Skip to content

deploy-every-commit #54

deploy-every-commit

deploy-every-commit #54

name: Build and Push Docker Image with Tags
on:
push: # Trigger on push events (including tags)
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
build-and-push:
runs-on: ubuntu-latest # Adjust OS as needed
steps:
- uses: actions/checkout@v3
- name: configure aws credentials
uses: aws-actions/[email protected]
with:
role-to-assume: arn:aws:iam::537748208826:role/github-action
role-session-name: github-actions-ecr-access-role
aws-region: us-east-1
- name: Login to ECR
run: |
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 537748208826.dkr.ecr.us-east-1.amazonaws.com
- name: Build base image
run: |
docker build -t base-image . # Replace with your base image build command (if applicable)
- name: Build and tag the image (default for non-tags)
run: |
docker build -t 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA .
- name: Build and tag with 'latest' for main branch
if: github.ref == 'refs/heads/main' # Checks if the push is to the main branch
run: |
docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:latest
- name: Build and tag with git tag version
if: startsWith(github.ref, 'refs/tags/') # Checks if the push is a git tag
run: |
# Extract the tag name from the ref
tag_name=${GITHUB_REF##refs/tags/}
docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$tag_name
- name: Push image with 'latest' tag for main branch
if: github.ref == 'refs/heads/main'
run: |
docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:latest
docker push 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:latest
- name: Push image with git tag version
if: startsWith(github.ref, 'refs/tags/') # Checks if the push is a git tag
run: |
# Extract the tag name from the ref
tag_name=${GITHUB_REF##refs/tags/}
docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$tag_name
docker push 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$tag_name
- name: Push image with SHA tag
run: |
docker push 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA
- name: Generate ArgoCD application manifest
run: |
yq eval '.spec.source.helm.parameters[0].value = env(GITHUB_SHA)' argo-template.yml> argocd.yaml
cat argocd.yaml
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::537748208826:role/github-actions-to-eks
aws-region: us-east-1
- name: Generate kubeconfig
run: |
{
echo 'KUBE_CONFIG<<EOF'
aws eks update-kubeconfig --region us-east-1 --name prod-eks-2 --dry-run | base64
echo EOF
} >> "$GITHUB_ENV"
- uses: tale/kubectl-action@v1
with:
base64-kube-config: ${{ env.KUBE_CONFIG }}
- run: kubectl apply -f argocd.yaml