Add ECR registry environment variable to release workflow #59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| AWS_REGION: us-east-1 | |
| ECR_REPOSITORY: app/web | |
| EKS_CLUSTER_NAME: EKS-lanchonete-cluster | |
| GH_TOKEN: ${{ github.token }} | |
| GITHUB_OUTPUT: $GITHUB_ENV | |
| permissions: | |
| contents: write | |
| jobs: | |
| version: | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' && github.actor != 'github-actions[bot]' | |
| runs-on: ubuntu-latest | |
| outputs: | |
| semver_tag: ${{ steps.semver-tag.outputs.semver_tag }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: List Git tags | |
| run: git fetch --tags && git tag --list | |
| - name: Calculate new version | |
| id: semver-tag | |
| uses: gandarez/[email protected] | |
| with: | |
| branching_model: "trunk-based" | |
| main_branch_name: "main" | |
| prefix: "" | |
| debug: "true" | |
| - name: Create tag | |
| uses: actions/github-script@v7 | |
| with: | |
| debug: true | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| github.rest.git.createRef({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| ref: `refs/tags/${{ steps.semver-tag.outputs.semver_tag }}`, | |
| sha: context.sha | |
| }) | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: version | |
| name: Build and push container image | |
| outputs: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to ECR registry | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| with: | |
| registry-type: private | |
| mask-password: true | |
| - name: Build and push the container image | |
| id: build | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| NEW_VERSION: ${{ needs.version.outputs.semver_tag }} | |
| run: | | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:${{ env.NEW_VERSION }} . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ env.NEW_VERSION }} | |
| # - name: update CHANGELOG.md | |
| # env: | |
| # NEW_VERSION: ${{ needs.version.outputs.semver_tag }} | |
| # run: | | |
| # if ! grep -q "\[${{ env.NEW_VERSION }}\]" CHANGELOG.md; then | |
| # sed -i "1i ## [${{ env.NEW_VERSION }}] - $(date +'%d-%m-%Y')\n\n### Added\n" CHANGELOG.md | |
| # echo $NEW_VERSION > VERSION | |
| # echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV | |
| # else | |
| # echo "Version $NEW_VERSION already exists in CHANGELOG.md. Skipping update." | |
| # fi | |
| # - name: Commit and push updated version in CHANGELOG.md | |
| # env: | |
| # NEW_VERSION: ${{ needs.version.outputs.semver_tag }} | |
| # run: | | |
| # git config user.name "github-actions[bot]" | |
| # git config user.email "github-actions[bot]@users.noreply.github.com" | |
| # git add CHANGELOG.md VERSION | |
| # git commit -m "ci: bump version to ${{ env.NEW_VERSION }}" | |
| # git push origin ${{ github.ref }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [build, version] | |
| name: Deploy to Kubernetes | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Setup Kubeconfig | |
| run: aws eks --region $AWS_REGION update-kubeconfig --name $EKS_CLUSTER_NAME | |
| - name: Deploy app in Kubernetes cluster | |
| env: | |
| NEW_VERSION: ${{ needs.version.outputs.semver_tag }} | |
| ECR_REGISTRY: ${{ needs.build.outputs.ECR_REGISTRY }} | |
| run: | | |
| source $GITHUB_ENV | |
| ENVIRONMENT=production | |
| KUSTOMIZE_DIR=$(pwd)/infra/kubernetes/production | |
| cd $KUSTOMIZE_DIR | |
| # Check if namespace exists, if not create it | |
| kubectl get namespace $ENVIRONMENT || kubectl create namespace $ENVIRONMENT | |
| IMAGE_TAG=${{ env.NEW_VERSION }} | |
| kustomize edit set image web=$ECR_REGISTRY/$ECR_REPOSITORY:${{ env.NEW_VERSION }} | |
| echo "Deploying resources in $ENVIRONMENT environment" | |
| echo "Using image version: ${{ env.NEW_VERSION }}" | |
| echo "Full image name: $ECR_REGISTRY/$ECR_REPOSITORY:${{ env.NEW_VERSION }}" | |
| kubectl apply -k $KUSTOMIZE_DIR -n $ENVIRONMENT && echo "Resources deployed successfully!" || (echo "Failed to deploy resources! Check the logs"; kubectl describe pods -n $ENVIRONMENT; exit 1) |