cd #17
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Continuous Delivery Workflow | |
# | |
# This should happen whenever we push a new tag, and we tag an existing | |
# commit after we know it's good (e.g., has been tested). | |
# | |
# To create a new tag, we also need to update the package.json version: | |
# | |
# $ npm version 0.5.0 | |
# | |
# This will update `version` in package.json to `0.5.0` and create a new | |
# tag, `v0.5.0` in git. We'll then use this tag (i.e., `v0.5.0`) to tag | |
# our docker image before we push to AWS. | |
name: cd | |
on: | |
push: | |
# Whenever a new tag is pushed | |
tags: | |
# Any tag starting with v... should trigger this workflow. | |
- 'v**' | |
jobs: | |
# NOTE: this assumes our CI jobs have already passed previously | |
# (i.e., that we don't tag a commit manually until we know a build is working) | |
aws: | |
name: AWS | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
# NOTE: ending and restarting the Learner Lab will void these secrets, | |
# update them if you are doing this during a new session: | |
# `Error: The security token included in the request is expired` | |
- name: Configure AWS Credentials using Secrets | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
# Use our github encrypted secrets | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} | |
# Hard-code our region, which isn't a secret, and won't change | |
aws-region: us-east-1 | |
# Login to our ECR repository using credentials | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build and push to Amazon ECR repository | |
env: | |
# Define an Environment variable with out ECR registry, getting | |
# the value from the previous step's outputs | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
# Define an Environment variable with our ECR Repository name | |
ECR_REPO: fragments | |
# We'll give this image two different tags. First, we'll use the git tag (vX.Y.Z) | |
# so that we can always go back and re-create this setup again in the future | |
# if we have to test or debug something. Second, we'll also replace the | |
# `latest` tag, since this is our most up-to-date version. | |
VERSION_TAG: ${{ github.ref_name }} | |
uses: docker/build-push-action@v4 | |
with: | |
push: true | |
tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPO }}:${{ env.VERSION_TAG }}, ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPO }}:latest | |
# We need to update our fragment's Task Definition JSON | |
# (i.e., fragments-definition.json) to use the newly | |
# updated Docker Image to use (i.e., the tag we just pushed to ECR). | |
# We can also update/set the environment variables if we want. | |
- name: Fill in the new image ID in the Amazon ECS task definition | |
id: update-task-def | |
uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPO: fragments | |
VERSION_TAG: ${{ github.ref_name }} | |
with: | |
task-definition: fragments-definition.json | |
container-name: fragments-container | |
# Use the image we just built and pushed to ECR for this tag | |
image: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPO }}:${{ env.VERSION_TAG }} | |
# Add all the necessary environment variables, using GitHub Encrypted Secrets | |
# for any values that should not be checked into git directly. Here are | |
# a few to get you started, but you should fill in the rest yourself. | |
environment-variables: | | |
LOG_LEVEL=debug | |
NODE_ENV=production | |
AWS_COGNITO_POOL_ID=${{ secrets.AWS_COGNITO_POOL_ID }} | |
AWS_COGNITO_CLIENT_ID=${{ secrets.AWS_COGNITO_CLIENT_ID }} | |
API_URL=http://fragments-lb-1228717397.us-east-1.elb.amazonaws.com | |
- name: Deploy Amazon ECS task definition | |
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
with: | |
task-definition: ${{ steps.update-task-def.outputs.task-definition }} | |
cluster: fragments-cluster | |
service: fragments-service | |
wait-for-service-stability: true |