-
Notifications
You must be signed in to change notification settings - Fork 0
136 lines (116 loc) · 4.8 KB
/
ui-deploy-feature-to-sandbox-manual.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# .github/workflows/terraform-dev
name: 'UI - Deploy Feature Branch to Sandbox'
on:
workflow_dispatch:
inputs:
buildBranch:
description: 'Feature branch to push to test?'
required: true
type: 'string'
sandboxWorkspace:
description: 'Which Sandbox to push to.'
required: true
type: 'string'
permissions:
pull-requests: write
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
react_testing_job:
runs-on: ubuntu-latest
environment: development
env:
DOC_STORE_API_ENDPOINT: 'Not configured'
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.buildBranch}}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Configure React environment vars
env:
ENDPOINT_DOC_STORE_API: http://test-endpoint.com
AWS_REGION: test region
OIDC_PROVIDER_ID: not provided yet
BUILD_ENV: development
IMAGE_VERSION: 'ndr-${{ vars.BUILD_ENV }}-app:${{ github.sha }}'
run: |
./react-environment-config.sh
working-directory: ./app
shell: bash
- run: make clean-install
- run: make test-ui
react_build_and_deploy_docker_image:
runs-on: ubuntu-latest
environment: development
defaults:
run:
working-directory: ./app
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.inputs.buildBranch}}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
role-skip-session-tagging: true
aws-region: ${{ vars.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- uses: dkershner6/aws-ssm-getparameters-action@v1
with:
parameterPairs: '/ndr/${{ github.event.inputs.sandboxWorkspace}}/api_endpoint = DOC_STORE_API_ENDPOINT'
withDecryption: 'true' # defaults to true
- name: Configure React environment vars
env:
ENDPOINT_DOC_STORE_API: ${{ env.DOC_STORE_API_ENDPOINT }}
AWS_REGION: ${{ vars.AWS_REGION }}
OIDC_PROVIDER_ID: not provided yet
BUILD_ENV: development
IMAGE_VERSION: 'ndr-${{ github.event.inputs.sandboxWorkspace}}-app:${{ github.sha }}'
run: |
./react-environment-config.sh
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ndr-${{ github.event.inputs.sandboxWorkspace}}-app
IMAGE_TAG: latest
IMAGE_TAG_SHA: ${{ github.sha }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_SHA .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_SHA
echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_SHA" >> $GITHUB_OUTPUT
# Looks like the ECS does not check for image updates, as such we need to force a new task definition to run the new image
# We will always use the "latest" image tag so we do not need to modify the task-definition
- name: Download task definition
id: download-task
run: |
aws ecs describe-task-definition --task-definition ${{ github.event.inputs.sandboxWorkspace}}-ndr-service-task --query taskDefinition > task-definition.json
echo "::set-output name=revision::$(cat task-definition.json | jq .revision)"
- name: Fill in the new image ID in the Amazon ECS task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: ./app/task-definition.json
container-name: ${{ github.event.inputs.sandboxWorkspace}}-app-container
image: ${{ steps.build-image.outputs.image }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ./app/task-definition.json
service: ${{ github.event.inputs.sandboxWorkspace}}-ecs-cluster-service
cluster: ${{ github.event.inputs.sandboxWorkspace}}-app-cluster
wait-for-service-stability: true
- name: De-register previous revision
run: |
aws ecs deregister-task-definition \
--task-definition ${{ github.event.inputs.sandboxWorkspace}}-ndr-service-task:${{ steps.download-task.outputs.revision }}