Merge pull request #16 from xeptagondev/develop #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Services | |
on: | |
push: | |
branches: | |
- develop | |
- main | |
paths: | |
- backend/** | |
- .github/workflows/server* | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: us-east-1 | |
jobs: | |
check_dependency_change: | |
runs-on: ubuntu-latest | |
# Declare outputs for next jobs | |
outputs: | |
deps_changed: ${{ steps.check_file_changed.outputs.deps_changed }} | |
stage: ${{ steps.branch_check.outputs.stage }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- id: check_file_changed | |
run: | | |
if [[ $(git diff --name-only HEAD^ HEAD | grep backend/services/package.json) ]] || [[ $(git diff --name-only HEAD^ HEAD | grep libs/) ]]; then | |
echo "deps_changed=True" >> $GITHUB_OUTPUT | |
else | |
echo "deps_changed=False" >> $GITHUB_OUTPUT | |
fi | |
- id: branch_check | |
run: | | |
if [[ ${GITHUB_REF} == 'refs/heads/main' ]]; then | |
echo "stage=prod" >> $GITHUB_OUTPUT | |
else | |
echo "stage=dev" >> $GITHUB_OUTPUT | |
fi | |
layer: | |
name: layer | |
runs-on: ubuntu-latest | |
needs: check_dependency_change | |
steps: | |
- name: check_file_changed | |
run: | | |
echo ${{needs.check_dependency_change.outputs.deps_changed}} | |
echo ${{needs.check_dependency_change.outputs}} | |
- uses: actions/checkout@v3 | |
- name: Use Node.js ${{ matrix.node-version }} | |
if: ${{ needs.check_dependency_change.outputs.deps_changed == 'True' }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Copy package.json | |
if: ${{ needs.check_dependency_change.outputs.deps_changed == 'True' }} | |
working-directory: ./backend/layer/dependency_layer | |
run: cp ../../services/package.json ./ && cp ../../services/yarn.lock ./ | |
- name: Install Dependency | |
if: ${{ needs.check_dependency_change.outputs.deps_changed == 'True' }} | |
working-directory: ./backend/layer/dependency_layer | |
run: yarn install --production --frozen-lockfile | |
# - name: Copy Dependency | |
# if: ${{ needs.check_dependency_change.outputs.deps_changed == 'True' }} | |
# working-directory: ./backend/layer | |
# run: | | |
# cp -r node_modules ./dependency_layer | |
# ls | |
# - name: serverless deploy develop | |
# if: ${{ needs.check_dependency_change.outputs.deps_changed == 'True'}} | |
# uses: serverless/[email protected] | |
# with: | |
# args: -c "cd ./backend/layer && serverless deploy --stage ${{ needs.check_dependency_change.outputs.stage }}" | |
# entrypoint: /bin/sh | |
# - name: serverless deploy main | |
# if: ${{ needs.check_dependency_change.outputs.deps_changed == 'True' && github.ref == 'refs/heads/main'}} | |
# uses: serverless/[email protected] | |
# with: | |
# args: -c "cd ./backend/layer && serverless deploy --stage prod" | |
# entrypoint: /bin/sh | |
deploy: | |
name: deploy | |
runs-on: ubuntu-latest | |
needs: [layer, check_dependency_change] | |
steps: | |
- uses: actions/checkout@v3 | |
# - name: Use Node.js ${{ matrix.node-version }} | |
# uses: actions/setup-node@v3 | |
# with: | |
# node-version: ${{ matrix.node-version }} | |
# - name: Install Dependency | |
# working-directory: ./backend/services | |
# run: yarn install --frozen-lockfile | |
# - name: version | |
# run: | | |
# echo "ARN1=$(aws lambda list-layer-versions --layer-name service-dependencies-mrv-${{ needs.check_dependency_change.outputs.stage }}-1 --region us-east-1 --query 'LayerVersions[0].LayerVersionArn')" >> $GITHUB_OUTPUT | |
# echo "ARN2=$(aws lambda list-layer-versions --layer-name service-dependencies-mrv-${{ needs.check_dependency_change.outputs.stage }}-2 --region us-east-1 --query 'LayerVersions[0].LayerVersionArn')" >> $GITHUB_OUTPUT | |
# id: layerArn | |
# - name: serverless deploy develop | |
# if: github.ref == 'refs/heads/develop' | |
# uses: serverless/[email protected] | |
# with: | |
# args: -c "cd ./backend/services && serverless deploy --stage ${{ needs.check_dependency_change.outputs.stage }} --param='depLayerArn1=${{ steps.layerArn.outputs.ARN1 }}' --param='depLayerArn2=${{ steps.layerArn.outputs.ARN2 }}'" | |
# entrypoint: /bin/sh | |
# - name: serverless deploy main | |
# if: github.ref == 'refs/heads/main' | |
# uses: serverless/[email protected] | |
# with: | |
# args: -c "cd ./backend/services && serverless deploy --stage prod" | |
# entrypoint: /bin/sh | |
- name: Configure AWS credentials | |
