Merge pull request #106 from REAN-Foundation/bug_fixes #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will trigger pull requests and apply a label based on the | |
# paths that are modified in the pull request. | |
# | |
# To use this workflow, you will need to set up a .github/labeler.yml | |
# file with configuration. For more information, see: | |
# https://github.com/actions/labeler | |
name: UAT-CI-CD | |
# Controls when the workflow will run | |
on: | |
# Triggers the workflow on push events but only for the develop branch | |
# pull_request: | |
# branches: main | |
push: | |
branches: | |
- 'release/**' | |
- '!release/aha**' # excludes master | |
jobs: | |
CodeScan-ESLint: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
# - name: Lint Code Base | |
# uses: docker://ghcr.io/github/super-linter:latest | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# LINTER_RULES_PATH: / | |
# TYPESCRIPT_ES_CONFIG_FILE: .eslintrc.json | |
# VALIDATE_TYPESCRIPT_ES: true | |
# VALIDATE_ALL_CODEBASE: false | |
# DEFAULT_BRANCH: main | |
Label_Checks: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Check labels | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: docker://agilepathway/pull-request-label-checker:latest | |
with: | |
one_of: major,minor,patch | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
Deploy-ECS: | |
if: ${{ github.event_name == 'push' }} | |
environment: uat | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Declare some variables | |
id: vars | |
shell: bash | |
run: | | |
echo "branch=$(echo ${GITHUB_REF#refs/heads/} | sed "s/\\//-/g")" >> $GITHUB_OUTPUT | |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
echo "repo_name=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}')" >> $GITHUB_OUTPUT | |
- name: Another step | |
run: | | |
echo "Branch: ${{ steps.vars.outputs.branch }}" | |
echo "Sha: ${{ steps.vars.outputs.sha_short }}" | |
echo "Repo: ${{ steps.vars.outputs.repo_name }}" | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Copy env file | |
run: aws s3 cp s3://${{ secrets.ENV_FILE_BUCKET_PATH }}/.env ./.env | |
- name: Copy constant file | |
run: aws s3 cp s3://${{ secrets.CONSTANT_FILE_BUCKET_PATH }}/constants.ts ./src/lib | |
- name: Copy constant file | |
run: aws s3 cp s3://${{ secrets.FAVICON_FILE_BUCKET }}/favicon.png ./static/favicon.png | |
- name: Build and push | |
id: docker_build | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./ | |
file: ./Dockerfile | |
builder: ${{ steps.buildx.outputs.name }} | |
build-args: | | |
ORIGIN=${{ env.ORIGIN }} | |
ENVIRONMENT=uat | |
push: true | |
tags: ${{ steps.login-ecr.outputs.registry }}/rean-admin-portal:${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
- name: Image digest | |
run: echo ${{ steps.docker_build.outputs.digest }} | |
- name: Download task definition | |
run: | | |
aws ecs describe-task-definition --task-definition ${{ secrets.TASK_DEFINTION_NAME }} \ | |
--query taskDefinition > task-definition.json | |
- name: New image ID in the Amazon ECS task definition | |
id: task-def | |
uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
with: | |
task-definition: task-definition.json | |
container-name: default | |
image: ${{ steps.login-ecr.outputs.registry }}/rean-admin-portal:${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }} | |
- name: Deploy Amazon ECS task definition | |
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
with: | |
task-definition: ${{ steps.task-def.outputs.task-definition }} | |
wait-for-service-stability: true | |
- name: Task Definition Variable | |
id: taskdefintionvar | |
shell: bash | |
run: | | |
# echo "::set-output name=task_definition_arn::$(aws ecs describe-task-definition --task-definition ${{ secrets.TASK_DEFINTION_NAME }} | jq '.[] | .taskDefinitionArn')" | |
echo "task_definition_arn=$(aws ecs describe-task-definition --task-definition ${{ secrets.TASK_DEFINTION_NAME }} | jq '.[] | .taskDefinitionArn')" >> $GITHUB_OUTPUT | |
- name: Task Defintion ARN | |
run: | | |
echo "Task Defintion: ${{ steps.taskdefintionvar.outputs.task_definition_arn }}" | |
- name: Deploy Amazon ECS task definition using Duplo API | |
uses: fjogeleit/http-request-action@master | |
with: | |
url: 'https://reanfoundation.duplocloud.net/subscriptions/${{ secrets.DUPLO_ID }}/UpdateEcsService' | |
method: 'POST' | |
data: '{"TaskDefinition":${{ steps.taskdefintionvar.outputs.task_definition_arn }},"Name": "${{ secrets.SERVICE_NAME }}","Replicas":1, "HealthCheckGracePeriodSeconds": 1200, "DnsPrfx": ""}' | |
bearerToken: ${{ secrets.DUPLOCLOUD_TOKEN }} |