-
Notifications
You must be signed in to change notification settings - Fork 0
163 lines (139 loc) · 5.36 KB
/
dev-api-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
name: CI/CD Pipeline for Dev API
on:
push:
branches:
- develop
paths-ignore:
- 'scheduler/**'
- '.github/**'
jobs:
build:
runs-on: ubuntu-latest
env:
MODULE_NAME: application
steps:
- name: Parse combined secrets
id: parse_secrets
run: |
echo "Extracting secrets..."
echo '${{ secrets.DEV_API_META_DATA }}' | jq -r 'to_entries | .[] | "echo \(.key)=\(.value) >> $GITHUB_ENV"' | bash
- name: Checkout source code
uses: actions/checkout@v3
with:
token: ${{ env.TOKEN_GITHUB }}
submodules: true
- name: Set up JDK 17
uses: actions/setup-java@v1
with:
java-version: 17
- name: Grant execute permission for gradlew
run: chmod +x gradlew
shell: bash
- name: Build with Gradle
run: SPRING_PROFILES_ACTIVE=test ./gradlew :${{ env.MODULE_NAME }}:clean :${{ env.MODULE_NAME }}:copyDocument :${{ env.MODULE_NAME }}:jar :${{ env.MODULE_NAME }}:build
shell: bash
- name: Upload build artifact (JAR and Dockerfile)
uses: actions/upload-artifact@v3
with:
name: build-artifacts
path: |
./${{ env.MODULE_NAME }}/build/libs/*.jar
./${{ env.MODULE_NAME }}/Dockerfile
dockerize:
runs-on: ubuntu-latest
needs: build
steps:
- name: Parse combined secrets
id: parse_secrets
run: |
echo "Extracting secrets..."
echo '${{ secrets.DEV_API_META_DATA }}' | jq -r 'to_entries | .[] | "echo \(.key)=\(.value) >> $GITHUB_ENV"' | bash
- name: Download build artifact (JAR and Dockerfile)
uses: actions/download-artifact@v3
with:
name: build-artifacts
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Log in to Amazon ECR Public
run: |
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ env.ECR_REPOSITORY_URI }}
- name: Build Docker image
run: docker build --build-arg PROFILE=${{ env.ENVIRONMENT }} -t ${{ env.ECR_REPOSITORY_URI }}:latest .
- name: Push Docker image to Amazon ECR
run: docker push ${{ env.ECR_REPOSITORY_URI }}:latest
generate-appspec:
runs-on: ubuntu-latest
needs: dockerize
steps:
- name: Parse combined secrets
id: parse_secrets
run: |
echo "Extracting secrets..."
echo '${{ secrets.DEV_API_META_DATA }}' | jq -r 'to_entries | .[] | "echo \(.key)=\(.value) >> $GITHUB_ENV"' | bash
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Get the latest Task Definition ARN
id: task_definition
run: |
TASK_DEF_ARN=$(aws ecs describe-services \
--cluster ${{ env.ECS_CLUSTER_NAME }} \
--services ${{ env.ECS_SERVICE_NAME }} \
--query 'services[0].taskDefinition' --output text)
echo "TASK_DEF_ARN=$TASK_DEF_ARN" >> $GITHUB_ENV
- name: Generate appspec.yaml
run: |
cat <<EOF > ./appspec.yaml
version: 0.0
Resources:
- TargetService:
Type: AWS::ECS::Service
Properties:
TaskDefinition: "$TASK_DEF_ARN"
LoadBalancerInfo:
ContainerName: ${{ env.CONTAINER_NAME }}
ContainerPort: ${{ env.CONTAINER_PORT }}
CapacityProviderStrategy:
- CapacityProvider: "FARGATE_SPOT"
Base: 0
Weight: 1
EOF
- name: Upload appspec.yaml
uses: actions/upload-artifact@v3
with:
name: appspec-artifact
path: ./appspec.yaml
deploy:
runs-on: ubuntu-latest
needs: generate-appspec
steps:
- name: Parse combined secrets
id: parse_secrets
run: |
echo "Extracting secrets..."
echo '${{ secrets.DEV_API_META_DATA }}' | jq -r 'to_entries | .[] | "echo \(.key)=\(.value) >> $GITHUB_ENV"' | bash
- name: Download appspec artifact
uses: actions/download-artifact@v3
with:
name: appspec-artifact
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Create Codedeploy deployment
run: |
APPSPEC_CONTENT=$(cat appspec.yaml | jq -sR .)
aws deploy create-deployment \
--application-name ${{ env.CODEDEPLOY_APP_NAME }} \
--deployment-group-name ${{ env.CODEDEPLOY_DEPLOYMENT_GROUP }} \
--deployment-config-name CodeDeployDefault.ECSAllAtOnce \
--revision "{\"revisionType\":\"AppSpecContent\",\"appSpecContent\":{\"content\":$APPSPEC_CONTENT}}"