Skip to content

PROD UI - Deploy tagged version to Prod #3

PROD UI - Deploy tagged version to Prod

PROD UI - Deploy tagged version to Prod #3

# .github/workflows/terraform-dev
name: 'PROD UI - Deploy tagged version to Prod'
on:
workflow_dispatch:
inputs:
tagVersion:
description: 'What tagged verison do you want to push to prod?'
required: true
type: 'string'
permissions:
pull-requests: write
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
react_testing_job:
runs-on: ubuntu-latest
environment: prod
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.tagVersion}}
fetch-depth: '0'
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Configure React environment vars
env:
ENDPOINT_DOC_STORE_API: http://test-endpoint.com
AWS_REGION: test region
OIDC_PROVIDER_ID: not provided yet
BUILD_ENV: development
IMAGE_VERSION: 'ndr-${{ vars.BUILD_ENV }}-app:${{ github.sha }}'
run: |
./react-environment-config.sh
working-directory: ./app
shell: bash
- run: make clean-install
- run: make test-ui
install-cypress-build:
runs-on: ubuntu-22.04
needs: ['react_testing_job']
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Cypress install
run: npm install --legacy-peer-deps
working-directory: ./app
- name: Configure React environment vars
env:
ENDPOINT_DOC_STORE_API: http://test-endpoint.com
AWS_REGION: test region
OIDC_PROVIDER_ID: not provided yet
BUILD_ENV: development
IMAGE_VERSION: 'ndr-${{ github.event.inputs.tagVersion}}-app::${{ github.sha }}'
run: |
./react-environment-config.sh
working-directory: ./app
- name: Cypress build
uses: cypress-io/github-action@v5
with:
# Disable running of tests within install job
install: false
runTests: false
build: npm run build
working-directory: ./app
- name: Save build folder
uses: actions/upload-artifact@v3
with:
name: build
if-no-files-found: error
path: ./app/build
cypress-run-chrome:
runs-on: ubuntu-22.04
needs: install-cypress-build
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Download the build folder
uses: actions/download-artifact@v3
with:
name: build
path: ./app/build
# Npm run will run the app locally, we want to test the built application with env vars using serve
- name: Install serve globally
run: npm install -g serve
- name: Cypress install
run: |
npm install --legacy-peer-deps
working-directory: ./app
- name: Cypress run
uses: cypress-io/github-action@v5
with:
install: false
start: serve -s build
browser: chrome
working-directory: ./app
env:
CYPRESS_BASE_URL: ${{ vars.CYPRESS_BASE_URL }}
CYPRESS_grepTags: 'regression'
cypress-run-firefox:
runs-on: ubuntu-22.04
needs: install-cypress-build
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Download the build folder
uses: actions/download-artifact@v3
with:
name: build
path: ./app/build
# Npm run will run the app locally, we want to test the built application with env vars using serve
- name: Install serve globally
run: npm install -g serve
- name: Cypress install
run: |
npm install --legacy-peer-deps
working-directory: ./app
- name: Cypress run
uses: cypress-io/github-action@v5
with:
install: false
start: serve -s build
browser: firefox
working-directory: ./app
env:
CYPRESS_BASE_URL: ${{ vars.CYPRESS_BASE_URL }}
CYPRESS_grepTags: 'regression'
cypress-run-edge:
runs-on: ubuntu-22.04
needs: install-cypress-build
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Download the build folder
uses: actions/download-artifact@v3
with:
name: build
path: ./app/build
# Npm run will run the app locally, we want to test the built application with env vars using serve
- name: Install serve globally
run: npm install -g serve
- name: Cypress install
run: |
npm install --legacy-peer-deps
working-directory: ./app
- name: Cypress run
uses: cypress-io/github-action@v5
with:
install: false
start: serve -s build
browser: edge
working-directory: ./app
env:
CYPRESS_BASE_URL: ${{ vars.CYPRESS_BASE_URL }}
CYPRESS_grepTags: 'regression'
react_build_and_deploy_docker_image:
runs-on: ubuntu-latest
environment: prod
needs: ['cypress-run-edge', 'cypress-run-firefox', 'cypress-run-chrome']
defaults:
run:
working-directory: ./app
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.tagVersion}}
fetch-depth: '0'
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
role-skip-session-tagging: true
aws-region: ${{ vars.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- uses: dkershner6/aws-ssm-getparameters-action@v1
with:
parameterPairs: '/ndr/${{ vars.BUILD_ENV }}/api_endpoint = DOC_STORE_API_ENDPOINT,
/ndr/${{ vars.BUILD_ENV }}/container_port = CONTAINER_PORT'
withDecryption: 'true' # defaults to true
- name: Configure React environment vars
env:
ENDPOINT_DOC_STORE_API: ${{ env.DOC_STORE_API_ENDPOINT }}
AWS_REGION: ${{ vars.AWS_REGION }}
OIDC_PROVIDER_ID: not provided yet
BUILD_ENV: ${{ vars.BUILD_ENV }}
IMAGE_VERSION: 'ndr-${{ vars.BUILD_ENV }}-app:${{ github.event.inputs.tagVersion}}'
run: |
./react-environment-config.sh
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO_NAME }}
IMAGE_TAG: prod-${{ github.event.inputs.tagVersion}}
CONTAINER_PORT: ${{ env.CONTAINER_PORT }}
run: |
docker build --build-arg="CONTAINER_PORT=$CONTAINER_PORT" -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -t $ECR_REGISTRY/$ECR_REPOSITORY:latest .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
# Looks like the ECS does not check for image updates, as such we need to force a new task definition to run the new image
# We will always use the "latest" image tag so we do not need to modify the task-definition
- name: Download task definition
id: download-task
run: |
aws ecs describe-task-definition --task-definition ${{ vars.BUILD_ENV }}-ndr-service-task --query taskDefinition > task-definition.json
echo "::set-output name=revision::$(cat task-definition.json | jq .revision)"
- name: Fill in the new image ID in the Amazon ECS task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: ./app/task-definition.json
container-name: ${{ vars.BUILD_ENV }}-app-container
image: ${{ steps.build-image.outputs.image }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ./app/task-definition.json
service: ${{ vars.BUILD_ENV }}-ecs-cluster-service
cluster: ${{ vars.BUILD_ENV }}-app-cluster
wait-for-service-stability: true
- name: De-register previous revision
run: |
aws ecs deregister-task-definition \
--task-definition ${{ vars.BUILD_ENV }}-ndr-service-task:${{ steps.download-task.outputs.revision }}