From 1b4993cb9335cfe0064bee3793c90382f4ca4eb6 Mon Sep 17 00:00:00 2001 From: Eugene Dementyev Date: Mon, 24 Jul 2023 22:31:39 +1200 Subject: [PATCH] Push to ECR and deploy --- .github/workflows/cd.yml | 63 ++++++++++++++++++++++++++++++++++++++++ docker-bake.hcl | 25 ++++------------ 2 files changed, 68 insertions(+), 20 deletions(-) create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 00000000..6c751503 --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,63 @@ +name: Fleetbase CI/CD + +on: + push: + branches: [ "deploy/*" ] + +concurrency: + group: ${{ github.ref }} + cancel-in-progress: true + +env: + PROJECT: fleetbase +jobs: + build: + name: Build and Start Docker Services + runs-on: ubuntu-latest + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + + + steps: + - name: Checkout Code + uses: actions/checkout@v3 + with: + submodules: recursive + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Set dynamic env vars + run: | + SHORT_COMMIT=$(echo $GITHUB_SHA | cut -c -8) + echo "VERSION=${SHORT_COMMIT}" >> $GITHUB_ENV + echo "STACK=$(basename $GITHUB_REF)" >> $GITHUB_ENV + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_NUMBER }}:role/${{ env.PROJECT }}-${{ env.STACK }}-deployer + role-session-name: github + aws-region: ${{ secrets.AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Build and release + uses: docker/bake-action@v2 + env: + REGISTRY: ${{ steps.login-ecr.outputs.registry }}/${{ env.PROJECT }}-${{ env.STACK }} + VERSION: ${{ env.VERSION }} + with: + push: true + files: | + ./docker-bake.hcl + - name: Download ecs-tool + run: | + wget -O ecs-tool.tar.gz https://github.com/springload/ecs-tool/releases/download/1.9.6/ecs-tool_1.9.6_linux_amd64.tar.gz && tar -xvf ecs-tool.tar.gz ecs-tool + - name: Deploy the images + run: |- + set -eu + ./ecs-tool deploy --image_tag '{container_name}-${{ env.VERSION }}' --cluster ${{ env.PROJECT }}-${{ env.STACK }} -s app -s scheduler -s events diff --git a/docker-bake.hcl b/docker-bake.hcl index 3945d2da..854fa39e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -1,7 +1,6 @@ // docker-bake.hcl variable "REGISTRY" { default = "" } -variable "tags" { default = "[]" } -target "docker-metadata-action" {} +variable "VERSION" { default = "latest" } group "default" { targets = ["app", "app-httpd"] @@ -10,11 +9,6 @@ group "default" { target "app" { name = "app-${tgt}" - // here we inherit from docker-metadata-action to get - // labels for the image - // Labels are used to connect the built packages to the repository. - inherits = ["docker-metadata-action"] - // use matrix strategy to build several targets at once matrix = { tgt = ["app", "scheduler", "events"] @@ -28,21 +22,12 @@ target "app" { ] tags = notequal("", REGISTRY) ? formatlist( - "${REGISTRY}/fleetbase-${tgt}:%s", - // some magic happens here: - // We replace "willbereplaced:" with "" to get rid of the fake image - // then we decode the json object passed as a string into a list of tags - // then we concat that with "latest" - // So in the end we'll get something like ["latest". "1.0". "1.0.0"] - // Then formatlist will prepend the registry and image name to each of - // the tags - concat(["latest"], jsondecode(replace(tags, "willbereplaced:", ""))) + "${REGISTRY}:${tgt}-%s", + compact(["latest", VERSION]) ) : [] } target "app-httpd" { - inherits = ["docker-metadata-action"] - context = "./" dockerfile = "docker/httpd/Dockerfile" platforms = [ @@ -50,7 +35,7 @@ target "app-httpd" { ] tags = notequal("", REGISTRY) ? formatlist( - "${REGISTRY}/fleetbase-app-httpd:%s", - concat(["latest"], jsondecode(replace(tags, "willbereplaced:", ""))) + "${REGISTRY}:app-httpd-%s", + compact(["latest", VERSION]) ) : [] }