This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Docker Image with Tags | |
| on: | |
| push: # Trigger on push events (including tags) | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest # Adjust OS as needed | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: configure aws credentials | |
| uses: aws-actions/[email protected] | |
| with: | |
| role-to-assume: arn:aws:iam::537748208826:role/github-action | |
| role-session-name: github-actions-ecr-access-role | |
| aws-region: us-east-1 | |
| - name: Login to ECR | |
| run: | | |
| aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 537748208826.dkr.ecr.us-east-1.amazonaws.com | |
| - name: Build base image | |
| run: | | |
| docker build -t base-image . # Replace with your base image build command (if applicable) | |
| - name: Build and tag the image (default for non-tags) | |
| run: | | |
| docker build -t 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA . | |
| - name: Build and tag with 'latest' for main branch | |
| if: github.ref == 'refs/heads/main' # Checks if the push is to the main branch | |
| run: | | |
| docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:latest | |
| - name: Build and tag with git tag version | |
| if: startsWith(github.ref, 'refs/tags/') # Checks if the push is a git tag | |
| run: | | |
| # Extract the tag name from the ref | |
| tag_name=${GITHUB_REF##refs/tags/} | |
| docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$tag_name | |
| - name: Push image with 'latest' tag for main branch | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:latest | |
| docker push 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:latest | |
| - name: Push image with git tag version | |
| if: startsWith(github.ref, 'refs/tags/') # Checks if the push is a git tag | |
| run: | | |
| # Extract the tag name from the ref | |
| tag_name=${GITHUB_REF##refs/tags/} | |
| docker tag 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$tag_name | |
| docker push 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$tag_name | |
| - name: Push image with SHA tag | |
| run: | | |
| docker push 537748208826.dkr.ecr.us-east-1.amazonaws.com/carrot-bot:$GITHUB_SHA | |
| - name: Generate ArgoCD application manifest | |
| run: | | |
| yq eval '.spec.source.helm.parameters[0].value = env(GITHUB_SHA)' argo-template.yml> argocd.yaml | |
| cat argocd.yaml | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::537748208826:role/github-actions-to-eks | |
| aws-region: us-east-1 | |
| - name: Generate kubeconfig | |
| run: | | |
| { | |
| echo 'KUBE_CONFIG<<EOF' | |
| aws eks update-kubeconfig --region us-east-1 --name prod-eks-2 --dry-run | base64 | |
| echo EOF | |
| } >> "$GITHUB_ENV" | |
| - uses: tale/kubectl-action@v1 | |
| with: | |
| base64-kube-config: ${{ env.KUBE_CONFIG }} | |
| - run: kubectl apply -f argocd.yaml |