Skip to content
Release Deployment

AGR Curation v0.32.0 #108

Sign in to view logs

AGR Curation v0.32.0

AGR Curation v0.32.0 #108

Workflow file for this run

.github/workflows/github-release-build-and-deploy.yml at e98379f
name: Release Deployment
on:
release:
types: [published]
jobs:
build-release-image:
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-20.04
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-build-image
aws-region: us-east-1
- name: Amazon ECR login
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: agr_curation
ENV_TAG: "${{github.event.release.prerelease == false && 'production' || 'beta'}}"
run: |
docker build --build-arg OVERWRITE_VERSION=${{ github.event.release.tag_name }} -t $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.event.release.tag_name }} .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.event.release.tag_name }}
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:${{ github.event.release.tag_name }} $ECR_REGISTRY/$ECR_REPOSITORY:$ENV_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$ENV_TAG
build-deploy-maven-central-package:
needs: [build-release-image]
runs-on: ubuntu-20.04
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Set up Maven Central Repository
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Set Proper version
run: mvn versions:set -ntp -DnewVersion=${{ github.event.release.tag_name }}
- id: install-secret-key
name: Install gpg secret key
run: |
cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
- name: Publish package
run: mvn --batch-mode -Dmaven.test.skip=true -Dquarkus.hibernate-search-orm.elasticsearch.version=1.2.4 deploy
env:
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
generate-deployment-package:
needs: [build-release-image]
runs-on: ubuntu-20.04
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Save curation app version to be deployed in EB env variables through config file
run: |
cat .ebextensions/version.config
sed -i.bak "s/0.0.0/${{ github.event.release.tag_name }}/g" .ebextensions/version.config
cat .ebextensions/version.config
- name: Generate deployment package
run: zip -r ${{ github.event.release.tag_name }}.zip docker-compose.yml .ebextensions/
- name: Store deployment package in cache
uses: actions/cache@v4
with:
path: ${{ github.event.release.tag_name }}.zip
key: ${{github.workflow}}.${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deployment-zip
deploy-to-production:
if: github.event.release.prerelease == false
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
needs: [generate-deployment-package]
runs-on: ubuntu-20.04
steps:
- name: Fetch deployment package from cache
uses: actions/cache@v4
with:
path: ${{ github.event.release.tag_name }}.zip
key: ${{github.workflow}}.${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deployment-zip
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deploy-production
aws-region: us-east-1
- name: Deploy to EB
uses: einaregilsson/beanstalk-deploy@v21
with:
aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws_session_token: ${{env.AWS_SESSION_TOKEN}}
application_name: curation-app
environment_name: curation-production
version_label: ${{ github.event.release.tag_name }}
deployment_package: ${{ github.event.release.tag_name }}.zip
use_existing_version_if_available: true
region: us-east-1
- name: Slack Notification
uses: tokorom/action-slack-incoming-webhook@main
env:
INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
text: "Deployment of release ${{ github.event.release.tag_name }} to production completed! :tada:"
deploy-to-beta:
if: github.event.release.prerelease == true
needs: [generate-deployment-package]
permissions:
id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
runs-on: ubuntu-20.04
steps:
- name: Fetch deployment package from cache
uses: actions/cache@v4
with:
path: ${{ github.event.release.tag_name }}.zip
key: ${{github.workflow}}.${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deployment-zip
- name: AWS credentials configuration
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-eb-deploy-beta
aws-region: us-east-1
- name: Deploy to EB
uses: einaregilsson/beanstalk-deploy@v21
with:
aws_access_key: ${{ env.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws_session_token: ${{env.AWS_SESSION_TOKEN}}
application_name: curation-app
environment_name: curation-beta
version_label: ${{ github.event.release.tag_name }}
deployment_package: ${{ github.event.release.tag_name }}.zip
use_existing_version_if_available: true
region: us-east-1
- name: Slack Notification
uses: tokorom/action-slack-incoming-webhook@main
env:
INCOMING_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
text: "Deployment of (pre)release ${{ github.event.release.tag_name }} to beta completed! :tada:"