Bugfixes #113
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run deploy | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
- staging | |
- dev | |
paths: | |
- 'client/**' | |
- 'api/**' | |
- '.github/workflows/*' | |
- 'infrastructure/**' | |
- 'package.json' | |
jobs: | |
set_environment_name: | |
name: Set Environment | |
runs-on: ubuntu-latest | |
outputs: | |
env_name: ${{ steps.set_env.outputs.env_name }} | |
steps: | |
- id: set_env | |
run: echo "env_name=${{ github.ref_name == 'main' && 'production' || github.ref_name }}" >> $GITHUB_OUTPUT | |
build_client: | |
needs: [ set_environment_name ] | |
environment: | |
name: ${{ needs.set_environment_name.outputs.env_name }} | |
runs-on: ubuntu-latest | |
name: Build Client image and push to Amazon ECR | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v3 | |
id: client-changes | |
with: | |
filters: | | |
client: | |
- 'client/**' | |
- '.github/workflows/**' | |
shared: | |
- 'shared/**' | |
- name: Configure AWS credentials | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.client-changes.outputs.client == 'true' }} | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.PIPELINE_USER_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.PIPELINE_USER_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.client-changes.outputs.client == 'true' }} | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
with: | |
mask-password: 'true' | |
- name: Set up Docker Buildx | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.client-changes.outputs.client == 'true' }} | |
uses: docker/setup-buildx-action@v3 | |
- name: Build, tag, and push Client image to Amazon ECR | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.client-changes.outputs.client == 'true' }} | |
uses: docker/build-push-action@v6 | |
with: | |
build-args: | | |
NEXT_PUBLIC_API_URL=${{ vars.NEXT_PUBLIC_API_URL }} | |
NEXTAUTH_URL=${{ vars.NEXTAUTH_URL }} | |
NEXTAUTH_SECRET=${{ secrets.NEXTAUTH_SECRET }} | |
NEXT_PUBLIC_MAPBOX_API_TOKEN=${{ vars.NEXT_PUBLIC_MAPBOX_API_TOKEN }} | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
file: ./client/Dockerfile | |
push: true | |
tags: | | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.CLIENT_REPOSITORY_NAME }}:${{ github.sha }} | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.CLIENT_REPOSITORY_NAME }}:${{ needs.set_environment_name.outputs.env_name }} | |
build_api: | |
needs: [ set_environment_name ] | |
environment: | |
name: ${{ needs.set_environment_name.outputs.env_name }} | |
runs-on: ubuntu-latest | |
name: Build API image and push to Amazon ECR | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v3 | |
id: api-changes | |
with: | |
filters: | | |
api: | |
- 'api/**' | |
- '.github/workflows/**' | |
shared: | |
- 'shared/**' | |
- name: Configure AWS credentials | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.api-changes.outputs.api == 'true' }} | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.PIPELINE_USER_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.PIPELINE_USER_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.api-changes.outputs.api == 'true' }} | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
with: | |
mask-password: 'true' | |
- name: Set up Docker Buildx | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.api-changes.outputs.api == 'true' }} | |
uses: docker/setup-buildx-action@v3 | |
- name: Build, tag, and push API image to Amazon ECR | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.api-changes.outputs.api == 'true' }} | |
uses: docker/build-push-action@v6 | |
with: | |
build-args: | | |
DB_HOST=${{ secrets.DB_HOST }} | |
DB_PORT=${{ secrets.DB_PORT }} | |
DB_NAME=${{ secrets.DB_NAME }} | |
DB_USERNAME=${{ secrets.DB_USERNAME }} | |
DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
ACCESS_TOKEN_SECRET=${{ secrets.ACCESS_TOKEN_SECRET }} | |
ACCESS_TOKEN_EXPIRES_IN=${{ secrets.ACCESS_TOKEN_EXPIRES_IN }} | |
RESET_PASSWORD_TOKEN_SECRET=${{ secrets.RESET_PASSWORD_TOKEN_SECRET }} | |
RESET_PASSWORD_TOKEN_EXPIRES_IN=${{ secrets.RESET_PASSWORD_TOKEN_EXPIRES_IN }} | |
EMAIL_CONFIRMATION_TOKEN_SECRET=${{ secrets.EMAIL_CONFIRMATION_TOKEN_SECRET }} | |
EMAIL_CONFIRMATION_TOKEN_EXPIRES_IN=${{ secrets.EMAIL_CONFIRMATION_TOKEN_EXPIRES_IN }} | |
ACCOUNT_CONFIRMATION_TOKEN_SECRET=${{ secrets.ACCOUNT_CONFIRMATION_TOKEN_SECRET }} | |
ACCOUNT_CONFIRMATION_EXPIRES_IN=${{ secrets.ACCOUNT_CONFIRMATION_EXPIRES_IN }} | |
AWS_SES_ACCESS_KEY_ID=${{ secrets.AWS_SES_ACCESS_KEY_ID }} | |
