Skip to content

upgrade uses

upgrade uses #77

Workflow file for this run

on:
push:
branches:
- staging
workflow_dispatch:
concurrency:
group: staging
cancel-in-progress: true
name: Staging
env:
ECS_CONTAINER_MAIN : discord-bot-staging
ECS_SERVICE_MAIN : discord-bot-staging-service
ECS_CLUSTER : karma-staging
ECR_REPOSITORY_MAIN : staging-karma-discord-bot
ECS_CONTAINER_DELEGATE : delegate-discord-message-update-stat-staging
ECS_SERVICE_DELEGATE : delegate-discord-message-update-stat-staging-service
jobs:
build_image:
name: Build docker image
if: |
!failure() && !cancelled()
runs-on: ubuntu-latest
outputs:
image: ${{ steps.build-image.outputs.image }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
install: true
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Get .env and certs from Secret Manager
run: |
aws secretsmanager get-secret-value --secret-id staging/env --query SecretString --output text >> .env
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
# Key is named differently to avoid collision
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx
- name: Build image
uses: docker/build-push-action@v3
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ env.ECR_REPOSITORY_MAIN }}
IMAGE_TAG: ${{ github.sha }}
with:
context: .
builder: ${{ steps.buildx.outputs.name }}
file: Dockerfile
push: true
tags: |
${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY_MAIN }}:${{ github.sha }}
${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY_MAIN }}:latest
cache-from: type=local,src=/tmp/.buildx-cache
# Note the mode=max here
# More: https://github.com/moby/buildkit#--export-cache-options
# And: https://github.com/docker/buildx#--cache-tonametypetypekeyvalue
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
- name: Move cache
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Discord notification
uses: sarisia/actions-status-discord@v1
if: failure()
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
deploy-ecs-services:
name: Deploy ECS services
needs: [build_image]
if: |
!failure() && !cancelled()
runs-on: ubuntu-latest
strategy:
matrix:
ECS_CONTAINER: ["discord-bot-staging", "delegate-discord-message-update-stat-staging" ]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Download task definition for ${{ matrix.ECS_CONTAINER }}
id: download-task
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ env.ECR_REPOSITORY_MAIN }}
IMAGE_TAG: ${{ github.sha }}
run: |
aws ecs describe-task-definition --task-definition ${{ matrix.ECS_CONTAINER }} --query taskDefinition > task-definition.json
echo "::set-output name=revision::$(cat task-definition.json | jq .revision)"
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Fill in the new image ID in the Amazon ECS task definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: ${{ matrix.ECS_CONTAINER }}
image: ${{ steps.download-task.outputs.image }}
- name: Deploy Amazon ECS task definition for ${{ matrix.ECS_CONTAINER }}
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: ${{ matrix.ECS_CONTAINER }}-service
cluster: ${{ env.ECS_CLUSTER }}
wait-for-service-stability: true
- name: Check deployed revision
run: |
bash deploy/check_service_revision.sh `expr ${{ steps.download-task.outputs.revision }} + 1` ${{ matrix.ECS_CONTAINER }}-service ${{ env.ECS_CLUSTER }}
- name: Deregister previous revision
run: |
aws ecs deregister-task-definition --task-definition ${{ matrix.ECS_CONTAINER }}:${{ steps.download-task.outputs.revision }} >> /dev/null
- name: Discord notification
uses: sarisia/actions-status-discord@v1
if: failure()
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
notification:
runs-on: ubuntu-latest
needs: [build_image, deploy-ecs-services]
if: needs.deploy-ecs-services.result == 'success'
steps:
- name: Discord notification
uses: sarisia/actions-status-discord@v1
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}