forked from inflection-zone/rean-admin
-
Notifications
You must be signed in to change notification settings - Fork 1
165 lines (137 loc) · 5.81 KB
/
uat-ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
# This workflow will trigger pull requests and apply a label based on the
# paths that are modified in the pull request.
#
# To use this workflow, you will need to set up a .github/labeler.yml
# file with configuration. For more information, see:
# https://github.com/actions/labeler
name: UAT-CI-CD
# Controls when the workflow will run
on:
# Triggers the workflow on push events but only for the develop branch
# pull_request:
# branches: main
push:
branches:
- 'release/**'
- '!release/aha**' # excludes master
jobs:
CodeScan-ESLint:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
# - name: Lint Code Base
# uses: docker://ghcr.io/github/super-linter:latest
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# LINTER_RULES_PATH: /
# TYPESCRIPT_ES_CONFIG_FILE: .eslintrc.json
# VALIDATE_TYPESCRIPT_ES: true
# VALIDATE_ALL_CODEBASE: false
# DEFAULT_BRANCH: main
Label_Checks:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Check labels
if: ${{ github.event_name == 'pull_request' }}
uses: docker://agilepathway/pull-request-label-checker:latest
with:
one_of: major,minor,patch
repo_token: ${{ secrets.GITHUB_TOKEN }}
Deploy-ECS:
if: ${{ github.event_name == 'push' }}
environment: uat
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Declare some variables
id: vars
shell: bash
run: |
echo "branch=$(echo ${GITHUB_REF#refs/heads/} | sed "s/\\//-/g")" >> $GITHUB_OUTPUT
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "repo_name=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}')" >> $GITHUB_OUTPUT
- name: Another step
run: |
echo "Branch: ${{ steps.vars.outputs.branch }}"
echo "Sha: ${{ steps.vars.outputs.sha_short }}"
echo "Repo: ${{ steps.vars.outputs.repo_name }}"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Copy env file
run: aws s3 cp s3://${{ secrets.ENV_FILE_BUCKET_PATH }}/.env ./.env
- name: Copy constant file
run: aws s3 cp s3://${{ secrets.CONSTANT_FILE_BUCKET_PATH }}/constants.ts ./src/lib
- name: Copy constant file
run: aws s3 cp s3://${{ secrets.FAVICON_FILE_BUCKET }}/favicon.png ./static/favicon.png
- name: Build and push
id: docker_build
uses: docker/build-push-action@v3
with:
context: ./
file: ./Dockerfile
builder: ${{ steps.buildx.outputs.name }}
build-args: |
ORIGIN=${{ env.ORIGIN }}
ENVIRONMENT=uat
push: true
tags: ${{ steps.login-ecr.outputs.registry }}/rean-admin-portal:${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
- name: Download task definition
run: |
aws ecs describe-task-definition --task-definition ${{ secrets.TASK_DEFINTION_NAME }} \
--query taskDefinition > task-definition.json
- name: New image ID in the Amazon ECS task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: default
image: ${{ steps.login-ecr.outputs.registry }}/rean-admin-portal:${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
wait-for-service-stability: true
- name: Task Definition Variable
id: taskdefintionvar
shell: bash
run: |
# echo "::set-output name=task_definition_arn::$(aws ecs describe-task-definition --task-definition ${{ secrets.TASK_DEFINTION_NAME }} | jq '.[] | .taskDefinitionArn')"
echo "task_definition_arn=$(aws ecs describe-task-definition --task-definition ${{ secrets.TASK_DEFINTION_NAME }} | jq '.[] | .taskDefinitionArn')" >> $GITHUB_OUTPUT
- name: Task Defintion ARN
run: |
echo "Task Defintion: ${{ steps.taskdefintionvar.outputs.task_definition_arn }}"
- name: Deploy Amazon ECS task definition using Duplo API
uses: fjogeleit/http-request-action@master
with:
url: 'https://reanfoundation.duplocloud.net/subscriptions/${{ secrets.DUPLO_ID }}/UpdateEcsService'
method: 'POST'
data: '{"TaskDefinition":${{ steps.taskdefintionvar.outputs.task_definition_arn }},"Name": "${{ secrets.SERVICE_NAME }}","Replicas":1, "HealthCheckGracePeriodSeconds": 1200, "DnsPrfx": ""}'
bearerToken: ${{ secrets.DUPLOCLOUD_TOKEN }}