staging-release.yml

name: Staging release

on: workflow_dispatch

jobs:
  deploy:
    name: Build image and push to Amazon ECR
    runs-on: ubuntu-latest
    environment: production

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: eu-central-1

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v2
        with:
          mask-password: 'true'

      - name: Build image
        run: |
          docker build -t socialkyc:latest-release .

      - name: Tag, and push image to Amazon ECR
        env:
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          ECR_REPOSITORY: socialkyc
          IMAGE_TAG: ${{ github.sha }}
        run: |
          docker tag socialkyc:latest-release $ECR_REGISTRY/$ECR_REPOSITORY:latest-release
          docker tag socialkyc:latest-release $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest-release

      - name: Deploy to kilt cluster
        uses: evosecurity/kubectl-aws-eks@master
        env:
          KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG }}
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          ECR_REPOSITORY: socialkyc
          IMAGE_TAG: ${{ github.sha }}
        with:
          args: rollout restart deployment social-kyc-stg -n social-kyc