AWS_SES_ACCESS_KEY_SECRET=${{ secrets.AWS_SES_ACCESS_KEY_SECRET }} | |
AWS_SES_DOMAIN=${{ secrets.AWS_SES_DOMAIN }} | |
AWS_REGION=${{ secrets.AWS_REGION }} | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
file: ./api/Dockerfile | |
push: true | |
tags: | | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.API_REPOSITORY_NAME }}:${{ github.sha }} | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.API_REPOSITORY_NAME }}:${{ needs.set_environment_name.outputs.env_name }} | |
build_admin: | |
needs: [ set_environment_name ] | |
environment: | |
name: ${{ needs.set_environment_name.outputs.env_name }} | |
runs-on: ubuntu-latest | |
name: Build Admin image and push to Amazon ECR | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v3 | |
id: admin-changes | |
with: | |
filters: | | |
admin: | |
- 'admin/**' | |
- '.github/workflows/**' | |
shared: | |
- 'shared/**' | |
- name: Configure AWS credentials | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.admin-changes.outputs.admin == 'true' }} | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.PIPELINE_USER_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.PIPELINE_USER_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.admin-changes.outputs.admin == 'true' }} | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
with: | |
mask-password: 'true' | |
- name: Set up Docker Buildx | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.admin-changes.outputs.admin == 'true' }} | |
uses: docker/setup-buildx-action@v3 | |
- name: Build, tag, and push Admin image to Amazon ECR | |
if: ${{ github.event_name == 'workflow_dispatch' || steps.admin-changes.outputs.admin == 'true' }} | |
uses: docker/build-push-action@v6 | |
with: | |
build-args: | | |
DB_HOST=${{ secrets.DB_HOST }} | |
DB_PORT=${{ secrets.DB_PORT }} | |
DB_NAME=${{ secrets.DB_NAME }} | |
DB_USERNAME=${{ secrets.DB_USERNAME }} | |
DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
API_URL=${{ vars.NEXT_PUBLIC_API_URL }} | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
file: ./admin/Dockerfile | |
push: true | |
tags: | | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.ADMIN_REPOSITORY_NAME }}:${{ github.sha }} | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.ADMIN_REPOSITORY_NAME }}:${{ needs.set_environment_name.outputs.env_name }} | |
deploy: | |
name: Deploy Services to Amazon EBS | |
needs: [ set_environment_name, build_client, build_api, build_admin ] | |
runs-on: ubuntu-latest | |
environment: | |
name: ${{ needs.set_environment_name.outputs.env_name }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.PIPELINE_USER_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.PIPELINE_USER_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Generate docker compose file | |
working-directory: infrastructure/source_bundle | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY_CLIENT: ${{ secrets.CLIENT_REPOSITORY_NAME }} | |
ECR_REPOSITORY_API: ${{ secrets.API_REPOSITORY_NAME }} | |
ECR_REPOSITORY_ADMIN: ${{ secrets.ADMIN_REPOSITORY_NAME }} | |
IMAGE_TAG: ${{ needs.set_environment_name.outputs.env_name }} | |
run: | | |
cat <<EOF >> docker-compose.yml | |
services: | |
client: | |
image: $ECR_REGISTRY/$ECR_REPOSITORY_CLIENT:$IMAGE_TAG | |
restart: always | |
ports: | |
- 3000:3000 | |
api: | |
image: $ECR_REGISTRY/$ECR_REPOSITORY_API:$IMAGE_TAG | |
restart: always | |
ports: | |
- 4000:4000 | |
admin: | |
image: $ECR_REGISTRY/$ECR_REPOSITORY_ADMIN:$IMAGE_TAG | |
restart: always | |
ports: | |
- 1000:1000 | |
nginx: | |
image: nginx | |
restart: always | |
volumes: | |
- ./proxy/conf.d:/etc/nginx/conf.d | |
- "\${EB_LOG_BASE_DIR}/nginx:/var/log/nginx" | |
ports: | |
- 80:80 | |
depends_on: | |
- api | |
- client | |
- admin | |
EOF | |
- name: Generate zip file | |
working-directory: infrastructure/source_bundle | |
run: | | |
zip -r deploy.zip * .[^.]* | |
- name: Deploy to Amazon EB | |
uses: einaregilsson/beanstalk-deploy@v22 | |
with: | |
aws_access_key: ${{ secrets.PIPELINE_USER_ACCESS_KEY_ID }} | |
aws_secret_key: ${{ secrets.PIPELINE_USER_SECRET_ACCESS_KEY }} | |
application_name: ${{ secrets.PROJECT_NAME}}-${{ needs.set_environment_name.outputs.env_name }} | |
environment_name: ${{ secrets.PROJECT_NAME}}-${{ needs.set_environment_name.outputs.env_name }}-env | |
region: ${{ secrets.AWS_REGION }} | |
version_label: ${{ github.sha }}-${{ github.run_id }}-${{ github.run_attempt }} | |
deployment_package: infrastructure/source_bundle/deploy.zip |