Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create GitHub Actions for auto deployment to AWS #66

Merged
merged 10 commits into from
Nov 3, 2024
81 changes: 81 additions & 0 deletions .github/workflows/backend.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
name: Deploy Backend Services

on:
push:
branches: [ 'main' ]
paths: [ 'services/match/**', 'services/question/**', 'services/user/**' ]
pull_request:
branches: [ 'main' ]
types: [ 'opened', 'reopened', 'synchronize']

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout

env:
AWS_REGION: ap-southeast-1
ECS_CLUSTER: backend-cluster

jobs:
deploy:
name: Deploy Backend Service
runs-on: ubuntu-latest
environment: production

strategy:
matrix:
service: [ 'match', 'question', 'user' ]

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Check for changes in ${{ matrix.service }} directory
uses: dorny/paths-filter@v3
id: changes
with:
filters: |
service:
- '.services/${{ matrix.service }}/**'

- name: Exit if no changes found
if: steps.changes.output.service == 'false'
run: exit 0

- name: Configure AWS credentials
id: aws-configure
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
role-to-assume: ${{ secrets.AWS_BACKEND_ROLE }}
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: ${{ env.AWS_REGION }}

- name: Login to AWS ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2.0.1

- name: Build and push ${{ matrix.service }} image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ matrix.service }}
IMAGE_TAG: latest
run: |
echo "Building $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG ./services/${{ matrix.service }}
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

- name: Update AWS Service (${{ matrix.service }}) # Trigger re-deployment with latest image
id: update-service
env:
ECS_SERVICE: ${{ matrix.service }}-service
run: |
echo "Updating $ECS_SERVICE for $ECS_CLUSTER"
aws ecs update-service \
--cluster $ECS_CLUSTER \
--service $ECS_SERVICE \
--force-new-deployment \
--region $AWS_REGION
45 changes: 45 additions & 0 deletions .github/workflows/frontend.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: Deploy Frontend

on:
push:
branches: [ 'main' ]
paths:
# - 'frontend/**' # Only trigger if changes are made in the frontend directory
pull_request:
branches: [ 'main' ]
types: [ 'opened', 'reopened', 'synchronize']

workflow_dispatch:

permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout

env:
AWS_REGION: ap-southeast-1
S3_BUCKET_NAME: app.peerprep.org

jobs:
deploy:
name: Deploy Frontend
runs-on: ubuntu-latest
environment: production

steps:
- uses: actions/checkout@v4

- name: Configure AWS credentials
id: aws-configure
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
role-to-assume: ${{ secrets.AWS_FRONTEND_ROLE }}
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: ${{ env.AWS_REGION }}

- name: Build frontend distribution
working-directory: frontend
run: npm ci && npm run build

- name: Sync distribution to S3
run: |
aws s3 sync ./frontend/dist/frontend/browser/ s3://$S3_BUCKET_NAME --delete
McNaBry marked this conversation as resolved.
Show resolved Hide resolved