From ed4b83970879751b782b6bc770651f6cd0c8c9de Mon Sep 17 00:00:00 2001
From: Marukome0743 <akio.muto@bnt.benextgroup.jp>
Date: Thu, 18 Apr 2024 18:39:29 +0900
Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8Fci:=20unify=20docker=20ci?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/lambda.yml     | 53 --------------------------------
 .github/workflows/push-image.yml | 37 ++++++++++++++++++++--
 2 files changed, 34 insertions(+), 56 deletions(-)
 delete mode 100644 .github/workflows/lambda.yml

diff --git a/.github/workflows/lambda.yml b/.github/workflows/lambda.yml
deleted file mode 100644
index 023f8b5e..00000000
--- a/.github/workflows/lambda.yml
+++ /dev/null
@@ -1,53 +0,0 @@
-name: Deploy to Amazon Lambda
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-on:
-  push:
-    branches:
-      - main
-    paths:
-      - "app/**"
-      - "public/**"
-      - "bun.lockb"
-      - "package.json"
-      - "yarn.lock"
-      - "*config.*"
-  workflow_dispatch:
-
-env:
-  AWS_REGION: ap-northeast-1
-  ECR_REPOSITORY: homepage
-  LAMBDA_FUNCTION_NAME: homepage
-
-jobs:
-  deploy:
-    if: github.repository == 'OpenUp-LabTakizawa/homepage'
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ${{ env.AWS_REGION }}
-
-      - name: Login to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2
-
-      - name: Build, tag, and push image to Amazon ECR
-        id: build-image
-        env:
-          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-          IMAGE_TAG: ${{ github.sha }}
-        run: |
-          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          aws lambda update-function-code --function-name $LAMBDA_FUNCTION_NAME --image-uri $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
diff --git a/.github/workflows/push-image.yml b/.github/workflows/push-image.yml
index fcf37ceb..2de0ca87 100644
--- a/.github/workflows/push-image.yml
+++ b/.github/workflows/push-image.yml
@@ -22,6 +22,12 @@ on:
       - "yarn.lock"
       - "*config.*"
   workflow_dispatch:
+    inputs:
+      push:
+        description: 'Push image'
+        required: true
+        default: false
+        type: boolean
 
 env:
   REPOSITORY_OWNER: OpenUp-LabTakizawa
@@ -29,6 +35,10 @@ env:
   REPOSITORY: marukome0743/homepage
   GHCR_REGISTRY: ghcr.io
   GHCR_REPOSITORY: openup-labtakizawa/homepage
+  AWS_REGION: ap-northeast-1
+  ECR_REGISTRY: 544280698279.dkr.ecr.ap-northeast-1.amazonaws.com
+  ECR_REPOSITORY: homepage
+  LAMBDA_FUNCTION_NAME: homepage
 
 jobs:
   build:
@@ -52,13 +62,27 @@ jobs:
           password: ${{ secrets.DOCKER_PAT }}
 
       - name: Login to GitHub Container Registry
-        if: github.repository_owner == env.REPOSITORY_OWNER && github.event_name == 'push'
+        if: github.repository_owner == env.REPOSITORY_OWNER
         uses: docker/login-action@v3
         with:
           registry: ${{ env.GHCR_REGISTRY }}
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Configure AWS credentials
+        if: github.repository_owner == env.REPOSITORY_OWNER
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        if: github.repository_owner == env.REPOSITORY_OWNER
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.ECR_REGISTRY }}
+
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v5
@@ -66,17 +90,18 @@ jobs:
           images: |
             ${{ env.REPOSITORY }}
             ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_REPOSITORY }}
+            ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}
           tags: |
             type=ref,event=tag
             type=ref,event=pr,prefix=pr-
-            type=raw,value=canary,enable=${{ github.event_name == 'push' }}
+            type=raw,value=canary,enable=${{ github.event_name == 'push' || inputs.push }}
 
       - name: Build and push
         uses: docker/build-push-action@v5
         with:
           context: .
           platforms: ${{ github.event_name == 'push' && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
-          push: ${{ github.event_name == 'push' && github.ref_name == 'main' && github.repository_owner == env.REPOSITORY_OWNER }}
+          push: ${{ inputs.push || github.event_name == 'push' && github.ref_name == 'main' && github.repository_owner == env.REPOSITORY_OWNER }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=registry,ref=${{ env.REPOSITORY }}:canary
@@ -84,6 +109,12 @@ jobs:
           outputs: ${{ github.event_name == 'push' && 'type=image,name=target,annotation-index.org.opencontainers.image.description=homepage multi-arch image' || 'type=docker' }}
           provenance: false
 
+      - name: Update lambda function
+        if: inputs.push || github.event_name == 'push' && github.ref_name == 'main' && github.repository_owner == env.REPOSITORY_OWNER
+        run: |
+          aws lambda update-function-code --function-name ${{ env.LAMBDA_FUNCTION_NAME }} \
+          --image-uri ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ steps.meta.outputs.version }}
+
       - name: Docker Scout
         if: github.repository_owner == env.REPOSITORY_OWNER && github.event_name == 'pull_request_target'
         uses: docker/scout-action@v1