if: github.ref == 'refs/heads/develop' | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- name: Login to Amazon ECR | |
if: github.ref == 'refs/heads/develop' | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Build, tag, and push the image to Amazon ECR | |
if: github.ref == 'refs/heads/develop' | |
id: build-image | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: transparency-services | |
IMAGE_TAG: v1 | |
run: | | |
# Build a docker container and push it to ECR | |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f backend/services/Dockerfile . | |
echo "Pushing image to ECR..." | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" | |
- name: Deploy docker image to Amazon EC2 | |
if: github.ref == 'refs/heads/develop' | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: transparency-services | |
IMAGE_TAG: v1 | |
PRIVATE_KEY: ${{ secrets.AWS_SSH_KEY_PRIVATE }} | |
HOSTNAME: ${{secrets.HOST_IP}} | |
USER_NAME: ec2-user | |
run: | | |
echo "$PRIVATE_KEY" > private_key && chmod 600 private_key | |
ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} ' | |
cd repos/carbon-transparency && | |
sudo $(aws ecr get-login --no-include-email --region us-east-1) && | |
sudo docker stop carbon-transparency-national-1 carbon-transparency-async-operations-handler-1 carbon-transparency-stats-1 || true && | |
sudo docker rm carbon-transparency-national-1 carbon-transparency-async-operations-handler-1 carbon-transparency-stats-1 && | |
sudo docker pull 302213478610.dkr.ecr.us-east-1.amazonaws.com/transparency-services:v1 && | |
docker-compose -f docker-compose-image.yml up -d national stats async-operations-handler ' | |
# automated-api-tests: | |
# runs-on: ubuntu-latest | |
# needs: [deploy] | |
# steps: | |
# - uses: actions/checkout@v3 | |
# - name: Install Postman CLI | |
# run: | | |
# curl -o- "https://dl-cli.pstmn.io/install/linux64.sh" | sh | |
# - name: Login to Postman CLI | |
# run: postman login --with-api-key ${{ secrets.POSTMAN_API_KEY }} | |
# - name: Run User Create Tests | |
# if: always() | |
# run: | | |
# postman collection run "20428472-45dd524a-c260-44f4-b9c9-5f164db2264d" -e "20428472-778eb1c8-aac1-4484-a217-bcfd9a8d0df0" -d ./testing/api/user_onboarding_company4.csv | |
# - name: Run User Password Reset Tests | |
# if: always() | |
# run: | | |
# postman collection run "24647866-ba48ade2-732f-40c5-a304-509b44389ff6" -e "20428472-778eb1c8-aac1-4484-a217-bcfd9a8d0df0" -d ./testing/api/reset_password_3.csv | |
# - name: Run User View Tests | |
# if: always() | |
# run: | | |
# postman collection run "20428472-a9ecb4af-70a2-4997-a478-e554138ec3ea" -e "20428472-778eb1c8-aac1-4484-a217-bcfd9a8d0df0" -d ./testing/api/view_user_company4.csv | |
# - name: Run Programme Create Tests | |
# if: always() | |
# run: | | |
# postman collection run "24716950-471a5534-87f8-482d-93e2-6613e15d55e0" -e "20428472-778eb1c8-aac1-4484-a217-bcfd9a8d0df0" -d ./testing/api/create_project_7.csv | |
# - name: Run Programme Authorisation and Credit Transfer Tests | |
# if: always() | |
# run: | | |
# postman collection run "20428472-140d1d13-d387-4952-b956-a1a5ff7b01af" -e "20428472-778eb1c8-aac1-4484-a217-bcfd9a8d0df0" -d ./testing/api/credit_transfer_1.csv | |
# - name: Run Programme Certification and Certification Revocation Tests | |
# if: always() | |
# run: | | |
# postman collection run "20428472-d4e57d08-53ad-42a5-ba0e-3e85f449a1ed" -e "20428472-778eb1c8-aac1-4484-a217-bcfd9a8d0df0" -d ./testing/api/credit_transfer_certify_1.csv | |