CI/CD - ECR/ECS Python Deployment Test #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Copyright The Linux Foundation and each contributor to CommunityBridge. | |
# SPDX-License-Identifier: MIT | |
name: Build Docker in DEV | |
on: | |
pull_request: | |
branches: | |
- main | |
env: | |
AWS_REGION: us-east-1 | |
AWS_ECR_REGION: us-east-1 | |
AWS_PROFILE: lf-cla | |
STAGE: dev | |
REPOSITORY: lfx-easycla-dev | |
ECR_HOST: ${{secrets.AWS_ACCOUNT_ID}}.dkr.ecr.us-east-1.amazonaws.com | |
jobs: | |
build-docker-dev: | |
runs-on: ubuntu-latest | |
environment: dev | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Available Build Platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
aws-region: us-east-1 | |
role-duration-seconds: 900 | |
- name: Setup AWS Profile | |
run: | | |
echo "Installing Profile '${AWS_PROFILE}'..." | |
mkdir -p ~/.aws | |
touch ~/.aws/config | |
if ! grep -q AWS_PROFILE ~/.aws/config; then | |
printf "[profile ${AWS_PROFILE}]\nregion=${AWS_REGION}\noutput=json" > ~/.aws/config | |
echo "Added ${AWS_PROFILE} profile to ~/.aws/config" | |
else | |
echo "Skipped adding ${AWS_PROFILE} to ~/.aws/config - already there" | |
fi | |
touch ~/.aws/credentials | |
if ! grep -q AWS_PROFILE ~/.aws/credentials; then | |
printf "[${AWS_PROFILE}]\naws_access_key_id=${{ secrets.AWS_ACCESS_KEY }}\naws_secret_access_key=${{ secrets.AWS_SECRET_KEY }}" > ~/.aws/credentials | |
echo "Added ${AWS_PROFILE} profile to ~/.aws/credentials" | |
else | |
echo "Skipped adding ${AWS_PROFILE} to ~/.aws/credentials - already there" | |
fi | |
if ! grep -q AWS_PROFILE ${HOME}/.bashrc; then | |
echo "export AWS_PROFILE=${AWS_PROFILE}" >> ${HOME}/.bashrc | |
echo "Added ${AWS_PROFILE} profile to ${HOME}/.bashrc" | |
else | |
echo "Skipped adding ${AWS_PROFILE} to ${HOME}/.bashrc - already there" | |
fi | |
- name: Build Docker Image | |
working-directory: cla-backend | |
run: | | |
# Create a new builder, named container, that uses the Docker container driver | |
echo "Creating a new builder container..." | |
docker buildx create --name container --driver=docker-container | |
echo "Building image with tag: ${ECR_HOST}/${REPOSITORY}:${{github.sha}}" | |
docker buildx build --platform=linux/arm64 --builder=container --tag ${ECR_HOST}/${REPOSITORY}:${{github.sha}} . | |
echo "Building image with tag: ${ECR_HOST}/${REPOSITORY}:latest" | |
docker buildx build --platform=linux/arm64 --builder=container --tag ${ECR_HOST}/${REPOSITORY}:latest . | |
# Note, unlike when using the default docker driver, images built with the docker-container driver must be explicitly loaded into the local image store. Use the --load flag | |
echo "Loading the image into the image store..." | |
docker buildx build --platform=linux/arm64 --builder=container --load --tag ${ECR_HOST}/${REPOSITORY}:${{github.sha}} . | |
docker buildx build --platform=linux/arm64 --builder=container --load --tag ${ECR_HOST}/${REPOSITORY}:latest . |