-
Notifications
You must be signed in to change notification settings - Fork 24
141 lines (126 loc) · 4.95 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Continuous Integration
on:
workflow_run:
workflows: ["Automated Tests"]
branches: [master]
types:
- completed
workflow_dispatch:
inputs:
deploy_env:
description: "Select the target environment"
required: false
default: staging
type: choice
options:
- staging
- prod
git_ref:
description: "Enter Git hash or branch"
required: false
default: master
jobs:
deploy:
runs-on: ubuntu-latest
if: |
github.event_name == 'workflow_dispatch' ||
(
github.event_name == 'workflow_run' &&
github.event.workflow_run.conclusion == 'success'
)
env:
STAGING_DEPLOY_ROLE_ARN: ${{ vars.STAGING_DEPLOY_ROLE_ARN }}
PROD_DEPLOY_ROLE_ARN: ${{ vars.PROD_DEPLOY_ROLE_ARN }}
DEPLOY_ENV: ${{ github.event.inputs.deploy_env || 'staging' }}
steps:
- name: Workflow details
run: |
echo "Event: ${{ github.event_name }}"
echo "Git reference: ${{ github.event.inputs.git_ref || github.ref }}"
echo "Environment: ${{ env.DEPLOY_ENV }}"
- name: Checkout application repository
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.git_ref }}
- name: Set short Git SHA
run: |
SHORT_GIT_SHA=$(git rev-parse HEAD | cut -c1-7)
echo "SHORT_GIT_SHA=$SHORT_GIT_SHA" >> "$GITHUB_ENV"
echo "Git SHA: ${SHORT_GIT_SHA}"
- name: Checkout deploy repository
uses: actions/checkout@v4
with:
repository: "researchhub/researchhub-internal-utils"
ref: main
path: researchhub-internal-utils
token: ${{ secrets.PAT }}
- name: Copy Beanstalk configuration files
run: |
cp -r researchhub-internal-utils/deploy/backend/config/.ebextensions \
researchhub-internal-utils/deploy/backend/config/.platform \
researchhub-internal-utils/deploy/backend/config/Procfile \
src
- name: Generate Beanstalk deployment package
run: |
mkdir -p target
cd src
zip -r ../target/deploy.zip . -x '*.git*'
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: "backend-${{ env.SHORT_GIT_SHA }}"
path: target/deploy.zip
- name: Get deploy role ARN
id: get-role-arn
run: |
role_arn_name=${DEPLOY_ENV^^}_DEPLOY_ROLE_ARN
role_arn=$(eval echo \$$role_arn_name)
echo "::set-output name=role_arn::$role_arn"
- name: Configure AWS credentials with assume role
id: aws_credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.NEW_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.NEW_AWS_SECRET_ACCESS_KEY }}
role-to-assume: ${{ steps.get-role-arn.outputs.role_arn }}
role-session-name: github-actions-beanstalk-session
role-duration-seconds: 1200
role-skip-session-tagging: true
aws-region: us-west-2
output-credentials: true
- name: Deploy ${{ env.DEPLOY_ENV }} Backend - API
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
application_name: backend
environment_name: ${{ env.DEPLOY_ENV }}-backend-api
version_label: ${{ env.SHORT_GIT_SHA }}
use_existing_version_if_available: true
region: us-west-2
deployment_package: target/deploy.zip
wait_for_environment_recovery: 120
- name: Deploy ${{ env.DEPLOY_ENV }} Backend - Main Worker
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
application_name: backend
environment_name: ${{ env.DEPLOY_ENV }}-backend-worker-main
version_label: ${{ env.SHORT_GIT_SHA }}
use_existing_version_if_available: true
region: us-west-2
deployment_package: target/deploy.zip
wait_for_environment_recovery: 120
- name: Deploy ${{ env.DEPLOY_ENV }} Backend - Cermine Worker
uses: einaregilsson/beanstalk-deploy@v22
with:
aws_access_key: ${{ steps.aws_credentials.outputs.aws-access-key-id }}
aws_secret_key: ${{ steps.aws_credentials.outputs.aws-secret-access-key }}
application_name: backend
environment_name: ${{ env.DEPLOY_ENV }}-backend-worker-cermine
version_label: ${{ env.SHORT_GIT_SHA }}
use_existing_version_if_available: true
region: us-west-2
deployment_package: target/deploy.zip
wait_for_environment_recovery: 120