-compose.preview.yml | |
| default_port: 443 | |
| instance_type: small | |
| ports: 80,443,9001 | |
| registries: docker://AWS:${{steps.ecrtoken.outputs.value}}@246372085946.dkr.ecr.us-east-1.amazonaws.com | |
| github_token: ${{ secrets.GH_PAT_PR_PREVIEW_CLEANUP }} | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ${{ env.AWS_REGION }} | |
| PULLPREVIEW_LOGGER_LEVEL: DEBUG |