Update ci-cd.yml #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will build docker image and push it to DockerHub, | |
# After that, This wrkflow build and push a new container image to Amazon ECR, | |
# and then will deploy a new task definition to Amazon ECS, when there is a push to the "main" branch. | |
name: CI/CD Pipeline # Name of the CI/CD Pipeline | |
on: | |
push: | |
branches: [ "main" ] # Trigger on push events to the main branch | |
pull_request: | |
branches: [ "main" ] # Trigger on pull requests to the main branch | |
jobs: | |
build-and-deploy: | |
runs-on: ubuntu-latest # Runs on the latest version of Ubuntu | Default operating system environment for workflows unless explicitly specified. | |
steps: | |
- name: Checkout code # Step to checkout the code from the repository | Fetch the source code repository into the runner machine where our workflow is executing. | |
uses: actions/checkout@v4 | |
- name: Set up JDK 17 # Step to set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: maven | |
- name: Build with Maven # Step to build the project with Maven | |
run: mvn clean install | |
- name: build and push the docker image to dockerhub | |
run: | | |
# 1. Login to DockerHub | |
# 2. Build the Docker image | |
# 3. Push the Docker image to DockerHub | |
docker login -u ${{secrets.DOCKER_USERNAME}} -p ${{secrets.DOCKER_PASSWORD}} | |
docker build -t dharshib/springboot-ci-cd . | |
docker push dharshib/springboot-ci-cd:latest | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
# Instead of ECR we can also push the image to Dockhub and pull it to ECS. | |
- name: Build, tag, and push image to Amazon ECR | |
id: build-image | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
IMAGE_TAG: ${{ github.sha }} | |
run: | | |
# Build a docker container and | |
# push it to ECR so that it can | |
# be deployed to ECS. | |
docker build -t $ECR_REGISTRY/${{ secrets.ECR_REPOSITORY }}:$IMAGE_TAG . | |
docker push $ECR_REGISTRY/${{ secrets.ECR_REPOSITORY }}:$IMAGE_TAG | |
echo "image=$ECR_REGISTRY/${{ secrets.ECR_REPOSITORY }}:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
# Updating our ECS task definition file with the newly built Docker image ID | |
# after successfully building and pushing the Docker image to Amazon ECR. | |
- name: Update ECS task definition with new image | |
id: task-def | |
uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
with: | |
task-definition: ${{ secrets.ECS_TASK_DEFINITION }} | |
container-name: ${{ secrets.CONTAINER_NAME }} | |
image: ${{ steps.build-image.outputs.image }} | |
- name: Deploy the updated ECS task definition | |
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
with: | |
task-definition: ${{ steps.task-def.outputs.task-definition }} | |
service: ${{ secrets.ECS_SERVICE }} | |
cluster: ${{ secrets.ECS_CLUSTER }} | |
wait-for-service-stability: true |