argonaut workflow Setup : #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Deploy testnewuibs - preprod" | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- "**" | |
- .github/workflows/argonaut-preprod-testnewuibs.yaml | |
- Dockerfile | |
- .art/argonaut-preprod-preprod-testnewuibs.yaml | |
tags: | |
- "v*" # Push events to matching v*, i.e. v1.0, v20.15.10 | |
workflow_dispatch: | |
jobs: | |
build: | |
environment: | |
name: preprod | |
runs-on: warp-ubuntu-latest-x64-4x | |
name: Build and Push Img | |
steps: | |
- name: Get the version | |
id: get_version | |
run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/} | |
- name: Fetch repo | |
uses: actions/checkout@v2 | |
with: | |
submodules: "recursive" | |
- name: Get Short SHA | |
id: get_sha | |
run: echo ::set-output name=SHA_SHORT::$(git rev-parse --short HEAD) | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Download art | |
run: | | |
curl --silent https://github.com/argonautdev/public/releases/latest/download/art-linux -L -o art | |
chmod +x ./art | |
mv ./art /usr/local/bin/art | |
- name: Fetch BuildTime Secrets | |
run: | | |
art configure --key ${{ secrets.argonautdev_ART_KEY }} --secret ${{ secrets.argonautdev_ART_SECRET }} | |
art app envvars get -f .art/argonaut-preprod-preprod-testnewuibs.yaml \ | |
--set appName="testnewuibs" \ | |
--set argonaut.env="preprod" \ | |
--set argonaut.region="us-east-2" \ | |
--set argonaut.cluster="preprod" \ | |
--set argonaut.serviceType="stateless" \ | |
--set argonaut.imageRegistry="ecr" \ | |
--type buildtime \ | |
--format dotenv > art-build-secrets.env | |
echo 'ART_BUILD_SECRETS_FILE<<EOF' >> $GITHUB_ENV | |
cat art-build-secrets.env >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
- name: Build Image | |
uses: docker/build-push-action@v2 | |
id: build | |
with: | |
context: . | |
file: ./Dockerfile | |
push: false | |
tags: 170982004044.dkr.ecr.us-east-2.amazonaws.com/argonaut/testnewuibs:${{ steps.get_sha.outputs.SHA_SHORT }} | |
build-args: | | |
${{ env.ART_BUILD_SECRETS_FILE }} | |
outputs: type=docker,dest=image.tar | |
- name: Set AWS Credentials via art | |
run: | | |
art configure generate-aws-credentials >> credentials.json | |
echo "AWS_ACCESS_KEY_ID=$(cat credentials.json | jq --raw-output '.accessKeyId')" >> $GITHUB_ENV | |
echo "AWS_SECRET_ACCESS_KEY=$(cat credentials.json | jq --raw-output '.secretAccessKey')" >> $GITHUB_ENV | |
echo "AWS_SESSION_TOKEN=$(cat credentials.json | jq --raw-output '.sessionToken')" >> $GITHUB_ENV | |
echo "AWS_ACCOUNT_ID=$(cat credentials.json | jq --raw-output '.accountId')" >> $GITHUB_ENV | |
echo "AWS_REGION=$(cat credentials.json | jq --raw-output '.region')" >> $GITHUB_ENV | |
- name: Push to ecr | |
uses: argonautdev/[email protected] | |
id: push_to_ecr | |
with: | |
access_key_id: ${{ env.AWS_ACCESS_KEY_ID }} | |
secret_access_key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
account_id: ${{ env.AWS_ACCOUNT_ID }} | |
repo: argonaut/testnewuibs | |
region: us-east-2 | |
tags: ${{ steps.get_sha.outputs.SHA_SHORT }} | |
create_repo: true | |
image_scanning_configuration: true | |
docker_image_path: image.tar | |
deploy: | |
environment: | |
name: preprod | |
runs-on: ubuntu-latest | |
name: Deploy to Argonaut | |
needs: build | |
steps: | |
- name: Fetch repo | |
uses: actions/checkout@v2 | |
- name: Fetch branch name | |
shell: bash | |
run: echo ::set-output name=BRANCH_NAME::${GITHUB_REF#refs/heads/} | |
id: get_branch_name | |
- name: Get Short SHA | |
id: get_sha | |
run: echo ::set-output name=SHA_SHORT::$(git rev-parse --short HEAD) | |
- name: Download art | |
run: curl --silent https://github.com/argonautdev/public/releases/latest/download/art-linux -L -o art | |
- name: Configure art | |
run: | | |
chmod +x ./art | |
sudo mv ./art /usr/local/bin/art | |
art configure --key ${{ secrets.argonautdev_ART_KEY }} --secret ${{ secrets.argonautdev_ART_SECRET }} | |
art app deploy -f .art/argonaut-preprod-preprod-testnewuibs.yaml \ | |
--set image="170982004044.dkr.ecr.us-east-2.amazonaws.com/argonaut/testnewuibs" \ | |
--set 'labels.argonaut\.dev/git-provider'='github' \ | |
--set argonaut.git-provider='github' \ | |
--set imageTag="${{ steps.get_sha.outputs.SHA_SHORT }}" \ | |
--set appName="testnewuibs" \ | |
--set argonaut.env="preprod" \ | |
--set argonaut.region="us-east-2" \ | |
--set argonaut.cluster="preprod" \ | |
--set argonaut.serviceType="stateless" \ | |
--set argonaut.imageRegistry="ecr" |