Browse Source
* CLDC-2565: Push docker images to AWS in staging pipeline * CLDC-2711: Update based on changed resource names * CLDC-2730: Update aws_deploy pipeline to run database migrations * CLDC-2730: Temporarily run aws_deploy on push to this branch * CLDC-2730: Update parameterisation * CLDC-2730: Remove logging used for debugging * CLDC-2731: Deploy application to aws * CLDC-2731: Wait for service stability on deploy * Revert "CLDC-2730: Temporarily run aws_deploy on push to this branch" This reverts commitpull/1932/head8b4904dc7d
. * CLDC-2768: Sidekiq (AWS) (#1899) * feat: update pipeline to deploy sidekiq to aws * feat: update cron schedule to every 5mins temporarily * feat: temporarily run aws_deploy on push to this branch * feat: update aws ecs service name in pipeline * Revert "feat: update cron schedule to every 5mins temporarily" This reverts commit 80d0ab8383fa18e2bacd9ca0fa1a1d4048ef4f10. * Revert "feat: temporarily run aws_deploy on push to this branch" This reverts commit48651712e6
. * style: remove unrequired empty line * feat: reorder pipeline and update sidekiq task definition variable --------- Co-authored-by: Chirag-Bhatti <109098469+Chirag-Bhatti@users.noreply.github.com>
Rachael Booth
1 year ago
committed by
GitHub
2 changed files with 186 additions and 0 deletions
@ -0,0 +1,174 @@
|
||||
name: AWS Deployment |
||||
|
||||
on: |
||||
workflow_call: |
||||
inputs: |
||||
aws_account_id: |
||||
required: true |
||||
type: string |
||||
aws_resource_prefix: |
||||
required: true |
||||
type: string |
||||
environment: |
||||
required: true |
||||
type: string |
||||
|
||||
concurrency: |
||||
group: deploy-${{ inputs.environment }} |
||||
cancel-in-progress: true |
||||
|
||||
env: |
||||
app_repo_role: arn:aws:iam::815624722760:role/core-application-repo |
||||
aws_region: eu-west-2 |
||||
repository: core |
||||
|
||||
jobs: |
||||
push_docker_image: |
||||
name: Push docker image to AWS |
||||
runs-on: ubuntu-latest |
||||
permissions: |
||||
id-token: write |
||||
|
||||
steps: |
||||
- name: Checkout code |
||||
uses: actions/checkout@v3 |
||||
|
||||
- name: Configure AWS credentials |
||||
uses: aws-actions/configure-aws-credentials@v3 |
||||
with: |
||||
aws-region: ${{ env.aws_region }} |
||||
role-to-assume: ${{ env.app_repo_role }} |
||||
|
||||
- name: Login to Amazon ECR |
||||
id: ecr-login |
||||
uses: aws-actions/amazon-ecr-login@v1 |
||||
with: |
||||
mask-password: 'true' |
||||
|
||||
- name: Build, tag, and push docker image to ECR |
||||
id: build-image |
||||
env: |
||||
registry: ${{ steps.ecr-login.outputs.registry }} |
||||
commit_tag: ${{ github.sha }} |
||||
run: | |
||||
docker build -t $registry/$repository:$commit_tag . --target=production |
||||
docker push $registry/$repository:$commit_tag |
||||
|
||||
deploy: |
||||
name: Deploy image |
||||
runs-on: ubuntu-latest |
||||
environment: ${{ inputs.environment }} |
||||
needs: push_docker_image |
||||
|
||||
steps: |
||||
- name: Configure AWS credentials |
||||
uses: aws-actions/configure-aws-credentials@v3 |
||||
with: |
||||
aws-region: ${{ env.aws_region }} |
||||
role-to-assume: ${{ env.app_repo_role }} |
||||
|
||||
- name: Login to Amazon ECR |
||||
id: ecr-login |
||||
uses: aws-actions/amazon-ecr-login@v1 |
||||
with: |
||||
mask-password: 'true' |
||||
|
||||
- name: Get timestamp |
||||
id: timestamp |
||||
run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_ENV |
||||
|
||||
- name: Add environment tag to existing image |
||||
env: |
||||
registry: ${{ steps.ecr-login.outputs.registry }} |
||||
commit_tag: ${{ github.sha }} |
||||
readable_tag: ${{ inputs.environment }}-${{ env.timestamp }} |
||||
run: | |
||||
manifest=$(aws ecr batch-get-image --repository-name $repository --image-ids imageTag=$commit_tag --output text --query images[].imageManifest) |
||||
aws ecr put-image --repository-name $repository --image-tag $readable_tag --image-manifest "$manifest" |
||||
echo "image=$registry/$repository:$readable_tag" >> $GITHUB_ENV |
