Skip to content

Merge branch 'main' of https://github.com/iftt-jonathan/jwt-pizza-ser… #12

Merge branch 'main' of https://github.com/iftt-jonathan/jwt-pizza-ser…

Merge branch 'main' of https://github.com/iftt-jonathan/jwt-pizza-ser… #12

Workflow file for this run

name: CI Pipeline
on:
push:
branches:
- main
workflow_dispatch:
jobs:
build:
name: Build
runs-on: ubuntu-latest
outputs:
version: ${{ steps.set_version.outputs.version }}
services:
mysql:
image: mysql:8.0.29
env:
MYSQL_ROOT_PASSWORD: tempdbpassword
MYSQL_DATABASE: pizza
ports:
- "3306:3306"
options: >-
--health-cmd "mysqladmin ping -ptempdbpassword"
--health-interval 10s
--health-start-period 10s
--health-timeout 5s
--health-retries 10
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "20.x"
- name: Install dependencies
run: npm ci
- name: Lint
run: npm run lint
- name: Write config file
run: |
echo "module.exports = {
jwtSecret: '${{ secrets.JWT_SECRET }}',
db: {
connection: {
host: '127.0.0.1',
user: 'root',
password: 'tempdbpassword',
database: 'pizza',
connectTimeout: 60000,
},
listPerPage: 10,
},
factory: {
url: 'https://pizza-factory.cs329.click',
apiKey: '${{ secrets.FACTORY_API_KEY }}',
},
metrics: {
source: 'jwt-pizza-service',
userId: ${{ secrets.METRICS_USER_ID }},
url: '${{ secrets.METRICS_URL }}',
apiKey: '${{ secrets.METRICS_API_KEY }}',
},
};" > src/config.js
- name: Tests
run: npm test
- name: set version
id: set_version
run: |
version=$(date +'%Y%m%d.%H%M%S')
echo "version=$version" >> "$GITHUB_OUTPUT"
printf '{"version": "%s" }' "$version" > src/version.json
- name: Update coverage
run: |
coverage_pct=$(grep -o '"pct":[0-9.]*' coverage/coverage-summary.json | head -n 1 | cut -d ':' -f 2)
color=$(echo "$coverage_pct < 80" | bc -l | awk '{if ($1) print "yellow"; else print "green"}')
curl https://img.shields.io/badge/Coverage-$coverage_pct%25-$color -o coverageBadge.svg
git config user.name github-actions
git config user.email github-actions@github.com
git add .
git commit -m "generated"
git push
- name: Create dist
run: |
mkdir dist
cp Dockerfile dist
cp -r src/* dist
cp *.json dist
sed -i "s/root/${{ secrets.DB_USERNAME }}/g" dist/config.js
sed -i "s/tempdbpassword/${{ secrets.DB_PASSWORD }}/g" dist/config.js
sed -i "s/127.0.0.1/${{ secrets.DB_HOSTNAME }}/g" dist/config.js
- name: Update distribution artifact
uses: actions/upload-artifact@v4
with:
name: package
path: dist/
deploy:
runs-on: ubuntu-latest
permissions:
id-token: write
needs: build
env:
version: ${{needs.build.outputs.version}}
steps:
- name: Download distribution artifact
uses: actions/download-artifact@v4
with:
name: package
- name: Create OIDC token to AWS
uses: aws-actions/configure-aws-credentials@v4
with:
audience: sts.amazonaws.com
aws-region: us-east-1
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/${{ secrets.CI_IAM_ROLE }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Set up machine emulation
uses: docker/setup-qemu-action@v3
- name: Set up Docker build
uses: docker/setup-buildx-action@v3
- name: Build and push container image
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: 'jwt-pizza-service'
run: |
docker build --platform=linux/arm64 -t $ECR_REGISTRY/$ECR_REPOSITORY --push .
echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:latest" >> $GITHUB_OUTPUT
- name: Download task definition
run: |
aws ecs describe-task-definition --region us-east-1 --task-definition jwt-pizza-service --query taskDefinition > task-definition.json
echo $(cat task-definition.json | jq 'del(.taskDefinitionArn, .requiresAttributes, .compatibilities, .revision, .status, .registeredAt, .registeredBy)') > task-definition.json
- name: Create new task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: jwt-pizza-service
image: ${{ steps.build-image.outputs.image }}
- name: Deploy new task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: jwt-pizza-service
cluster: jwt-pizza-service
wait-for-service-stability: false