Push to ECR and deploy

.github/workflows/cd.yml

@@ -0,0 +1,63 @@
+name: Fleetbase CI/CD
+
+on:
+  push:
+    branches: [ "deploy/*" ]
+
+concurrency:
+    group: ${{ github.ref }}
+    cancel-in-progress: true
+
+env:
+  PROJECT: fleetbase
+jobs:
+  build:
+    name: Build and Start Docker Services
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write # This is required for requesting the JWT
+      contents: read  # This is required for actions/checkout
+
+
+    steps:
+    - name: Checkout Code
+      uses: actions/checkout@v3
+      with:
+        submodules: recursive
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Set dynamic env vars
+      run: |
+          SHORT_COMMIT=$(echo $GITHUB_SHA | cut -c -8)
+          echo "VERSION=${SHORT_COMMIT}" >> $GITHUB_ENV
+          echo "STACK=$(basename $GITHUB_REF)" >> $GITHUB_ENV
+
+    - name: configure aws credentials
+      uses: aws-actions/configure-aws-credentials@v2
+      with:
+        role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_NUMBER }}:role/${{ env.PROJECT }}-${{ env.STACK }}-deployer
+        role-session-name: github
+        aws-region: ${{ secrets.AWS_REGION }}
+
+    - name: Login to Amazon ECR
+      id: login-ecr
+      uses: aws-actions/amazon-ecr-login@v1
+
+    - name: Build and release
+      uses: docker/bake-action@v2
+      env: 
+        REGISTRY: ${{ steps.login-ecr.outputs.registry }}/${{ env.PROJECT }}-${{ env.STACK }}
+        VERSION: ${{ env.VERSION }}
+      with:
+        push: true
+        files: |
+          ./docker-bake.hcl
+    - name: Download ecs-tool
+      run: |
+          wget -O ecs-tool.tar.gz https://github.com/springload/ecs-tool/releases/download/1.9.6/ecs-tool_1.9.6_linux_amd64.tar.gz && tar -xvf ecs-tool.tar.gz ecs-tool
+    - name: Deploy the images
+      run: |-
+          set -eu
+          ./ecs-tool deploy --image_tag '{container_name}-${{ env.VERSION }}' --cluster ${{ env.PROJECT }}-${{ env.STACK }} -s app -s scheduler -s events

docker-bake.hcl

@@ -1,7 +1,6 @@
 // docker-bake.hcl
 variable "REGISTRY" { default = "" }
-variable "tags" { default = "[]" }
-target "docker-metadata-action" {}
+variable "VERSION" { default = "latest" }
 
 group "default" {
   targets = ["app", "app-httpd"]
@@ -10,11 +9,6 @@ group "default" {
 target "app" {
   name = "app-${tgt}"
 
-  // here we inherit from docker-metadata-action to get
-  // labels for the image
-  // Labels are used to connect the built packages to the repository.
-  inherits = ["docker-metadata-action"]
-
   // use matrix strategy to build several targets at once
   matrix = {
     tgt = ["app", "scheduler", "events"]
@@ -28,21 +22,12 @@ target "app" {
   ]
 
   tags = notequal("", REGISTRY) ? formatlist(
-    "${REGISTRY}/fleetbase-${tgt}:%s",
-    // some magic happens here:
-    // We replace "willbereplaced:" with "" to get rid of the fake image
-    // then we decode the json object passed as a string into a list of tags
-    // then we concat that with "latest"
-    // So in the end we'll get something like ["latest". "1.0". "1.0.0"]
-    // Then formatlist will prepend the registry and image name to each of
-    // the tags
-    concat(["latest"], jsondecode(replace(tags, "willbereplaced:", "")))
+    "${REGISTRY}:${tgt}-%s",
+    compact(["latest", VERSION])
   ) : []
 }
 
 target "app-httpd" {
-  inherits = ["docker-metadata-action"]
-
   context    = "./"
   dockerfile = "docker/httpd/Dockerfile"
   platforms = [
@@ -50,7 +35,7 @@ target "app-httpd" {
   ]
 
   tags = notequal("", REGISTRY) ? formatlist(
-    "${REGISTRY}/fleetbase-app-httpd:%s",
-    concat(["latest"], jsondecode(replace(tags, "willbereplaced:", "")))
+    "${REGISTRY}:app-httpd-%s",
+    compact(["latest", VERSION])
   ) : []
 }