Deploy services #56
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| - push | |
| env: | |
| AWS_REGION: eu-north-1 | |
| ECR_REGISTRY: 095341522062.dkr.ecr.eu-north-1.amazonaws.com | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| lint-shell: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: espoon-voltti/voltti-actions/shellcheck@v1 | |
| dockerize: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - name: oppivelvollisuus/frontend | |
| path: frontend | |
| - name: oppivelvollisuus/api-gateway | |
| path: api-gateway | |
| test: "test" | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build image | |
| uses: espoon-voltti/voltti-actions/docker-build-push@master | |
| id: build | |
| with: | |
| path: ${{ matrix.path }} | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE }} | |
| AWS_REGION: ${{ env.AWS_REGION }} | |
| registry: ${{ env.ECR_REGISTRY }} | |
| name: ${{ matrix.name }} | |
| build-args: | | |
| build=${{ github.run_number }} | |
| commit=${{ github.sha }} | |
| - name: Build and run unit tests | |
| if: ${{ matrix.test != '' }} | |
| uses: espoon-voltti/voltti-actions/docker-build-push@master | |
| id: test | |
| with: | |
| push: false | |
| path: ${{ matrix.path }} | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE }} | |
| AWS_REGION: ${{ env.AWS_REGION }} | |
| registry: ${{ env.ECR_REGISTRY }} | |
| name: ${{ matrix.name }}-${{ matrix.test }} | |
| build-args: | | |
| build=${{ github.run_number }} | |
| commit=${{ github.sha }} | |
| target: ${{ matrix.test }} | |
| service: | |
| runs-on: ubuntu-latest | |
| env: | |
| name: oppivelvollisuus/service | |
| path: service | |
| builder: builder | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build image | |
| uses: espoon-voltti/voltti-actions/docker-build-push@master | |
| id: build | |
| with: | |
| path: ${{ env.path }} | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE }} | |
| AWS_REGION: ${{ env.AWS_REGION }} | |
| registry: ${{ env.ECR_REGISTRY }} | |
| name: ${{ env.name }} | |
| build-args: | | |
| build=${{ github.run_number }} | |
| commit=${{ github.sha }} | |
| - name: Build builder | |
| uses: espoon-voltti/voltti-actions/docker-build-push@master | |
| id: builder | |
| with: | |
| path: ${{ env.path }} | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE }} | |
| AWS_REGION: ${{ env.AWS_REGION }} | |
| registry: ${{ env.ECR_REGISTRY }} | |
| name: ${{ env.name }}-${{ env.builder }} | |
| build-args: | | |
| build=${{ github.run_number }} | |
| commit=${{ github.sha }} | |
| target: ${{ env.builder }} | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: service | |
| env: | |
| BUILD: "false" | |
| TAG: "${{ github.event.pull_request.head.sha || github.sha }}" | |
| defaults: | |
| run: | |
| working-directory: compose | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| if: ${{ github.actor != 'dependabot[bot]' && !github.event.pull_request.head.repo.fork }} | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE }} | |
| role-duration-seconds: 1200 | |
| - name: Login to Amazon ECR | |
| if: ${{ github.actor != 'dependabot[bot]' && !github.event.pull_request.head.repo.fork }} | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Pull images | |
| if: ${{ github.actor != 'dependabot[bot]' && !github.event.pull_request.head.repo.fork }} | |
| run: | | |
| ./test-compose pull | |
| - name: Build images | |
| if: ${{ github.actor == 'dependabot[bot]' || github.event.pull_request.head.repo.fork }} | |
| run: | | |
| ./test-compose build --parallel | |
| - name: Run tests | |
| run: | | |
| ./test-compose run service-tests | tee tests.log | |
| - name: Get logs | |
| if: always() | |
| run: | | |
| ./test-compose logs > tests-all.log | |
| - name: Store logs | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: integration-test-results | |
| path: | | |
| compose/tests.log | |
| compose/tests-all.log | |
| retention-days: 2 | |
| deploy: | |
| #if: ${{ github.ref == 'refs/heads/master' }} | |
| runs-on: ubuntu-latest | |
| #needs: | |
| # - test | |
| # - dockerize | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| environment: | |
| - staging | |
| - prod | |
| environment: | |
| name: ${{ matrix.environment }} | |
| steps: | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE }} | |
| role-duration-seconds: 1200 | |
| - name: Retag | |
| if: false # TODO | |
| run: | | |
| for repository in service api-gateway frontend; do | |
| MANIFEST=$(aws ecr batch-get-image --repository-name "oppivelvollisuus/$repository" --image-ids imageTag="${{ github.event.pull_request.head.sha || github.sha }}" --output json | jq --raw-output --join-output '.images[0].imageManifest') | |
| aws ecr put-image --repository-name "oppivelvollisuus/$repository" --image-tag "env-${{ matrix.environment }}" --image-manifest "$MANIFEST" | |
| done | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::674016398114:role/voltti-ci-oppivelvollisuus-${{ matrix.environment }} | |
| role-duration-seconds: 1200 | |
| unset-current-credentials: true | |
| - name: Deploy | |
| run: | | |
| aws ecs update-service \ | |
| --cluster "oppivelvollisuus-${{ matrix.environment }}" \ | |
| --service "oppivelvollisuus-${{ matrix.environment }}" \ | |
| --force-new-deployment | |
| aws ecs wait services-stable \ | |
| --cluster "oppivelvollisuus-${{ matrix.environment }}" \ | |
| --services "oppivelvollisuus-${{ matrix.environment }}" |