From 171907102a5c5cd861ec422a1d8149c0508a3f94 Mon Sep 17 00:00:00 2001 From: christopher Maboh Date: Fri, 25 Oct 2024 17:49:03 -0400 Subject: [PATCH] PLT-695: Update AB2D prod-test ECR tag to avoid overlap with prod (#1408) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## 🎫 Ticket [PLT-695](https://jira.cms.gov/browse/PLT-695) ## 🛠 Changes promote workflow updated to tag prod-test env images with the "ab2d-prod-test" prefix. ## ℹ️ Context The current tagging of ab2d-east-prod and ab2d-east-prod-test images causes issues. ECR lifecycle policies are based on prefixes. Essentially, a policy on the ab2d-east-prod prefix will include ab2d-east-prod-test images in its count and may delete all prod images older than any new prod-test images. ## 🧪 Validation Check Workflow Execution: Confirm that the workflow ran successfully in GitHub Actions. Confirm Image Tags: Go to the Amazon ECR repository in the AWS console. Verify that the images have new tags (e.g., ab2d-prod-test-latest, ab2d-sbx-latest, etc., depending on the environment). Run Deployment: Trigger the deployment pipeline for the environment where this workflow was tested. Confirm that the deployment succeeds without errors. Check Logs for Any Issues: Review logs from GitHub Actions and AWS CloudWatch for any error messages. Verify Application Functionality: Access the application (in the test or production environment as appropriate) to ensure it’s working correctly with the newly tagged images. --------- Co-authored-by: Maboh Christopher --- .github/workflows/promote.yml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index f167abfff..d4a8181af 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -38,9 +38,18 @@ jobs: with: aws-region: ${{ vars.AWS_REGION }} role-to-assume: arn:aws:iam::${{ secrets.MGMT_ACCOUNT_ID }}:role/delegatedadmin/developer/ab2d-mgmt-github-actions - - name: Retag images in ECR + + - name: Set environment variables env: DEPLOYMENT_ENV: ${{ vars[format('{0}_DEPLOYMENT_ENV', inputs.environment)] }} + run: | + if [ "${{ inputs.environment }}" == "prod_test" ]; then + echo "TAG_PREFIX=ab2d-prod-test" >> $GITHUB_ENV + else + echo "TAG_PREFIX=ab2d-$DEPLOYMENT_ENV" >> $GITHUB_ENV + + - name: Retag images in ECR + env: ECR_REPO_DOMAIN: ${{ secrets.MGMT_ACCOUNT_ID }}.dkr.ecr.${{ vars.AWS_REGION }}.amazonaws.com ECR_REPO: ab2d_${{ inputs.module }} run: | @@ -51,10 +60,10 @@ jobs: echo "Getting the manifest of the image tagged main-$SHA_SHORT" MANIFEST="$(curl -sS -H "Authorization: Basic $TOKEN" -H "Accept: $CONTENT_TYPE" "https://$ECR_REPO_DOMAIN/v2/$ECR_REPO/manifests/main-$SHA_SHORT")" - SHA_TAG="ab2d-$DEPLOYMENT_ENV-$SHA_SHORT" + SHA_TAG="$TAG_PREFIX-$SHA_SHORT" echo "Adding the $SHA_TAG tag to main-$SHA_SHORT image" curl -sS -X PUT -H "Authorization: Basic $TOKEN" -H "Content-Type: $CONTENT_TYPE" -d "$MANIFEST" "https://$ECR_REPO_DOMAIN/v2/$ECR_REPO/manifests/$SHA_TAG" - LATEST_TAG="ab2d-$DEPLOYMENT_ENV-latest" + LATEST_TAG="$TAG_PREFIX-latest" echo "Adding the $LATEST_TAG tag to main-$SHA_SHORT image" curl -sS -X PUT -H "Authorization: Basic $TOKEN" -H "Content-Type: $CONTENT_TYPE" -d "$MANIFEST" "https://$ECR_REPO_DOMAIN/v2/$ECR_REPO/manifests/$LATEST_TAG"