||||
|
||||
- name: Configure AWS credentials for environment |
||||
uses: aws-actions/configure-aws-credentials@v3 |
||||
with: |
||||
aws-region: ${{ env.aws_region }} |
||||
role-to-assume: arn:aws:iam::${{ inputs.aws_account_id }}:role/${{ inputs.aws_resource_prefix }}-deployment |
||||
role-chaining: true |
||||
|
||||
- name: Download ad hoc task definition |
||||
env: |
||||
ad_hoc_task_definition: ${{ inputs.aws_resource_prefix }}-ad-hoc |
||||
run: | |
||||
aws ecs describe-task-definition --task-definition $ad_hoc_task_definition --query taskDefinition > ad-hoc-task-definition.json |
||||
|
||||
- name: Update image ID |
||||
id: ad-hoc-task-def |
||||
uses: aws-actions/amazon-ecs-render-task-definition@v1 |
||||
with: |
||||
task-definition: ad-hoc-task-definition.json |
||||
container-name: app |
||||
image: ${{ env.image }} |
||||
|
||||
- name: Update ad hoc task definition |
||||
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 |
||||
with: |
||||
task-definition: ${{ steps.ad-hoc-task-def.outputs.task-definition }} |
||||
|
||||
- name: Run migrations task |
||||
env: |
||||
ad_hoc_task_definition: ${{ inputs.aws_resource_prefix }}-ad-hoc |
||||
cluster: ${{ inputs.aws_resource_prefix }} |
||||
service: ${{ inputs.aws_resource_prefix }}-app |
||||
run: | |
||||
network=$(aws ecs describe-services --cluster $cluster --services $service --query services[0].networkConfiguration) |
||||
overrides='{ "containerOverrides" : [{ "name" : "app", "command" : ["bundle", "exec", "rake", "db:migrate"]}]}' |
||||
arn=$(aws ecs run-task --cluster $cluster --task-definition $ad_hoc_task_definition --network-configuration "$network" --overrides "$overrides" --group migrations --launch-type FARGATE --query tasks[0].taskArn) |
||||
echo "Waiting for migration task to complete" |
||||
temp=${arn##*/} |
||||
id=${temp%*\"} |
||||
aws ecs wait tasks-stopped --cluster $cluster --tasks $id |
||||
succeeded=$(aws ecs describe-tasks --cluster $cluster --tasks $id --query "tasks[0].stopCode == 'EssentialContainerExited' && to_string(tasks[0].containers[0].exitCode) == '0'") |
||||
if [ $succeeded == true ]; then exit 0; else exit 1; fi |
||||
|
||||
- name: Download app service task definition |
||||
env: |
||||
app_task_definition: ${{ inputs.aws_resource_prefix }}-app |
||||
run: | |
||||
aws ecs describe-task-definition --task-definition $app_task_definition --query taskDefinition > app-task-definition.json |
||||
|
||||
- name: Update app image ID |
||||
id: app-task-def |
||||
uses: aws-actions/amazon-ecs-render-task-definition@v1 |
||||
with: |
||||
task-definition: app-task-definition.json |
||||
container-name: app |
||||
image: ${{ env.image }} |
||||
|
||||
- name: Deploy updated application |
||||
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 |
||||
with: |
||||
cluster: ${{ inputs.aws_resource_prefix }} |
||||
service: ${{ inputs.aws_resource_prefix }}-app |
||||
task-definition: ${{ steps.app-task-def.outputs.task-definition }} |
||||
wait-for-service-stability: true |
||||
|
||||
- name: Download sidekiq service task definition |
||||
env: |
||||
sidekiq_task_definition: ${{ inputs.aws_resource_prefix }}-sidekiq |
||||
run: | |
||||
aws ecs describe-task-definition --task-definition $sidekiq_task_definition --query taskDefinition > sidekiq-task-definition.json |
||||
|
||||
- name: Update sidekiq image ID |
||||
id: sidekiq-task-def |
||||
uses: aws-actions/amazon-ecs-render-task-definition@v1 |
||||
with: |
||||
task-definition: sidekiq-task-definition.json |
||||
container-name: sidekiq |
||||
image: ${{ env.image }} |
||||
|
||||
- name: Deploy updated sidekiq |
||||
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 |
||||
with: |
||||
cluster: ${{ inputs.aws_resource_prefix }} |
||||
service: ${{ inputs.aws_resource_prefix }}-sidekiq |
||||
task-definition: ${{ steps.sidekiq-task-def.outputs.task-definition }} |
||||
wait-for-service-stability: true |
Loading…
Reference in new issue